| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon Apr 18 15:04:58 2005 From: security at revolutionsp.com (H. S.) Subject: TCP/IP Stack Vulnerability I have tested this against an unpatched W2K server and a RH 6 box, it doesnt slow down any of them; I was using X on the RH6 one and didn't notice any slowdowns or the supposed packet flow this should generate. > Fellows, > > Try this: > > Linux (Slackware 10): > > root@...fix:/# gcc -D LINUX storm.c -lpcap -o storm > > BSD systems: > > root@...fix:/# gcc storm.c -lpcap -o storm > > It should work, anyway Im sending a FreeBSD precompiled version of > this exploit and a the C source code as an attachment. > > bash-2.05b$ uname -a > FreeBSD darksun.undernet 5.3-RELEASE FreeBSD 5.3-RELEASE #1: Fri Dec > 10 15:56:18 BRST 2004 > root@...ksun.undernet:/usr/obj/usr/src/sys/GENERIC i386 > > Best reguards, > > Diego Casati > > > On 4/18/05, Israel Lopez <israel@...osting.com> wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> Hello, >> >> Call me crazy, but when I copied the text out from Mr. Casati's email, I >> had to edit all of the line wraps that (I believed) Thunderbird injected >> into the email. Takes a bit but you'll find them. >> >> If anything I got 'farther' into compiling myself, needed to reflect >> some changes to a new location of a pcap-bpf.h header. >> >> [~/sandbox]# gcc -DLINUX -lpcap storm.c -o storm >> storm.c: In function `PCapHandler': >> storm.c:450: warning: initialization from incompatible pointer type >> /tmp/ccvPmT8m.o(.text+0x3e8): In function `TCPCheckSum': >> : undefined reference to `sizephdr' >> collect2: ld returned 1 exit status >> [~/sandbox]# >> >> Anyone have sucess in testing this out in a sandbox environment? >> >> >> Diego Casati wrote: >> > Try this >> > root@...fix:~/vortex# gcc -DLINUX storm.c -lpcap -o storm >> > >> > >> > >> > On 4/17/05, H. S. <security@...olutionsp.com> wrote: >> > >> >>Hey, >> >> >> >>I am having two errors compiling this code. I want to test it on my >> LAN, >> >>as I have a windows box and several linux ones. >> >> >> > >> > >> >>gcc -lpcap tcp-ack.c -o storm >> >>tcp-ack.c: In function `DeletePacket': >> >>tcp-ack.c:350: error: syntax error before "CurrentPacket" >> >>tcp-ack.c: In function `FindPacket': >> >>tcp-ack.c:366: error: invalid lvalue in assignment >> >>tcp-ack.c: In function `PCapHandler': >> >>tcp-ack.c:453: warning: initialization from incompatible pointer type >> >> >> >>I'm trying to compile on a FreeBSD 5.2.1-RELEASE system. >> >> >> >>line 350 reads: >> >> CurrentPacket->NextPacket >> >>CurrentPacket->NextPacket->NextPacket; >> >> >> >>line 366 reads: >> >> if (Source == Packet->Source && Destination >> >>=Packet->Destination && SourcePort == Packet->SourcePort && >> >>DestinationPort == Packet->DestinationPort) >> >> >> >>What could be the problem? >> >> >> >>Kind Regards >> >> >> >> >> > >> > _______________________________________________ >> > Full-Disclosure - We believe in it. >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> > Hosted and sponsored by Secunia - http://secunia.com/ >> >> - -- >> ========================> Israel Lopez >> Lead Network Administrator >> OCHosting Inc. >> Office: (949) 388-8637 x.106 >> E-Mail: israel@...osting.com >> PGPKey: 0xFE8F03DD >> Keyserver: pgp.mit.edu >> >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.1 (MingW32) >> >> iD8DBQFCYywQhrlQD/6PA90RAhbNAKCvtt2cM7siWN17q0mbl+bL4rCeKgCfe0en >> TtecqDyAZNs4C1V8ldtsLoA> =u1sU >> -----END PGP SIGNATURE----- >> > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists