PacketTrap TFTP Server 2.2.5459.0 DoS - Metasploit

This page contains detailed information about how to use the auxiliary/dos/windows/tftp/pt360_write metasploit module. For list of all metasploit modules, visit the Metasploit Module Library.

Module Overview

---

Name: PacketTrap TFTP Server 2.2.5459.0 DoS
Module: auxiliary/dos/windows/tftp/pt360_write
Source code: modules/auxiliary/dos/windows/tftp/pt360_write.rb
Disclosure date: 2008-10-29
Last modification time: 2020-10-02 17:38:06 +0000
Supported architecture(s): -
Supported platform(s): -
Target service / protocol: -
Target network port(s): 69
List of CVEs: CVE-2008-1311

The PacketTrap TFTP server version 2.2.5459.0 can be brought down by sending a special write request.

Module Ranking and Traits

---

Module Ranking:

• normal: The exploit is otherwise reliable, but depends on a specific version and can't (or doesn't) reliably autodetect. More information about ranking can be found here.

Basic Usage

---

msf > use auxiliary/dos/windows/tftp/pt360_write
msf auxiliary(pt360_write) > show targets
    ... a list of targets ...
msf auxiliary(pt360_write) > set TARGET target-id
msf auxiliary(pt360_write) > show options
    ... show and set options ...
msf auxiliary(pt360_write) > exploit

Required Options

---

• RHOSTS: The target host(s), range CIDR identifier, or hosts file with syntax 'file:<path>'

Go back to menu.

Msfconsole Usage

---

Here is how the dos/windows/tftp/pt360_write auxiliary module looks in the msfconsole:

msf6 > use auxiliary/dos/windows/tftp/pt360_write

msf6 auxiliary(dos/windows/tftp/pt360_write) > show info

       Name: PacketTrap TFTP Server 2.2.5459.0 DoS
     Module: auxiliary/dos/windows/tftp/pt360_write
    License: Metasploit Framework License (BSD)
       Rank: Normal
  Disclosed: 2008-10-29

Provided by:
  kris katterjohn <[email protected]>

Check supported:
  No

Basic options:
  Name    Current Setting  Required  Description
  ----    ---------------  --------  -----------
  RHOSTS                   yes       The target host(s), range CIDR identifier, or hosts file with syntax 'file:<path>'
  RPORT   69               yes       The target port (UDP)

Description:
  The PacketTrap TFTP server version 2.2.5459.0 can be brought down by 
  sending a special write request.

References:
  https://nvd.nist.gov/vuln/detail/CVE-2008-1311
  OSVDB (42932)
  https://www.exploit-db.com/exploits/6863

Module Options

---

This is a complete list of options available in the dos/windows/tftp/pt360_write auxiliary module:

msf6 auxiliary(dos/windows/tftp/pt360_write) > show options

Module options (auxiliary/dos/windows/tftp/pt360_write):

   Name    Current Setting  Required  Description
   ----    ---------------  --------  -----------
   RHOSTS                   yes       The target host(s), range CIDR identifier, or hosts file with syntax 'file:<path>'
   RPORT   69               yes       The target port (UDP)

Advanced Options

---

Here is a complete list of advanced options supported by the dos/windows/tftp/pt360_write auxiliary module:

msf6 auxiliary(dos/windows/tftp/pt360_write) > show advanced

Module advanced options (auxiliary/dos/windows/tftp/pt360_write):

   Name       Current Setting  Required  Description
   ----       ---------------  --------  -----------
   CHOST                       no        The local client address
   CPORT                       no        The local client port
   VERBOSE    false            no        Enable detailed status messages
   WORKSPACE                   no        Specify the workspace for this module

Auxiliary Actions

---

This is a list of all auxiliary actions that the dos/windows/tftp/pt360_write module can do:

msf6 auxiliary(dos/windows/tftp/pt360_write) > show actions

Auxiliary actions:

   Name  Description
   ----  -----------

Evasion Options

---

Here is the full list of possible evasion options supported by the dos/windows/tftp/pt360_write auxiliary module in order to evade defenses (e.g. Antivirus, EDR, Firewall, NIDS etc.):

msf6 auxiliary(dos/windows/tftp/pt360_write) > show evasion

Module evasion options:

   Name  Current Setting  Required  Description
   ----  ---------------  --------  -----------

Go back to menu.

Related Pull Requests

---

• #14213 Merged Pull Request: Add disclosure date rubocop linting rule - enforce iso8601 disclosure dates
• #8716 Merged Pull Request: Print_Status -> Print_Good (And OCD bits 'n bobs)
• #8338 Merged Pull Request: Fix msf/core and self.class msftidy warnings
• #6812 Merged Pull Request: Resolve #6807, remove all OSVDB references.
• #6655 Merged Pull Request: use MetasploitModule as a class name
• #6648 Merged Pull Request: Change metasploit class names
• #2525 Merged Pull Request: Change module boilerplate
• #1228 Merged Pull Request: MSFTIDY cleanup #1 - auxiliary
• #542 Merged Pull Request: Update milw0rm references.

References

---

• CVE-2008-1311
• OSVDB (42932)
• EDB-6863

See Also

---

Check also the following modules related to this module:

• auxiliary/admin/tftp/tftp_transfer_util
• auxiliary/dos/scada/d20_tftp_overflow
• auxiliary/dos/windows/tftp/solarwinds
• auxiliary/scanner/snmp/cisco_config_tftp
• auxiliary/scanner/tftp/ipswitch_whatsupgold_tftp
• auxiliary/scanner/tftp/netdecision_tftp
• auxiliary/scanner/tftp/tftpbrute
• auxiliary/server/tftp
• exploit/windows/ftp/32bitftp_list_reply
• exploit/windows/ftp/freefloatftp_user
• exploit/windows/ftp/freefloatftp_wbem
• exploit/windows/ftp/netterm_netftpd_user
• exploit/windows/ftp/scriptftp_list
• exploit/windows/tftp/attftp_long_filename
• exploit/windows/tftp/distinct_tftp_traversal
• exploit/windows/tftp/dlink_long_filename
• exploit/windows/tftp/futuresoft_transfermode
• exploit/windows/tftp/netdecision_tftp_traversal
• exploit/windows/tftp/opentftp_error_code
• exploit/windows/tftp/quick_tftp_pro_mode
• exploit/windows/tftp/tftpd32_long_filename
• exploit/windows/tftp/tftpdwin_long_filename
• exploit/windows/tftp/tftpserver_wrq_bof
• exploit/windows/tftp/threectftpsvc_long_mode
• post/windows/gather/credentials/smartftp
• auxiliary/dos/windows/smb/ms09_001_write
• auxiliary/server/wget_symlink_file_write
• exploit/linux/http/lucee_admin_imgprocess_file_write
• exploit/linux/local/netfilter_xtables_heap_oob_write_priv_esc
• exploit/multi/fileformat/archive_tar_arb_file_write
• exploit/windows/browser/chilkat_crypt_writefile
• exploit/windows/browser/hp_loadrunner_writefilebinary
• exploit/windows/browser/hp_loadrunner_writefilestring
• exploit/windows/browser/mozilla_interleaved_write
• exploit/windows/ftp/quickshare_traversal_write
• exploit/windows/http/manageengine_connectionid_write
• exploit/windows/http/oracle_btm_writetofile
• exploit/windows/local/mqac_write
• exploit/windows/misc/solidworks_workgroup_pdmwservice_file_write
• auxiliary/scanner/http/rewrite_proxy_bypass
• exploit/multi/browser/opera_configoverwrite
• exploit/windows/fileformat/foxit_reader_filewrite
• exploit/windows/http/apache_mod_rewrite_ldap
• exploit/windows/mssql/ms09_004_sp_replwritetovarbin
• exploit/windows/mssql/ms09_004_sp_replwritetovarbin_sqli

Authors

---

kris katterjohn

Version

---

This page has been produced using Metasploit Framework version 6.1.24-dev. For more modules, visit the Metasploit Module Library.

Go back to menu.