Bugtraq mailing list archives
broadcast ip scanning script
From: hyped () ROO UNIXNET ORG (hyped)
Date: Mon, 13 Oct 1997 19:52:25 -0400
T. Freak's posted his smurf code, and there's been a few messages concerning this d.o.s. attack -- I guess now is a good of a time as any to release this little script. I'm sure there's a more efficient way of putting something like this together, but... oh well. Results of the scan are reported into ./bips.results note: this script has two parts. --- bips.sh --- #!/bin/bash # find broadcast ip's that reply with 30+ dupes. # i decided to make this script into two sections. when running this make # sure both parts are in the same directory. if [ $# != 1 ]; then echo "$0 <domain - ie: college.edu>" else host -l $1 | grep 'has address' | cut -d' ' -f4 > $1.ips cat $1.ips | cut -d'.' -f1-3 | sort |\ awk '{ print echo ""$1".255" }' > $1.tmp cat $1.tmp | uniq | awk '{ print "./chekdup.sh "$1"" }' > $1.ping rm -f $1.ips $1.tmp chmod 700 $1.ping ./$1.ping rm $1.ping fi --- chekdup.sh --- #!/bin/bash # this checks possible broadcast ip's for a given amount of icmp echo # replies. ping -c 2 $1 > $1.out if cat $1.out | grep dupl > /dev/null then export DUPES="`cat $1.out | grep dupl | cut -d'+' -f2 | cut -d' ' -f1`" else export DUPES=1 fi if [ $DUPES -gt 30 ]; then echo "$1 had $DUPES dupes" >> bips.results rm -f $1.out else rm -f $1.out fi
Current thread:
- `smurf' multi-broadcast icmp attack T. Freak (Oct 12)
- Re: `smurf' multi-broadcast icmp attack Craig A. Huegen (Oct 13)
- Re: `smurf' multi-broadcast icmp attack Ben (Oct 13)
- broadcast ip scanning script hyped (Oct 13)
- Re: `smurf' multi-broadcast icmp attack Therapy? (Oct 16)
- Re: `smurf' multi-broadcast icmp attack Jon Lewis (Oct 16)
- Update - Seattle Lab Slmail v2.5 for NT vulnerable David LeBlanc (Oct 16)
- wwwcount remote exploit Nicolas Dubee (Oct 16)
- Re: wwwcount remote exploit (@ Solaris) Jan Wedekind (Oct 17)
- Security Hole in Explorer 4.0 Aleph One (Oct 17)
- computer immunology VaX#n8 (Oct 17)
- Jabadoo Security Hack Aleph One (Oct 17)
- WinNT syscalls insecurity Solar Designer (Oct 19)
- Re: WinNT syscalls insecurity Roger Espel Llima (Oct 18)