5 matches found
Metasploit HTTP(S) handler Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Metasploit HTTPS handler DoS', 'Description' = %q This module exploits the Metasploit HTTPS handler by sending a specially crafted HTTP request...
CVE-2019-5645
By sending a specially crafted HTTP GET request to a listening Rapid7 Metasploit HTTP handler, an attacker can register an arbitrary regular expression. When evaluated, this malicious handler can either prevent new HTTP handler sessions from being established, or cause a resource exhaustion on th...
CVE-2019-5645
CVE-2019-5645 is a denial-of-service issue affecting the Rapid7 Metasploit HTTP(S) handler. The provided DoS payloads register a malicious regular expression via a specially crafted HTTP GET/request to the handler, causing the server to evaluate the expression and potentially either block new HTT...
CVE-2019-5645
creationtimestamp| type| source ---|---|--- 2019-12-26 19:59:49+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/http/metasploithttphandlerdos.rb 2020-09-01 18:55:23+00:00| seen| https://t.me/cibsecurity/14406 2025-02-06 03:13:44+00:00| seen|...
Metasploit HTTP(S) handler DoS
This module exploits the Metasploit HTTPS handler by sending a specially crafted HTTP request that gets added as a resource handler. Resources which come from the external connections are evaluated as RegEx in the handler server. Specially crafted input can trigger Gentle, Soft and Hard DoS. Test...