Search...

JourneyMap 5.0.0RC2 Ultimate Edition - DoS

2014-12-15T00:00:00

ID 1337DAY-ID-23004
Type zdt
Reporter CovertCodes
Modified 2014-12-15T00:00:00

Description

Exploit for multiple platform in category dos / poc

                                        
                                            # Exploit Title: JourneyMap Disk-space consumption exploit
# Date: 23Nov2014
# Exploit Author: CovertCodes
# Vendor Homepage: http://journeymap.techbrew.net/
# Software Link: http://journeymap.techbrew.net/download/
# Version: 5.0.0RC2 Ultimate Edition
# Tested on: Linux
 
 
  JourneyMap (http://journeymap.techbrew.net/) is a mapping mod for
Minecraft.  It comes included with some modpacks, and is enabled by
default in the popular Feed the Beast client.  JourneyMap opens a web
server on the client which is configured to listen on port 8080.  When
the client is running, a remote, unauthenticated user can have
JourneyMap save a screenshot of the game to the hard drive by accessing
a specific URL, consuming hard drive space.  Here's an example:
 
#!/bin/bash
   while true;
     do
     curl -o /dev/null 192.168.1.1:8080/action?type=savemap&mapType=day
   done
 
   This works even when the client has paused the game (by pressing
escape.)  We include mapType=day because the software should refuse to
save a screenshot if the client user is underground, and the game is set
on hardcore mode.
 
   Accessing the URL and triggering a screenshot will display a message
on the client's screen, which may somewhat lessen the severity of this
exploit.  Further, it takes a long time to fill up disk using this
technique.  JourneyMap allows depth and resolution to be specified in
the URL as well, though a few simple tests showed no change despite
altering these parameters.  If one were able to increase the depth and
resolution of the image, the drive would fill up faster.
 
   Tested with JourneyMap 5.0.0RC2 Ultimate Edition, but presumed to
work on other versions as well.

#  0day.today [2018-04-11]  #

JSON Vulners Source

Initial Source

{"id": "1337DAY-ID-23004", "type": "zdt", "bulletinFamily": "exploit", "title": "JourneyMap 5.0.0RC2 Ultimate Edition - DoS", "description": "Exploit for multiple platform in category dos / poc", "published": "2014-12-15T00:00:00", "modified": "2014-12-15T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://0day.today/exploit/description/23004", "reporter": "CovertCodes", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2018-04-11T11:47:43", "viewCount": 17, "enchantments": {"score": {"value": -0.9, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": -0.9}, "sourceHref": "https://0day.today/exploit/23004", "sourceData": "# Exploit Title: JourneyMap Disk-space consumption exploit\r\n# Date: 23Nov2014\r\n# Exploit Author: CovertCodes\r\n# Vendor Homepage: http://journeymap.techbrew.net/\r\n# Software Link: http://journeymap.techbrew.net/download/\r\n# Version: 5.0.0RC2 Ultimate Edition\r\n# Tested on: Linux\r\n \r\n \r\n JourneyMap (http://journeymap.techbrew.net/) is a mapping mod for\r\nMinecraft. It comes included with some modpacks, and is enabled by\r\ndefault in the popular Feed the Beast client. JourneyMap opens a web\r\nserver on the client which is configured to listen on port 8080. When\r\nthe client is running, a remote, unauthenticated user can have\r\nJourneyMap save a screenshot of the game to the hard drive by accessing\r\na specific URL, consuming hard drive space. Here's an example:\r\n \r\n#!/bin/bash\r\n while true;\r\n do\r\n curl -o /dev/null 192.168.1.1:8080/action?type=savemap&mapType=day\r\n done\r\n \r\n This works even when the client has paused the game (by pressing\r\nescape.) We include mapType=day because the software should refuse to\r\nsave a screenshot if the client user is underground, and the game is set\r\non hardcore mode.\r\n \r\n Accessing the URL and triggering a screenshot will display a message\r\non the client's screen, which may somewhat lessen the severity of this\r\nexploit. Further, it takes a long time to fill up disk using this\r\ntechnique. JourneyMap allows depth and resolution to be specified in\r\nthe URL as well, though a few simple tests showed no change despite\r\naltering these parameters. If one were able to increase the depth and\r\nresolution of the image, the drive would fill up faster.\r\n \r\n Tested with JourneyMap 5.0.0RC2 Ultimate Edition, but presumed to\r\nwork on other versions as well.\n\n# 0day.today [2018-04-11] #", "_state": {"dependencies": 1645312326}}