|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Mail Server testing
From: Nicolas Gregoire (ngregoire
exaprobe.com)
Date: Tue May 13 2003 - 01:35:25 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, 2003-05-12 at 05:39, persame.net wrote:
> * Zip-Of-Death. Make one huge (a couple of gigabytes) file and fill it with
> homogenous data, for instance only the character "a". Zip it. This will
> construct of a file that says "this files contains of 10(8) a:s" that is very
> small. Most modern mail content systems handles this today, some older might
> not.
You should give a look to a file known as 42.zip :
http://www.securityfocus.com/bid/3027/exploit/
"42.zip: ZIP archive, 42K, composed of nested zips (nested 6 levels
deep, each level 17 wide) - produces a file 4GB in size and will
reportedly crash 'most email virus checkers'"
Regards,
--
Nicolas Gregoire ----- Consultant en Sécurité des Systèmes d'Information
ngregoireexaprobe.com ------[ ExaProbe ]------ http://www.exaprobe.com/
PGP KeyID:CA61B44F FingerPrint:1CC647FF1A55664BA2D2AFDACA6A21DACA61B44F
---------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does.
Plug your security holes.
Download a free 15-day trial of VAM:
http://www.securityfocus.com/StillSecure-pen-test
----------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]