Vulnerability Development mailing list archives
Re: swbell DSL bug ?
From: vassago999 () HOTMAIL COM (vassago)
Date: Tue, 9 May 2000 00:08:44 -0500
Here is the source to the VB app. ----- Original Message ----- From: Ryan Sweat <h3xm3 () swbell net> To: vassago <vassago999 () HOTMAIL COM> Sent: Monday, May 08, 2000 9:24 PM Subject: Re: swbell DSL bug ?
do you mind sharing the script you wrote for the mac address ? i'd like
to
examine it and test a few things, and basically see how it works. ryan ----- Original Message ----- From: "vassago" <vassago999 () HOTMAIL COM> To: <VULN-DEV () SECURITYFOCUS COM> Sent: Monday, May 08, 2000 6:04 PM Subject: Re: swbell DSL bug ?You do not actually have to change the MAC address of the card. You
could
very easily custom build dhcp requests, with any MAC address specified within the dhcp packet, without ever altering the address on the card.
I
coded a pretty simple app in VB that does just that. It wouldn't be
much
trouble to query other machines for their MAC address, and then use
those
addresses to lease IP addresses. Since the dhcp server would reservethoseIP's to the spoofed MAC addresses of legitimate customers, they probably wouldn't realize there was a problem for a while, unless they sniffed
the
traffic. ----- Original Message ----- From: J . Phillips <jamie.phillips () NS SYMPATICO CA> To: <VULN-DEV () SECURITYFOCUS COM> Sent: Monday, May 08, 2000 7:36 AM Subject: Re: swbell DSL bug ?-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Absolutley, my DSL provider's DHCP will only assign an IP to the MAC address on the NIC they provided, and it is always the same internal IP. There are however ways to change the burned in address, with which you could theoretically borrow someone else's IP on the same subnet, provided they did not have an IP already leased.(or perhaps even if they do??.) Jamie - -----Original Message----- From: VULN-DEV List [mailto:VULN-DEV () SECURITYFOCUS COM]On Behalf Of Seth R Arnold Sent: May 7, 2000 9:57 PM To: VULN-DEV () SECURITYFOCUS COM Subject: Re: swbell DSL bug ? Ryan, that just means they don't keep good enough track of things -- dhcp servers can be configured to assign leases only for certain MACs. * Ryan Sweat <batrox () SWBELL NET> [000507 17:13]:Southwester Bell is a big provider of dsl access in some parts of the US. Dhcp provides an IP address and the lease expires in about 72 hours. They claim the IP cannot be changed, however when playing around last night, I found if you install another ethernet card, and switch the cable to the new card, it happily gives you another IP address. The dhcp server must rely on mac address when providing a lease for an ip. This could pose many problems. How can accounting be kept when a user can change his ip whenever he likes? I have more testing to do, but I do not see why you couldnt install a few nic cards and get ip address for each one, which swbell would like to charge you much more money for. I am looking into a way to change the mac address in windows. I know it can be done in linux through ifconfig. Maybe somone has experience in this ?? batrox () swbell net- -- Seth Arnold | http://www.willamette.edu/~sarnold/ Hate spam? See http://maps.vix.com/rbl/ for help 'Netscape engineers are weenies!' -- Microsoft -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.2 for non-commercial use <http://www.pgp.com> iQA/AwUBORa03tGSUCkLAscrEQIQMACfU6bo3nrovauUJQZhGN1ng/wcndgAn0+9 587Xyuwz7Zn7TvnJAotgyL4s =+yJR -----END PGP SIGNATURE-----
<HR NOSHADE> <UL> <LI>application/x-zip-compressed attachment: dhcpflooder_src.zip </UL>
Current thread:
- Re: swbell DSL bug ? Jeffrey Karpenko (May 08)
- Re: swbell DSL bug ? J . Phillips (May 08)
- <Possible follow-ups>
- Re: swbell DSL bug ? Jeffrey Karpenko (May 08)
- Re: swbell DSL bug ? Miller Scott Contr 30CS/FTI (May 08)
- Re: swbell DSL bug ? vassago (May 08)
- Re: swbell DSL bug ? Myxt (May 08)