Dailydave mailing list archives
DNS and other fun.
From: Dave Aitel <dave () immunityinc com>
Date: Tue, 29 Jul 2008 16:59:51 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 If you're mucking with Marc Bevand's exploit in order to do some speed comparisons you may want to fix this line: (sizeof(buf) is 4 since buf is a pointer, of course). ~ dns_response(buf + IP_HDR_LEN + UDP_HDR_LEN, ~ (unsigned)(IP_LEN_MAX - (IP_HDR_LEN + UDP_HDR_LEN)), <--fixed. We're not using Scapy here, but in Python (and Ruby, I assume?) you don't want to do your creation of packets along-side your sending of packets. You probably want to do something like this: buffers=create_all_data_buffers() for buffer in buffers: ~ raw_sock_send(buffer) I'm not sure how having tcpreplay helps since all your packets are different (via TXID incrementing, which of course means you have to do your UDP checksum over). Is packet-loss the big problem you're seeing? Importing psyco should make your Python code faster as well, although still REALLY slow compared to C (so far in my testing). People say that the public exploits don't work with Bind9 (even unpatched). Go Vixie and Co! :> And in Vegas news: It is true, hackers do get the girls. Just like in the movies. Even more so really, now that the economy is crappier so being able to afford your house payment is uber-sexy... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Immunity is bringing the test, Edgeos <http://www.edgeos.com/> is bringing the Sexy Hacking girls <http://sexyhacking.com>. Rumor has it that certified NOP's might receive invitations to the exclusive and still-secret Sexy Hacking party at Defcon. More details soon! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIj4TFtehAhL0gheoRAoi/AJ42lTry1I1XVmnVp29EQkPf7mHtTwCffOrE Azq4oLsFxjRMJjJqV7kGgXM= =D6uJ -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- DNS and other fun. Dave Aitel (Jul 29)
- Re: DNS and other fun. H D Moore (Jul 29)
- Message not available
- Re: DNS and other fun. H D Moore (Jul 29)
- Re: DNS and other fun. marc_bevand (Jul 29)