Miniweb http server 0.8.19 buffer overflow (poc) Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2020-12-14 |
Type : webapps |
Platform : multiple
This exploit / vulnerability Miniweb http server 0.8.19 buffer overflow (poc) is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: MiniWeb HTTP Server 0.8.19 - Buffer Overflow (PoC)
# Date: 13.12.2020
# Exploit Author: securityforeveryone.com
# Author Mail: hello[AT]securityforeveryone.com
# Vendor Homepage: https://sourceforge.net/projects/miniweb/
# Software Link: https://sourceforge.net/projects/miniweb/files/miniweb/0.8/miniweb-win32-20130309.zip/download
# Version: 0.8.19
# Tested on: Win7 x86
# Researchers: Security For Everyone Team - https://securityforeveryone.com
'''
Description
MiniWeb HTTP server 0.8.19 allows remote attackers to cause a denial of service (daemon crash) via a long name for the
first parameter in a POST request.
Exploitation
The vulnerability is the first parameter's name of the POST request. Example: PARAM_NAME1=param_data1¶m_name2=param_data2
if we send a lot of "A" characters to "PARAM_NAME1", the miniweb server will crash.
About Security For Everyone Team
We are a team that has been working on cyber security in the industry for a long time.
In 2020, we created securityforeveyone.com where everyone can test their website security and get help to fix their vulnerabilities.
We have many free tools that you can use here: https://securityforeveryone.com/free-tool-list