lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20031012161200.37367.qmail@web20204.mail.yahoo.com>
Date: Sun, 12 Oct 2003 09:12:00 -0700 (PDT)
From: bipin gautam <visitbipin@...oo.com>
To: bugtraq@...urityfocus.com
Cc: full-disclosure@...ts.netsys.com, secure@...rosoft.com
Subject: Re: Local DoS in windows.



see guy's i wasn't wrong! NA, NONE OF THEM ARE USING
THE HACKED VERSION OF SHELL32.DLL ANYWAY!

i've tried it  in fresh installed windows xp.
well, as npguy says...
the bug worked in his 128 ram PC!

but surprisingly i have 256mb p3, and it worked there
too...

[ i can't still understand... what the heck causes
this real problem ]
--------------------------------------------
--- Joe <mvp@...ware.net> wrote:
> Umm nope, not on my XP SP1 machine. I have about 15
> windows running and avg
> 1% utilization. I do your little trick and there is
> no change. 
> 
> Though maybe it is because my machine is one of
> those really fast 900Mhz
> PIII's. 
> 
> Maybe the problem is you are running a hacked
> version of shell32.dll from
> http://www.geocities.com/visitbipin/ and he screwed
> it up. 
> 
> Thanks for playing.
> 
>    joe
> 
> 
> -----Original Message-----
> From: full-disclosure-admin@...ts.netsys.com
> [mailto:full-disclosure-admin@...ts.netsys.com] On
> Behalf Of bipin gautam
> Sent: Friday, October 10, 2003 1:18 PM
> To: Full-Disclosure@...ts.netsys.com
> Cc: bugtraq@...urityfocus.com
> 
> --- [Affected] ---
> We have only tried it in windows Xp.
> 
> --- [Bug Details] ---
> http://www.geocities.com/visitbipin/win_dos.jpg
> The image is self explanatory...
> 
> --- [Description] ---
> When you click to "any" close, maximize or minimize
> button's in windows Xp,
> [No matter whether it's IE or a WordPad]
> surprisingly there is 100% CPU use
> at the instant and it continues............ until
> you release the button!
> Moreover, we've noticed if you continuously click
> the button for a long time
> [... not release it and hold ON ] we've seen
> gradual/slow rise in page-file
> use too...!!!
> 
> --- [Conclusion] ---
> Hell... local DoS! That could be used by employees
> working at different
> terminal..... (O;
> 
> --- [Background Information] ---
> This bug was originally discovered by
> hUNT3R,[myself] a member of 01
> Security Submission. The vendor was notified via
> email.
> http://www.ysgnet.com/hn
> --- [I want a JOB/scholarship... anyone??? - hUNT3R]
> ---
> 
> __________________________________
> Do you Yahoo!?
> The New Yahoo! Shopping - with improved product
> search
> http://shopping.yahoo.com
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
> http://lists.netsys.com/full-disclosure-charter.html
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
http://lists.netsys.com/full-disclosure-charter.html


-------------------------------------------------------
--- npguy <npguy@...net.com> wrote:
> shamefully it happen with my xp running in 128 mb
> ram pc whereas another 
> which has enough ram, has not shown this problem.
> 
> On Sat, 11 Oct 2003 21:05:29 -0400,
> <Valdis.Kletnieks@...edu> wrote:
> 
> > On Sun, 12 Oct 2003 02:18:16 +0200, Richard Spiers
> <dksaarth@...x.za.net> 
> > said:
> >> whoopee!. Bleh. Really a security issue? Same
> thing happens if you have 
> >> show
> >> windows content enabled and you drag around a
> window, as long as your
> >> dragging the window, the cpu will remain close to
> 100 % usage. 
> >> Significant?
> >
> > Probably not directly, but possibly indirectly.
> >
> > The questions are, of course:
> >
> > 1) Is the 100% cycle sucking done as a
> pre-emptible thing, or can you
> > cpu-starve something else using it?
> >
> > 2) Is there some *other* security-related API that
> botches incorrectly if 
> > it's
> > cpu-starved?
> >
> >> No, unless its proof of some shoddy coding of
> some-sort.
> >
> > A hammer is a useful tool for finding 
> non-impact-resistant screws......
> >
> 
> 
> 
> -- 
> Using M2, Opera's revolutionary e-mail client:
> http://www.opera.com/m2/
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
http://lists.netsys.com/full-disclosure-charter.html


__________________________________
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search
http://shopping.yahoo.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ