Vulnerability Development mailing list archives
Re: Asterisk ignoring replayed libpcap sessions
From: Blue Boar <BlueBoar () thievco com>
Date: Thu, 02 Nov 2006 11:46:45 -0800
If you originally thought that a simple TCP replay, with sequence and port numbers fixed up, would always work, consider this:
-Client connects -Server says "Say 3" -Client says "3" -connection continues. So you replay that. This time: -Server says "Say 5" -replayed Client says "3" -Server disconnects.In many cases, a replayer that doesn't understand the application protocol will fail.
Now extend that to a TCP connection that does an encryption setup with a challenge-response.
BB
Current thread:
- Re: Asterisk ignoring replayed libpcap sessions Stefano Zanero (Nov 01)
- Re: Asterisk ignoring replayed libpcap sessions nnp (Nov 01)
- Re: Asterisk ignoring replayed libpcap sessions Stefano Zanero (Nov 01)
- Re: Asterisk ignoring replayed libpcap sessions nnp (Nov 01)
- Re: Asterisk ignoring replayed libpcap sessions Matthew Franz (Nov 02)
- Re: Asterisk ignoring replayed libpcap sessions Blue Boar (Nov 02)
- Re: Asterisk ignoring replayed libpcap sessions Stefano Zanero (Nov 01)
- Re: Asterisk ignoring replayed libpcap sessions nnp (Nov 01)
- Re: Asterisk ignoring replayed libpcap sessions nnp (Nov 01)
- <Possible follow-ups>
- Re: Asterisk ignoring replayed libpcap sessions Pravin (Nov 01)
- Re: Asterisk ignoring replayed libpcap sessions Aaron Turner (Nov 01)