lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: olafandjasper at hushmail.com (olafandjasper@...hmail.com)
Subject: Win32 Cisco Exploit

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Try changing TTL, we used a value of 0 and it kill Cisco.

On Thu, 24 Jul 2003 09:43:39 -0700 "Joel R. Helgeson" <joel@...geson.com>
wrote:
>I just tested it against one of my test cisco routers.
>nuthin happened.
>
>"Give a man fire, and he'll be warm for a day; set a man on fire,
> and he'll
>be warm for the rest of his life."
>----- Original Message -----
>From: "amilabs" <amilabs@...online.net>
>To: "'amilabs'" <amilabs@...online.net>; <koec@...h.com>;
><full-disclosure@...ts.netsys.com>
>Sent: Thursday, July 24, 2003 9:36 AM
>Subject: RE: [Full-Disclosure] Win32 Cisco Exploit
>
>
>> I meant to say it does NOT generate the correct type of packets
>below in
>> the last email I sent
>>
>> -----Original Message-----
>> From: full-disclosure-admin@...ts.netsys.com
>> [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of amilabs
>> Sent: Thursday, July 24, 2003 9:57 AM
>> To: koec@...h.com; full-disclosure@...ts.netsys.com
>> Subject: RE: [Full-Disclosure] Win32 Cisco Exploit
>>
>>
>> According to protocol trace file analysis it does generate the
>correct
>> types of packets to cause the exploit. Both the gui and the cmd
>line
>> send the packets out with ttl 128 and with 0 as the next protocol
>in the
>> IP header. This is what the app spits out. I did not test against
>a
>> router just took a quick peek with a protocol analyzer and it
>does not
>> look like it will work based on the packet trace. Can someone
>tell me
>> otherwise?
>>
>> ------------  ETHER Header  ------------
>> Destination: 00-03-A3-43-78-6B
>> Source: This Network Analyzer (00-04-55-2D-F8-A7)
>> Protocol: IP
>> FCS: E67BCBFA
>>
>> ------------  IP Header  ------------
>> Version = 4
>> Header length = 20
>> Differentiated Services (DS) Field = 0x00
>>     0000 00.. DS Codepoint = Default PHB (0)
>>     .... ..00 Unused
>> Packet length = 40
>> Id = 1ed4
>> Fragmentation Info = 0x0000
>>     .0.. ....  .... .... Don't Fragment Bit = FALSE
>>     ..0. ....  .... .... More Fragments Bit = FALSE
>>     ...0 0000  0000 0000 Fragment offset = 0
>> Time to live = 128
>> Protocol = 0 (0)
>> Header checksum = 04EB (Verified 04EB)
>> Source address = 10.1.1.28
>> Destination address = 10.1.1.250
>> 20 bytes of data
>>
>>  Record #22      (From Node To Hub) Captured on 7/24/2003 at
>> 09:50:56.437327771 Length =    64
>>
>> Frame Data: (Length = 64)
>>     0: 00 08 A3 4D 78 6B 00 02    55 5D F8 A7 08 00 45 00   ...Mxk..
>> U]....E.
>>    16: 00 28 1E D4 00 00 80 00    04 EB 0A 01 01 1C 0A 01   .(......
>> ........
>>    32: 01 FA 45 10 00 14 2E 31    40 00 00 37 C1 76 7F 00   ..E....1
>> @..7.v..
>>    48: 00 01 0A 01 01 FA 00 00    00 00 00 00 E6 7B CB FA   ........
>> .....{..
>>
>> -----Original Message-----
>> From: full-disclosure-admin@...ts.netsys.com
>> [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of
>> koec@...h.com
>> Sent: Wednesday, July 23, 2003 5:18 PM
>> To: full-disclosure@...ts.netsys.com
>> Subject: [Full-Disclosure] Win32 Cisco Exploit
>>
>>
>> Attached is a win32 version of the Cisco Exploit with a nice GUI.
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.netsys.com/full-disclosure-charter.html
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.netsys.com/full-disclosure-charter.html
>>
>>
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.3

wkYEARECAAYFAj8gFxcACgkQsJfNyoeLaF7VEgCfZNrQEjfJZ5yub1ouPEou0k47/4EA
nilCXsIOvTBSe6RNNu3IvG3tk+RT
=dFRS
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434

Promote security and make money with the Hushmail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ