lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <000201c42c95$13b2f120$8403973f@LUFKIN.DPSOL.COM>
From: purdy at tecman.com (Curt Purdy)
Subject: Decompression

D B wrote:
> I recently played with a png decompression bomb and my
> mind works wierd.
>
> I was wondering if someone who knows about tcp could
> tell me if it was possible to create this for a tcp
> packet.
<snip>

TCP packets are not compressed on their own, so there is no "uncompressed
size" info in the packets themselves as there are in the decompression
bombs.  The closest thing that would be similar is either the "windows size"
field in tcp and the "total length" in ip.  As they are both only 16 bits
this would not give you much to work with.  My gut feeling is that messing
with these fields would only cause the network device to fragment the packet
which would fail since there would be no bits beyond the true length to
fragment.

Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA
Information Security Engineer
DP Solutions

----------------------------------------

If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- White House cybersecurity adviser Richard Clarke


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ