First of all: The DoS WORKS. Tod Sambar himself tested it and found his server vulnerable. But: You´re right Steve! > > print $remote "GET " . "X" x 99999999999999999999 . " HTTP/1.0\n\n"; Ther are too many 9s. My Perl (v.5005_02 running an Linux 2.2.12) only prints a "GET<space><space>HTTP/1.0" as well. If you use a few 9s less, you´ll get a "Out of memory". I´m really sorry about this, but I´m not an experienced programmer and it was late at night when threw this together. > I conclude that the script as posted will not DoS the server even if > it is vulnerable, unless a simple "GET HTTP/1.0" triggers the DoS. Well, it WILL DoS the server, but due to the lack of an Windows box I can´t say if there have to be two <space>s or one is enough. > I suggest that until the nature of the DoS is clarified anyone using > the script to test their own server should try it as-is, then try it > with fewer 9s (probably 9999 or 99999, maybe more if it's a resource > exhaustion DoS). No, that definetly does NOT work. Thanks to Steve for reporting this. My failure. Please note that the version on http://www.sambar.com is STILL vulnerable and there has been NO security advise by Tod Sambar! \---------------------[ Dennis Conrad ]-----------------\ \-------------------[ conrad.dat_private ]-----------------\ \---------[ http://www.linuxstart.com/~dennis ]---------\
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:07:07 PDT