Rapid7 Vulnerability & Exploit Database

Chargen Probe Utility

Back to Search

Chargen Probe Utility

Disclosed
02/08/1996
Created
05/30/2018

Description

Chargen is a debugging and measurement tool and a character generator service. A character generator service simply sends data without regard to the input. Chargen is susceptible to spoofing the source of transmissions as well as use in a reflection attack vector. The misuse of the testing features of the Chargen service may allow attackers to craft malicious network payloads and reflect them by spoofing the transmission source to effectively direct it to a target. This can result in traffic loops and service degradation with large amounts of network traffic.

Author(s)

  • Matteo Cantoni <goony@nothink.org>

Development

References

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use auxiliary/scanner/chargen/chargen_probe
msf auxiliary(chargen_probe) > show actions
    ...actions...
msf auxiliary(chargen_probe) > set ACTION < action-name >
msf auxiliary(chargen_probe) > show options
    ...show and set options...
msf auxiliary(chargen_probe) > run 

Time is precious, so I don’t want to do something manually that I can automate. Leveraging the Metasploit Framework when automating any task keeps us from having to re-create the wheel as we can use the existing libraries and focus our efforts where it matters.

– Jim O’Gorman | President, Offensive Security

;