Commit | Line | Data |
---|---|---|
21c4e167 H |
1 | #!/usr/bin/php |
2 | <?php if(!isset($argv)) die('<pre>[!] FUCK-U-N0-0B!</pre>\n'); //.!.('.').!. No, this isn't a web app! | |
3 | //Ov3rFl00 | |
4 | //Harvie 2oo7 | |
5 | /* Buffer-OverFlow VulnChecker | |
6 | * You can make template for any protocol | |
7 | */ | |
8 | ||
9 | //Settings | |
10 | $template_dir = './flooz'; | |
11 | $floochar = 'A'; | |
12 | $addrstr = 'BBBB'; | |
13 | $start = 64; | |
14 | $step = 2; | |
15 | $max = 1024*1024; | |
16 | $floostr = '%FLOOD%'; | |
17 | $lenstr = '%LENGHT%'; | |
18 | $host = 'stdout'; | |
19 | $port = 80; | |
20 | $timeout = 3; | |
21 | ||
22 | //C0DE | |
23 | if($argc < 2) die( | |
24 | "[!] OverFloo". | |
25 | "Usage: overfloo template [host] [port] [max-len(^2)] [char] [addr]\n". | |
26 | "By: <--Harvie 2oo7 ;D\n" | |
27 | ); | |
28 | ||
29 | if(isset($argv[1])) $template = $argv[1]; | |
30 | if(isset($argv[2])) $host = $argv[2]; | |
31 | if(isset($argv[3])) $port = $argv[3]; | |
32 | if(isset($argv[4])) $max = pow($argv[4],2); | |
33 | ||
34 | ||
35 | function flood_make($len='64', $char='A', $end='BBBB') { | |
36 | for(;$len > 0;$len--) $str.=$char; | |
37 | return $str.$end; | |
38 | } | |
39 | ||
40 | //Init | |
41 | $template = $template_dir.'/'.$template.'.floo'; | |
42 | echo( | |
43 | "[i] Testing: $host:$port\n". | |
44 | "[i] Using template: $template\n". | |
45 | "[i] Using range $start - $max B\n\n" | |
46 | ); | |
47 | $template = @file_get_contents($template); | |
48 | if(!$template) die("[!] Template not found!\n"); | |
49 | $tcp = ($host == 'stdout' || $host == '-'); | |
50 | //Loop | |
51 | $len = $start; | |
52 | while($len <= $max) { | |
53 | $data = str_replace($lenstr, $len, $template); | |
54 | $data = str_replace($floostr, flood_make($len, $floochar, $addrstr), $data); | |
55 | ||
56 | echo("[>] Sending: $len -> "); | |
57 | ||
58 | if($tcp) die("\n".$data); | |
59 | else { | |
60 | $fp = @fsockopen($host, $port, $errno, $err, $timeout); | |
61 | if(!$fp) die("\n[!] $host:$port DOWN ;D\n"); | |
62 | fwrite($fp, $data); fflush($fp); | |
63 | ||
64 | if(!fwrite($fp, ';P')) { | |
65 | echo("Connection closed! ;D\n"); | |
66 | } else { | |
67 | echo("OK!\n"); | |
68 | } | |
69 | @fclose($fp); | |
70 | } | |
71 | ||
72 | $len *= 2; | |
73 | } | |
74 | ||
75 | if($tcp) { | |
76 | $fp = @pfsockopen($host, $port, $errno, $err, $timeout); | |
77 | if(!$fp) die("[!] $host:$port DOWN ;D\n"); | |
78 | } | |
79 | ||
80 | echo("\n[X] Script exited succesfully!\n"); | |
81 |