Full Disclosure mailing list archives

Re: TCP/IP Stack Vulnerability

From: Israel Lopez <israel () ochosting com>
Date: Sun, 17 Apr 2005 20:40:00 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

Call me crazy, but when I copied the text out from Mr. Casati's email, I
had to edit all of the line wraps that (I believed) Thunderbird injected
into the email.  Takes a bit but you'll find them.

If anything I got 'farther' into compiling myself, needed to reflect
some changes to a new location of a pcap-bpf.h header.

[~/sandbox]# gcc -DLINUX -lpcap storm.c -o storm
storm.c: In function `PCapHandler':
storm.c:450: warning: initialization from incompatible pointer type
/tmp/ccvPmT8m.o(.text+0x3e8): In function `TCPCheckSum':
: undefined reference to `sizephdr'
collect2: ld returned 1 exit status
[~/sandbox]#

Anyone have sucess in testing this out in a sandbox environment?


Diego Casati wrote:

Try this 
 root@ip_fix:~/vortex# gcc -DLINUX storm.c -lpcap -o storm 



On 4/17/05, H. S. <security () revolutionsp com> wrote:

Hey,

I am having two errors compiling this code. I want to test it on my LAN,
as I have a windows box and several linux ones.

gcc -lpcap tcp-ack.c -o storm
tcp-ack.c: In function `DeletePacket':
tcp-ack.c:350: error: syntax error before "CurrentPacket"
tcp-ack.c: In function `FindPacket':
tcp-ack.c:366: error: invalid lvalue in assignment
tcp-ack.c: In function `PCapHandler':
tcp-ack.c:453: warning: initialization from incompatible pointer type

I'm trying to compile on a FreeBSD 5.2.1-RELEASE system.

line 350 reads:
                      CurrentPacket->NextPacket
CurrentPacket->NextPacket->NextPacket;

line 366 reads:
          if (Source == Packet->Source && Destination
=Packet->Destination && SourcePort == Packet->SourcePort &&
DestinationPort == Packet->DestinationPort)

What could be the problem?

Kind Regards


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


- --
=========================
Israel Lopez
Lead Network Administrator
OCHosting Inc.
Office: (949) 388-8637 x.106
E-Mail: israel () ochosting com
PGPKey: 0xFE8F03DD
Keyserver: pgp.mit.edu

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)

iD8DBQFCYywQhrlQD/6PA90RAhbNAKCvtt2cM7siWN17q0mbl+bL4rCeKgCfe0en
TtecqDyAZNs4C1V8ldtsLoA=
=u1sU
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

TCP/IP Stack Vulnerability Diego Casati (Apr 16)
- Message not available
  - Re: TCP/IP Stack Vulnerability Diego Casati (Apr 17)
    - Re: TCP/IP Stack Vulnerability Israel Lopez (Apr 17)
    - Re: TCP/IP Stack Vulnerability Diego Casati (Apr 18)
    - Re: TCP/IP Stack Vulnerability H. S. (Apr 18)
    - Re: TCP/IP Stack Vulnerability kakou (Apr 18)
    - Re: TCP/IP Stack Vulnerability Eduardo Tongson (Apr 18)
    - Ok. How do I get off this list? Bill Phu (Apr 18)
    - Re: Ok. How do I get off this list? Valdis . Kletnieks (Apr 18)
    - Re: Ok. How do I get off this list? Bill Phu (Apr 18)
    - Re: Ok. How do I get off this list? KF (lists) (Apr 18)
    - Re: Ok. How do I get off this list? TheGesus (Apr 21)
    - Re: TCP/IP Stack Vulnerability Diego Casati (Apr 18)