Bugtraq mailing list archives
Re: DCC HiJacking patch for BitchX 75p1
From: mikey () PHEDZ COM (mikey)
Date: Tue, 22 Dec 1998 18:48:43 -0600
Yes, this might help. But why worry? they would need to port scan, and find the port quicker than the other client can connect. Do you think they can do this all the time? Or Barely ever? So this is not a problem, I don't understand why anyone even got jumpy over it. I could do the same with ftp, ftp opens ports waiting to recieve files. Do you see people making patches for that? On Sun, 18 Oct 1998, Alessio Orlandi wrote:
Hi all, as recently discovered, with a simple port scan you can hijack some of the BitchX dcc connections. This due to the port assigning on the requesting client. Here follows a really short patch that will fix the problem. The problem is here: BitchX when creates a DCC connection (listening socket) uses the functions connect_by_number (defined in network.c file). Passing as port 0 This means that the OS will determine the port. Now.. for mental order.. the ports will be quiet consecutive. Bad.. Bad... So.. let's add a random value to the port returned by the system. All is now fixed. Patch follows ----------------------------------------------------------------------------------------- Regards Alessio "NaiL^d0d@ircnet/ircity" Orlandi Thanks to: hackers@ircity Litos (you one of my best friend), Nervous, awgn (hehe), Lordfelix (salam), Raptor, BlackJam, kasko, antirez and hackers.it@ircnet Soren, NaiF, Bonjo ----------------------------------------------------------------------------------------
Current thread:
- [In]security in USR TotalSwitch Adam Maloney (Dec 15)
- DCC HiJacking patch for BitchX 75p1 Alessio Orlandi (Oct 18)
- Re: DCC HiJacking patch for BitchX 75p1 Andy Dills (Dec 21)
- Re: DCC HiJacking patch for BitchX 75p1 Ben Winslow (Dec 21)
- Re: DCC HiJacking patch for BitchX 75p1 mikey (Dec 22)
- Re: DCC HiJacking patch for BitchX 75p1 YounGoat (Dec 22)
- Re: [In]security in USR TotalSwitch Lou Anschuetz (Dec 21)
- <Possible follow-ups>
- Re: [In]security in USR TotalSwitch Adam Maloney (Dec 21)
- DCC HiJacking patch for BitchX 75p1 Alessio Orlandi (Oct 18)