If you read the telnet protocol's RFC you might see where they mention how FF is a control character of some sort, or something. So to send one \xFF you need to escape it with another \xFF, which is being automatically done for you. Try sending your requests raw rather than through a telnet protocol handler. Dave Aitel Recruitment and Training Immunity, Inc. http://www.immunitysec.com/CANVAS/ "Hack like you were in the movies." On Sun, 23 Mar 2003 11:36:34 -0000 "Gary O'leary-Steele" <garyo@sec-1.com> wrote: > Hello all, > > I am coding an exploit using perl. The exploit needs to send each byte > individually instead of a large string to get round some trivial > bounds checking. > > use Net::Telnet (); > $t->open(Host=> $host, > Port => $port, > Errmode => $mode, > Timeout => $secs,); > $t ->put("\xFF"); > > > > However when I send \xFF bytes they get doubled up. > > Any ideas? > > Regards, > Gary > > > --------------------------------------------------------------------- > ------- Did you know that you have VNC running on your network? > Your hacker does. Plug your security holes now! > Download a free 15-day trial of VAM: > http://www2.stillsecure.com/download/sf_vuln_list.html > > top spam and e-mail risk at the gateway. SurfControl E-mail Filter puts the brakes on spam & viruses and gives you the reports to prove it. See exactly how much junk never even makes it in the door. Free 30-day trial: http://www.surfcontrol.com/go/zsfptl1
This archive was generated by hypermail 2b30 : Mon Mar 24 2003 - 11:01:36 PST