CVE-2018-12018 PoC — Go Ethereum 安全漏洞

Source

https://github.com/k3v142/CVE-2018-12018

Associated Vulnerability

Title:Go Ethereum 安全漏洞 (CVE-2018-12018)
Description:Go Ethereum（又名geth）是一款使用Go语言编写的以太坊协议的开源实现。 geth 1.8.11之前版本中的LES协议实现的GetBlockHeadersMsg handler存在安全漏洞。攻击者可通过发送数据包利用该漏洞造成拒绝服务。

Description

EPoD (Ethereum Packet of Death)

Readme

# CVE-2018-12018
Mitre https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12018

The GetBlockHeadersMsg handler in the LES protocol implementation in Go Ethereum (aka geth) before 1.8.11 may lead to an access violation because of an integer signedness error for the array index, which allows attackers to launch a Denial of Service attack by sending a packet with a -1 query.Skip value. The vulnerable remote node would be crashed by such an attack immediately, aka the EPoD (Ethereum Packet of Death) issue.

**Mainnet**
```shell
python3 exploit.py --mainnet --enode 'enode'
```

**Testnet**
```shell
python3 exploit.py --enode 'enode'
```

You will may face dependecy issue with `py-evm` library. It is working with release [Trinity v0.1.0-alpha.16 "Ada Lovelace"](https://github.com/ethereum/py-evm/releases/tag/trinity-v0.1.0-alpha.16).

File Snapshot


 [4.0K]  /data/pocs/5c9b37f5bb2f8a3e85bc463aa8fb822014c51a84
├── [4.6K]  exploit.py
├── [1.0K]  LICENSE
├── [ 846]  README.md
└── [  17]  requirements.txt

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!