Twenty Year Anniversary

Telegram 3.2 Denial Of Service

Telegram 3.2 Denial Of Service
Posted Sep 26, 2015
Authored by Mohammad Reza Espargham

Telegram version 3.2 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | b4f870d99ed665ac8f0ac4540551bbd5

Telegram 3.2 Denial Of Service

Change Mirror Download
#[+] Title:  Telegram - Input Length Handling Denial of Service Vulnerability
#[+] Product: Telegram
#[+] Vendor: http://telegram.org/
#[+] SoftWare Link : https://itunes.apple.com/en/app/telegram-messenger/id686449807?mt=8
#[+] Vulnerable Version(s): Telegram 3.2 on IOS 9.0.1
#
#
# Author : Mohammad Reza Espargham
# Linkedin : https://ir.linkedin.com/in/rezasp
# E-Mail : me[at]reza[dot]es , reza.espargham[at]gmail[dot]com
# Website : www.reza.es
# Twitter : https://twitter.com/rezesp
# FaceBook : https://www.facebook.com/mohammadreza.espargham

#Demo : https://youtu.be/fszP8jyJN0M

# 1. open your phone contacts / add contact
# 2. Past 5000 X “A” in your contact name / save contact
# 3. Open telegram and goto “Contact"
# 4. Crashed ;)



Debug Report

{"app_name":"Telegram","timestamp":”2015-xx-xx","app_version":"3.2":"ph.telegra.Telegraph","share_with_app_devs":false,"is_first_party":false"os_version":"iPhone OS 9.0.1 (13A404)","name":"Telegram"}
Incident Identifier: xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx
CrashReporter Key: 7e3613t9t457ge3a2en22fc58e7rr44r49311297
Hardware Model: iPhone6,1
Process: Telegram [616]
Path: /private/var/mobile/Containers/Bundle/Application/xxxxx xxxxx xxxxx xxxxx xxxxx xxxxx/Telegram.app/Telegram
Identifier: ph.telegra.Telegraph
Code Type: ARM-64 (Native)
Parent Process: launchd [1]

Date/Time: 2015-xx-xx 03:12:02.02
Launch Time: 2015-xx-xx 23:03:12.12
OS Version: iOS 9.0.1 (13A404)

Exception Type: EXC_CRASH (SIGILL)
Exception Codes: 0x0000000000000000, 0x0000000000000000
Exception Note: EXC_CORPSE_NOTIFY
Triggered by Thread: 0

Filtered syslog:
None found

Thread 0 name: Dispatch queue: com.apple.main-thread
Thread 0 Crashed:
0 libsystem_kernel.dylib 0x000000019b578c30 0x19b578000 + 3120
1 libsystem_kernel.dylib 0x000000019b578aac 0x19b578000 + 2732
2 CoreFoundation 0x0000000186100168 0x186024000 + 901480
3 CoreFoundation 0x00000001860fde6c 0x186024000 + 892524
4 CoreFoundation 0x000000018602cdc0 0x186024000 + 36288
5 GraphicsServices 0x0000000191180088 0x191174000 + 49288
6 UIKit 0x000000018b706f60 0x18b68c000 + 503648
7 Telegram 0x0000000100016f70 0x100000000 + 94064
8 libdyld.dylib 0x000000019b4768b8 0x19b474000 + 10424

Activity ID: 0x0000000000042ea5
Activity Name: send control actions
Activity Image Path: /System/Library/Frameworks/UIKit.framework/UIKit
Activity Offset: 0x00032b34
Activity Running Time: 0.980331 sec

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close