[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] TCP/IP Stack Vulnerability

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] TCP/IP Stack Vulnerability
From: kakou <kakou@xxxxxxxxx>
Date: Mon, 18 Apr 2005 16:22:45 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Idem on a gentoo with 2.6 kernel (I have tested during 10min)

H. S. wrote:

>I have tested this against an unpatched W2K server and a RH 6 box, it
>doesnt slow down any of them; I was using X on the RH6 one and didn't
>notice any slowdowns or the supposed packet flow this should generate.
>
>
>>Fellows,
>>
>>Try this:
>>
>>Linux (Slackware 10):
>>
>>root@ip_fix:/# gcc -D LINUX storm.c -lpcap -o storm
>>
>>BSD systems:
>>
>>root@ip_fix:/# gcc storm.c -lpcap -o storm
>>
>>It should work, anyway Im sending a FreeBSD precompiled version of
>>this exploit and a the C source code as an attachment.
>>
>>bash-2.05b$ uname -a
>>FreeBSD darksun.undernet 5.3-RELEASE FreeBSD 5.3-RELEASE #1: Fri Dec
>>10 15:56:18 BRST 2004
>>root@xxxxxxxxxxxxxxxx:/usr/obj/usr/src/sys/GENERIC i386
>>
>>Best reguards,
>>
>>Diego Casati
>>
>>
>>On 4/18/05, Israel Lopez <israel@xxxxxxxxxxxxx> wrote:
>>

> Hello,
>
> Call me crazy, but when I copied the text out from Mr. Casati's email, I
> had to edit all of the line wraps that (I believed) Thunderbird injected
> into the email. Takes a bit but you'll find them.
>
> If anything I got 'farther' into compiling myself, needed to reflect
> some changes to a new location of a pcap-bpf.h header.
>
> [~/sandbox]# gcc -DLINUX -lpcap storm.c -o storm
> storm.c: In function `PCapHandler':
> storm.c:450: warning: initialization from incompatible pointer type
> /tmp/ccvPmT8m.o(.text+0x3e8): In function `TCPCheckSum':
> : undefined reference to `sizephdr'
> collect2: ld returned 1 exit status
> [~/sandbox]#
>
> Anyone have sucess in testing this out in a sandbox environment?
>
>
> Diego Casati wrote:
>
> >Try this
> > root@ip_fix:~/vortex# gcc -DLINUX storm.c -lpcap -o storm
>
>
>
> >On 4/17/05, H. S. <security@xxxxxxxxxxxxxxxx> wrote:
>
> >>Hey,
> >>
> >>I am having two errors compiling this code. I want to test it on my
>
> LAN,
>
> >>as I have a windows box and several linux ones.
> >>
>
> >>gcc -lpcap tcp-ack.c -o storm
> >>tcp-ack.c: In function `DeletePacket':
> >>tcp-ack.c:350: error: syntax error before "CurrentPacket"
> >>tcp-ack.c: In function `FindPacket':
> >>tcp-ack.c:366: error: invalid lvalue in assignment
> >>tcp-ack.c: In function `PCapHandler':
> >>tcp-ack.c:453: warning: initialization from incompatible pointer type
> >>
> >>I'm trying to compile on a FreeBSD 5.2.1-RELEASE system.
> >>
> >>line 350 reads:
> >> CurrentPacket->NextPacket
> >>CurrentPacket->NextPacket->NextPacket;
> >>
> >>line 366 reads:
> >> if (Source == Packet->Source && Destination
> >>=Packet->Destination && SourcePort == Packet->SourcePort &&
> >>DestinationPort == Packet->DestinationPort)
> >>
> >>What could be the problem?
> >>
> >>Kind Regards
> >>
> >>
> >_______________________________________________
> >Full-Disclosure - We believe in it.
> >Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >Hosted and sponsored by Secunia - http://secunia.com/
>
> --
> ========================> Israel Lopez
> Lead Network Administrator
> OCHosting Inc.
> Office: (949) 388-8637 x.106
> E-Mail: israel@xxxxxxxxxxxxx
> PGPKey: 0xFE8F03DD
> Keyserver: pgp.mit.edu
>

>>_______________________________________________
>>Full-Disclosure - We believe in it.
>>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>Hosted and sponsored by Secunia - http://secunia.com/



>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCY8Kc3RS+hG/PB/URAgWKAKCwW4Gq1xt2gxjBlr9dUVRL/FYNYACdH5vu
GBpzzaZGVTPxkiX5YF5XqEw=
=fJWN
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] TCP/IP Stack Vulnerability
  - From: Diego Casati
- Re: [Full-disclosure] TCP/IP Stack Vulnerability
  - From: Diego Casati
- Re: [Full-disclosure] TCP/IP Stack Vulnerability
  - From: Israel Lopez
- Re: [Full-disclosure] TCP/IP Stack Vulnerability
  - From: Diego Casati
- Re: [Full-disclosure] TCP/IP Stack Vulnerability
  - From: H. S.

Prev by Date: Re: [Full-disclosure] TCP/IP Stack Vulnerability
Next by Date: Re: [Full-disclosure] TCP/IP Stack Vulnerability
Previous by thread: Re: [Full-disclosure] TCP/IP Stack Vulnerability
Next by thread: [Full-disclosure] IIS 6 Remote Buffer Overflow Exploit
Index(es):
- Date
- Thread