目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CVE-2004-0558 PoC — CUPS UDP数据包远程服务拒绝漏洞

来源
https://github.com/fibonascii/CVE-2004-0558
关联漏洞
标题:CUPS UDP数据包远程服务拒绝漏洞 (CVE-2004-0558)
Description:CUPS 1.1.21之前版本中的Internet Printing Protocol(IPP)的安装启用存在漏洞。远程攻击者可以借助某个IPP端口的UDP数据包导致服务拒绝(服务挂起)。
介绍
This is a proof of concept exploit for CVE-2004-0558
Specific versions of CUPs (1.1.x) are vulnerable to a Denial of Service attack when sent a zero-length UDP packet
https://www.exploit-db.com/exploits/24599/

It's worth noting that this can be achieved with nmap, and this exploit was developed for research and educational purposes.


Usage:

python kill-cups.py -t 192.168.1.91


Additional command line flags were included for research purposes. UDP requires that the packet header requires an arbitrary source port.
In the exploit I have it default to 4321 but this can changed if necessary

python kill-cups.py -t 192.168.1.91 --source-port 5555
文件快照

 [4.0K]  /data/pocs/e95177b0dc3f131c1dc8ac6f543acea7951b97d8
├── [ 826]  kill-cups.py
└── [ 653]  README.md

0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。