Vulnerability & Exploit Database

Back to search

NTP Mode 6 UNSETTRAP DRDoS Scanner

This module identifies NTP servers which permit mode 6 UNSETTRAP requests that can be used to conduct DRDoS attacks. In some configurations, NTP servers will respond to UNSETTRAP requests with multiple packets, allowing remote attackers to cause a distributed, reflected denial of service (aka, "DRDoS" or traffic amplification) via spoofed requests.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name

auxiliary/scanner/ntp/ntp_unsettrap_dos

Authors

  • Jon Hart <jon_hart [at] rapid7.com>

References

Reliability

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use auxiliary/scanner/ntp/ntp_unsettrap_dos msf auxiliary(ntp_unsettrap_dos) > show actions ...actions... msf auxiliary(ntp_unsettrap_dos) > set ACTION <action-name> msf auxiliary(ntp_unsettrap_dos) > show options ...show and set options... msf auxiliary(ntp_unsettrap_dos) > run

Related Vulnerabilities

Related Modules