Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: TCP/IP Stack Vulnerability

From: kakou <kakou () kakou org>
Date: Mon, 18 Apr 2005 16:22:45 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Idem on a gentoo with 2.6 kernel (I have tested during 10min)

H. S. wrote:


I have tested this against an unpatched W2K server and a RH 6 box, it
doesnt slow down any of them; I was using X on the RH6 one and didn't
notice any slowdowns or the supposed packet flow this should generate.



Fellows,

Try this:

Linux (Slackware 10):

root@ip_fix:/# gcc -D LINUX storm.c -lpcap -o storm

BSD systems:

root@ip_fix:/# gcc storm.c -lpcap -o storm

It should work, anyway Im sending a FreeBSD precompiled version of
this exploit and a the C source code as an attachment.

bash-2.05b$ uname -a
FreeBSD darksun.undernet 5.3-RELEASE FreeBSD 5.3-RELEASE #1: Fri Dec
10 15:56:18 BRST 2004
root@darksun.undernet:/usr/obj/usr/src/sys/GENERIC i386

Best reguards,

Diego Casati


On 4/18/05, Israel Lopez <israel () ochosting com> wrote:




Hello,

Call me crazy, but when I copied the text out from Mr. Casati's email, I
had to edit all of the line wraps that (I believed) Thunderbird injected
into the email. Takes a bit but you'll find them.

If anything I got 'farther' into compiling myself, needed to reflect
some changes to a new location of a pcap-bpf.h header.

[~/sandbox]# gcc -DLINUX -lpcap storm.c -o storm
storm.c: In function `PCapHandler':
storm.c:450: warning: initialization from incompatible pointer type
/tmp/ccvPmT8m.o(.text+0x3e8): In function `TCPCheckSum':
: undefined reference to `sizephdr'
collect2: ld returned 1 exit status
[~/sandbox]#

Anyone have sucess in testing this out in a sandbox environment?


Diego Casati wrote:


Try this
root@ip_fix:~/vortex# gcc -DLINUX storm.c -lpcap -o storm





On 4/17/05, H. S. <security () revolutionsp com> wrote:



Hey,

I am having two errors compiling this code. I want to test it on my


LAN,


as I have a windows box and several linux ones.




gcc -lpcap tcp-ack.c -o storm
tcp-ack.c: In function `DeletePacket':
tcp-ack.c:350: error: syntax error before "CurrentPacket"
tcp-ack.c: In function `FindPacket':
tcp-ack.c:366: error: invalid lvalue in assignment
tcp-ack.c: In function `PCapHandler':
tcp-ack.c:453: warning: initialization from incompatible pointer type

I'm trying to compile on a FreeBSD 5.2.1-RELEASE system.

line 350 reads:
CurrentPacket->NextPacket
CurrentPacket->NextPacket->NextPacket;

line 366 reads:
if (Source == Packet->Source && Destination
=Packet->Destination && SourcePort == Packet->SourcePort &&
DestinationPort == Packet->DestinationPort)

What could be the problem?

Kind Regards



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


--
========================> Israel Lopez
Lead Network Administrator
OCHosting Inc.
Office: (949) 388-8637 x.106
E-Mail: israel () ochosting com
PGPKey: 0xFE8F03DD
Keyserver: pgp.mit.edu




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/





_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCY8Kc3RS+hG/PB/URAgWKAKCwW4Gq1xt2gxjBlr9dUVRL/FYNYACdH5vu
GBpzzaZGVTPxkiX5YF5XqEw=
=fJWN
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: