lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <4B0CFA7F.4050607@acunetix.com> Date: Wed, 25 Nov 2009 11:35:59 +0200 From: Bogdan Calin <bogdan@...netix.com> To: Moritz Naumann <security@...itz-naumann.com> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: PHP "multipart/form-data" denial of service > > Thanks for the good description and test results, Bogdan. Thank you very much Moritz. >> Proof of concept >> ----------------- >> I'm not going to publish the proof of concept Python script. >> If you have a valid reason why you would need the proof of concept, you >> can contact me at this email address (bogdan [at] acunetix.com). > > Someone has apparently written one in bash: > http://www.paste-it.com/view/77958658 > If testing for IT security issues wasn't practically illegalized in > Germany I might even have done it myself. > > This script wasn't so effective when I tested it here, but it did work > after I spawned a couple processes. It takes it quite a while to prepare > the requests, though, and without the randomization stuff and with >> =python this could probably be done much faster. I don't think bash is a good choice for writing this kind of exploits. My Python script is using threads to make the attack more effective. BTW, this is not the only proof of concept published until now. There are at least 2 more exploits published for this vulnerability. Even my python script got leaked somehow on packetstorm. It was bound to happen sooner or later. -- Bogdan Calin - bogdan@...netix.com CTO Acunetix Ltd. - http://www.acunetix.com Acunetix Web Security Blog - http://www.acunetix.com/blog _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists