Penetration Testing mailing list archives
Re: Bittorrent Data Port Probe
From: John Lampe <jwlampe () tenablesecurity com>
Date: Fri, 24 Aug 2007 17:07:22 -0500
Paul Melson wrote:
I can't seem to recreate this: $ perl -e 'for (my $i=0; $i <= 90; $i++) {print chr(int(rand 255));}' | nc -v localhost 6881 Connection to localhost 6881 port [tcp/*] succeeded! $ perl -e 'for (my $i=0; $i <= 95; $i++) {print chr(int(rand 255));}' | nc -v localhost 6881 Connection to localhost 6881 port [tcp/*] succeeded! $ perl -e 'for (my $i=0; $i <= 96; $i++) {print chr(int(rand 255));}' | nc -v localhost 6881 Connection to localhost 6881 port [tcp/*] succeeded! $ perl -e 'for (my $i=0; $i <= 100; $i++) {print chr(int(rand 255));}' | nc -v localhost 6881 Connection to localhost 6881 port [tcp/*] succeeded! $ perl -e 'for (my $i=0; $i <= 1000; $i++) {print chr(int(rand 255));}' | nc -v localhost 6881 Connection to localhost 6881 port [tcp/*] succeeded! If you care, the client is bittorrent-curses 4.4.0 on OpenBSD (it's what I had quick access to). I haven't tried your nasl code in Nessus, so maybe I'm missing something. But if I understand your previous post, this should elicit some response from a seeding client, and in my case it doesn't.
There's an outside possibility that bittorent-curses for OpenBSD *wasn't* one of the platforms that I tested against. ;-) If it doesn't work from outside localhost, then I'd bet I just happened upon some quirky windows-bittorrent-client thingee... -- John Lampe Senior Security Researcher TENABLE Network Security, Inc. jwlampe@{nessus.org,tenablesecurity.com} Tele: (410) 872-0555 www.tenablesecurity.com Is your network TENABLE? --------------------------------------- ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Bittorrent Data Port Probe Tom Griffin (Aug 21)
- Re: Bittorrent Data Port Probe Paul Melson (Aug 22)
- Re: Bittorrent Data Port Probe Jonathan Yu (Aug 22)
- Re: Bittorrent Data Port Probe John Lampe (Aug 23)
- Re: Bittorrent Data Port Probe p1g (Aug 23)
- RE: Bittorrent Data Port Probe Paul Melson (Aug 24)
- Re: Bittorrent Data Port Probe John Lampe (Aug 24)
- Message not available
- Re: Bittorrent Data Port Probe Paul Melson (Aug 24)
- Re: Bittorrent Data Port Probe Paul Melson (Aug 22)