Full Disclosure mailing list archives
Re: Microsoft Windows and *nix Telnet Port Number Argument Obfuscation
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Fri, 10 Jun 2005 03:02:01 +1200
Kristian Hermansen wrote:
This has been known since Adam was a cowboy.Although I don't believe that your claim is unlikely, it would have been nice to post a link to the original discovery to back it up. ...
It was never "originally discovered". All manner of commandline parsing of text to numbers has been doing this in many places for quite some time. I did not post a URL to back it up as I have no idea where I first came across this and it was so long ago that the odds of that source still being available to cite are probably pretty low and I have better things to do with my time.
... Everyone that I have showed this to, personally, has not seen it before. ...
Maybe that says that something about the "everyones" you know, rather than saying anything about this minor factoid?
... And, after some google searching, I could not locate anyone else either that talked about this -- the closest thing was an old Microsoft telnet advisory that didn't mention this behavior specifically.
I just did a few minutes Googling onlikely phrases and turned up hundreds of hits. Haven't got time to wade through them to find which are most relevant, but it seems many people have come across similar issues in commandline parsing code "wrapping" when they parse strings representing values larger than 65535 that are supposed to be unsigned 16-bit integers and many of those are in the context of specifying port numbers for TCP/IP networking.
With that said, I would like to ask anyone who has info about the original discovery to please post it here (Nick didn't respond to my email). ...
Sorry -- been busy but I intended to (I'll write separately and explain those idiomatic and possibly anachronistic expressions you couldn't parse...).
... I am interested to know more about it, and maybe the original discoverer found other things as well...thanks
This stuff goes back to the ark -- I doubt those guys give a toss about this list and what is discussed here... Regards, Nick FitzGerald _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Microsoft Windows and *nix Telnet Port Number Argument Obfuscation Kristian Hermansen (Jun 07)
- Re: Microsoft Windows and *nix Telnet Port Number Argument Obfuscation Nick FitzGerald (Jun 07)
- Re: Microsoft Windows and *nix Telnet Port Number Argument Obfuscation Andrew Haninger (Jun 08)
- RE: Microsoft Windows and *nix Telnet Port NumberArgument Obfuscation Arjan van der Velde (Jun 08)
- Re: Microsoft Windows and *nix Telnet Port NumberArgument Obfuscation Raghu Chinthoju (Jun 08)
- Re: Microsoft Windows and *nix Telnet Port Number Argument Obfuscation Andrew Haninger (Jun 08)
- Re: Microsoft Windows and *nix Telnet Port Number Argument Obfuscation Stan Bubrouski (Jun 09)
- Re: Microsoft Windows and *nix Telnet Port Number Argument Obfuscation Kristian Hermansen (Jun 09)
- Re: Microsoft Windows and *nix Telnet Port Number Argument Obfuscation Nick FitzGerald (Jun 09)
- Re: Microsoft Windows and *nix Telnet PortNumber Argument Obfuscation Etaoin Shrdlu (Jun 09)
- Re: Microsoft Windows and *nix Telnet PortNumber Argument Obfuscation Kristian Hermansen (Jun 09)
- Re: Microsoft Windows and *nix Telnet PortNumber Argument Obfuscation Chris Umphress (Jun 11)
- Re: Microsoft Windows and *nix Telnet Port Number Argument Obfuscation Nick FitzGerald (Jun 07)
- Re: Microsoft Windows and *nix Telnet Port Number Argument Obfuscation Devdas Bhagat (Jun 11)