Dailydave mailing list archives

DNS and other fun.

From: Dave Aitel <dave () immunityinc com>
Date: Tue, 29 Jul 2008 16:59:51 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


If you're mucking with Marc Bevand's exploit in order to do some speed 
comparisons you may want to fix this line:
(sizeof(buf) is 4 since buf is a pointer, of course).

~   dns_response(buf + IP_HDR_LEN + UDP_HDR_LEN,
~         (unsigned)(IP_LEN_MAX - (IP_HDR_LEN + UDP_HDR_LEN)), <--fixed.

We're not using Scapy here, but in Python (and Ruby, I assume?) you 
don't want to do your creation of packets along-side your sending of 
packets. You probably want to do something like this:

buffers=create_all_data_buffers()
for buffer in buffers:
~   raw_sock_send(buffer)

I'm not sure how having tcpreplay helps since all your packets are 
different (via TXID incrementing, which of course means you have to do 
your UDP checksum over). Is packet-loss the big problem you're seeing? 
Importing psyco should make your Python code faster as well, although 
still REALLY slow compared to C (so far in my testing). People say that 
the public exploits don't work with Bind9 (even unpatched). Go Vixie and 
Co! :>

And in Vegas news:
It is true, hackers do get the girls. Just like in the movies. Even more
so really, now that the economy is crappier so being able to afford your
house payment is uber-sexy...

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Immunity is bringing the test, Edgeos <http://www.edgeos.com/> is
bringing the Sexy Hacking girls <http://sexyhacking.com>. Rumor has it
that certified NOP's might receive invitations to the exclusive and
still-secret Sexy Hacking party at Defcon. More details soon!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

- -dave
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIj4TFtehAhL0gheoRAoi/AJ42lTry1I1XVmnVp29EQkPf7mHtTwCffOrE
Azq4oLsFxjRMJjJqV7kGgXM=
=D6uJ
-----END PGP SIGNATURE-----

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

DNS and other fun. Dave Aitel (Jul 29)
- Re: DNS and other fun. H D Moore (Jul 29)
- Message not available
  - Re: DNS and other fun. H D Moore (Jul 29)
- Re: DNS and other fun. marc_bevand (Jul 29)