lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Sun, 16 Sep 2007 22:04:33 +0530
From: "Joel Jose" <joeljose420@...il.com>
To: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: Patch for idle scan in Microsoft windows based
	systems

I have hacked together a patch. Its very lame. Lots of optimizations
and code improvements are possible. If anyone has spare time...please
do something about it.

thank you.



/*******************************START OF
FILE******************************************/


/* These code have been modified from the original sample code
provided here : "http://tangentsoft.net/wskfaq/examples/basics/";
I customized the sample for my special requirement...of generating
random, minimal length packets, to localhost
so that idle scan can be defeated in windows based systems that dont
have a proper patch yet.
This is extremely silly program; the constructs used here are stone
aged.... my totally zero knowledge about network programing
is the cause for such an insane implementation....

I urge the community to come forward and improve upon this, or make a
more polished patch.

Many functions used are either "in excess" or "less than" the optimum
implementation of a proper networking program...
My ignorance and lack of time and impatience are all to blame for it.
BUT MORE IMPORTANTLY : I have tested it, and it works.
*/

/*To compile this code : use the needed winsock32 dll when compiling.
I compiled it in dev-c++ using MINGW... i used the libwsock32.a
library

just run the program(.exe) in the target windows based vulnerable
machine; and try idle scan on it. My hope is that it will be defeated.

*/

/*feedbacks are most welcome at joeljose420@...il.com* :
I would love it if someone wit the time, can improve upon this code
and make it a "Terminate but Stay Resident" program*/


/*
 This program is hereby released into the public domain.  There is
 ABSOLUTELY NO WARRANTY WHATSOEVER for this product.
 */



/*May the force be with you*/







#include <winsock.h>
#include <stdlib.h>
#include <iostream>
#include <algorithm>
#include <strstream>
#include <string.h>
#include <time.h>
#include <stdio.h>



using namespace std;




int main()
{

    WSAData wsaData;
	WSAStartup(MAKEWORD(1, 1), &wsaData);

    srand ( time(NULL) );

   while(1)
    {


    u_long nRemoteAddress = inet_addr("127.0.0.1");
    in_addr Address;
    memcpy(&Address, &nRemoteAddress, sizeof(u_long));
       SOCKET sd = socket(AF_INET, SOCK_STREAM, 0);
       sockaddr_in sinRemote;
       sinRemote.sin_family = AF_INET;
       sinRemote.sin_addr.s_addr = nRemoteAddress;
       sinRemote.sin_port = htons(4242);
       connect(sd, (sockaddr*)&sinRemote, sizeof(sockaddr_in));

       for(int i=0; i < rand(); i++)
          send(sd, "", strlen(""), 0);

    shutdown(sd, SD_SEND);
    closesocket(sd);


    }

    WSACleanup();
    return 0;
}




/********************EOF*****************************/
-- 
As soon as men decide that all means are permitted to fight an
evil, then their good becomes indistinguishable from the evil
that they set out to destroy.
                      - Christopher Dawson, The Judgment of Nations

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ