| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <31780dafe3452ecbc48da06710c69f86@rhynn.net> Date: Mon, 11 Jul 2011 17:31:10 +0400 From: Kai <kai@...nn.net> To: David <codeinjection@...il.com> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Semi 0day DNS Invalid Compression attack Hi, tested on isc bind 9.7.3, on opensuse 11.4. sent a few packets to myself: --> [1000000]: (127.0.0.1)->(127.0.0.1) --> Done. and named felt beautiful along the test: PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 2844 named 20 0 111m 22m 2456 S 0 0.2 0:00.09 named named -V: BIND 9.7.3 built with '--prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--localstatedir=/var' '--libdir=/usr/lib' '--includedir=/usr/include/bind' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-openssl' '--enable-threads' '--with-libtool' '--enable-runidn' '--with-libxml2' '--with-dlz-mysql' '--with-dlz-ldap' '--with-gssapi' 'CFLAGS=-fomit-frame-pointer -fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -g -fno-strict-aliasing' 'LDFLAGS=-L/usr/lib' you said that packet was like > # 4500 002b 512f 4000 3411 92a9 2989 601e so i've changed packet header to "\x45\x00\x00\x2b\x51\x2f\x40\x00\x34\x11\x92\xa9" and length to "\x00\x4a" (74, right?) but still no look. Any thoughts? -- Cheers, Kai _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists