lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <002201c351eb$81010d00$1c01010a@netvf09v3k60bdk3>
From: amilabs at optonline.net (amilabs)
Subject: Win32 Cisco Exploit

According to protocol trace file analysis it does generate the correct
types of packets to cause the exploit. Both the gui and the cmd line
send the packets out with ttl 128 and with 0 as the next protocol in the
IP header. This is what the app spits out. I did not test against a
router just took a quick peek with a protocol analyzer and it does not
look like it will work based on the packet trace. Can someone tell me
otherwise?

------------  ETHER Header  ------------
Destination: 00-03-A3-43-78-6B
Source: This Network Analyzer (00-04-55-2D-F8-A7)
Protocol: IP
FCS: E67BCBFA

------------  IP Header  ------------
Version = 4
Header length = 20
Differentiated Services (DS) Field = 0x00
    0000 00.. DS Codepoint = Default PHB (0)
    .... ..00 Unused
Packet length = 40
Id = 1ed4
Fragmentation Info = 0x0000
    .0.. ....  .... .... Don't Fragment Bit = FALSE
    ..0. ....  .... .... More Fragments Bit = FALSE
    ...0 0000  0000 0000 Fragment offset = 0
Time to live = 128
Protocol = 0 (0)
Header checksum = 04EB (Verified 04EB)
Source address = 10.1.1.28
Destination address = 10.1.1.250
20 bytes of data

 Record #22      (From Node To Hub) Captured on 7/24/2003 at
09:50:56.437327771 Length =    64

Frame Data: (Length = 64)
    0: 00 08 A3 4D 78 6B 00 02    55 5D F8 A7 08 00 45 00   ...Mxk..
U]....E.
   16: 00 28 1E D4 00 00 80 00    04 EB 0A 01 01 1C 0A 01   .(......
........
   32: 01 FA 45 10 00 14 2E 31    40 00 00 37 C1 76 7F 00   ..E....1
@..7.v..
   48: 00 01 0A 01 01 FA 00 00    00 00 00 00 E6 7B CB FA   ........
.....{..

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of
koec@...h.com
Sent: Wednesday, July 23, 2003 5:18 PM
To: full-disclosure@...ts.netsys.com
Subject: [Full-Disclosure] Win32 Cisco Exploit


Attached is a win32 version of the Cisco Exploit with a nice GUI.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ