Full Disclosure mailing list archives
Re: TCP/IP Stack Vulnerability
From: "H. S." <security () revolutionsp com>
Date: Mon, 18 Apr 2005 09:03:38 -0500 (CDT)
I have tested this against an unpatched W2K server and a RH 6 box, it doesnt slow down any of them; I was using X on the RH6 one and didn't notice any slowdowns or the supposed packet flow this should generate.
Fellows, Try this: Linux (Slackware 10): root@ip_fix:/# gcc -D LINUX storm.c -lpcap -o storm BSD systems: root@ip_fix:/# gcc storm.c -lpcap -o storm It should work, anyway Im sending a FreeBSD precompiled version of this exploit and a the C source code as an attachment. bash-2.05b$ uname -a FreeBSD darksun.undernet 5.3-RELEASE FreeBSD 5.3-RELEASE #1: Fri Dec 10 15:56:18 BRST 2004 root@darksun.undernet:/usr/obj/usr/src/sys/GENERIC i386 Best reguards, Diego Casati On 4/18/05, Israel Lopez <israel () ochosting com> wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, Call me crazy, but when I copied the text out from Mr. Casati's email, I had to edit all of the line wraps that (I believed) Thunderbird injected into the email. Takes a bit but you'll find them. If anything I got 'farther' into compiling myself, needed to reflect some changes to a new location of a pcap-bpf.h header. [~/sandbox]# gcc -DLINUX -lpcap storm.c -o storm storm.c: In function `PCapHandler': storm.c:450: warning: initialization from incompatible pointer type /tmp/ccvPmT8m.o(.text+0x3e8): In function `TCPCheckSum': : undefined reference to `sizephdr' collect2: ld returned 1 exit status [~/sandbox]# Anyone have sucess in testing this out in a sandbox environment? Diego Casati wrote:Try this root@ip_fix:~/vortex# gcc -DLINUX storm.c -lpcap -o storm On 4/17/05, H. S. <security () revolutionsp com> wrote:Hey, I am having two errors compiling this code. I want to test it on myLAN,as I have a windows box and several linux ones.gcc -lpcap tcp-ack.c -o storm tcp-ack.c: In function `DeletePacket': tcp-ack.c:350: error: syntax error before "CurrentPacket" tcp-ack.c: In function `FindPacket': tcp-ack.c:366: error: invalid lvalue in assignment tcp-ack.c: In function `PCapHandler': tcp-ack.c:453: warning: initialization from incompatible pointer type I'm trying to compile on a FreeBSD 5.2.1-RELEASE system. line 350 reads: CurrentPacket->NextPacket CurrentPacket->NextPacket->NextPacket; line 366 reads: if (Source == Packet->Source && Destination =Packet->Destination && SourcePort == Packet->SourcePort && DestinationPort == Packet->DestinationPort) What could be the problem? Kind Regards_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/- -- ========================> Israel Lopez Lead Network Administrator OCHosting Inc. Office: (949) 388-8637 x.106 E-Mail: israel () ochosting com PGPKey: 0xFE8F03DD Keyserver: pgp.mit.edu -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (MingW32) iD8DBQFCYywQhrlQD/6PA90RAhbNAKCvtt2cM7siWN17q0mbl+bL4rCeKgCfe0en TtecqDyAZNs4C1V8ldtsLoA> =u1sU -----END PGP SIGNATURE-----_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- TCP/IP Stack Vulnerability Diego Casati (Apr 16)
- Message not available
- Re: TCP/IP Stack Vulnerability Diego Casati (Apr 17)
- Re: TCP/IP Stack Vulnerability Israel Lopez (Apr 17)
- Re: TCP/IP Stack Vulnerability Diego Casati (Apr 18)
- Re: TCP/IP Stack Vulnerability H. S. (Apr 18)
- Re: TCP/IP Stack Vulnerability kakou (Apr 18)
- Re: TCP/IP Stack Vulnerability Eduardo Tongson (Apr 18)
- Ok. How do I get off this list? Bill Phu (Apr 18)
- Re: Ok. How do I get off this list? Valdis . Kletnieks (Apr 18)
- Re: Ok. How do I get off this list? Bill Phu (Apr 18)
- Re: Ok. How do I get off this list? KF (lists) (Apr 18)
- Re: TCP/IP Stack Vulnerability Diego Casati (Apr 17)
- Message not available
- Re: Ok. How do I get off this list? TheGesus (Apr 21)
- Re: TCP/IP Stack Vulnerability Diego Casati (Apr 18)