[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] [CVE-2012-0207] Linux IGMP Remote Denial Of Service



Hi XD,

Am 19. Januar 2012 15:27 schrieb xD 0x41 <secn3t@xxxxxxxxx>:
> Oh and btw, that coding style, just aint you dude... you know,
> everyone has theyre own fingerprint, i find it really hard to think
> that, you just made this mistakes in cksum area,wich was area wich
> actually does the exploiting :P , so why release crap ? why not make

I release it because it worked for me INSIDE TWO VM's, I had no clue about the
checksum error. I didnt cripple it. It worked in my tests because I
bet the vmware
did adjust the checksums to be correct.
Why release that crap? Because I wanted to be the first to release an
exploit for it
for fame and glory and it was coded in a hurry, I was thinking it
actually works (I am doing
more tests now on real hardware so I can be sure)

> it half decent, and as i said, it was not even your coding style so im
> finding this really hard to believe it wwas yours, maybe was modified
> , from many many similars, but, i guess thats normal... you tend to

It is modified code from other coders as stated in the header.

> use perl, and bash alot, within your bash, is the .c, and that is your
> style... like zx2c has, like dan rosenberg and JO, all kep the same
> style, because it is habit for any coder.. you dont just change styles
> this fast, or did you get some realllly good ebooks coz, show me where
> you found so i can catch up to it :P)

I didnt change my coding style, it was just done in a hurry so Dan or
Jon wouldnt beat me on that BWHAHAHA.

> Love you long time pal, but, find this one abit shitty, and, i do like
> everything in past, your codes going back to you know when, but this
> is bs, and if you were gonna rls it, you shulda fucked with the
> numbers maybe, but, let it fkn run, it was made as poc for lan test
> right, so why cripple it, thats just silly... thats why i attack it,
> and, i dont really care a shit who coded it, but, i doubt it was
> anyone in that code.

You can attack it its your opinion and thats totally fine. I didnt
cripple the code
actually.

> have a good day and, no offence over this but, it just shits me when
> people, who know better, go out of theyre way and release publically,
> shit wich is fucked up and, in this case, would waste a persons time,
> and, you even put tested on, and, now, how would it be tested with
> that cksum, please explain that then, your saying you dont have time
> but stop bullshit man, you crippled it, just fkn admit it, it could
> NOT work setup, without the damn cksum, as it was part of sento! how
> could this, be any use, even with the settings back to old, without my
> edit.... you show me one fucking real test, i mean, compile the code,
> infront of people, then go make your fYT vids, seriously, I have told
> Jon Oberheldie this, and others, str8 up, if you release crippled
> shit, your as shit as what you cripple mate.

You forget about all the codes I rlsed before. As I said this was done
in a hurry. You had a look at roaring beast ? How can you tell me I send
crippled codes out? Buddy I m human too and do mistakes.

> thats just my point of view and really, this is d0s, wich, i dont care
> for..im saying, you dont see AB release some fucked up exploit every

AB? whos that ?

> 2months, and makeSURE it dont work , you dont see anyone release shit
> like this anymore with such blatant errors, its just shitty, luckily i
> nano'd it, yea, i like nano ok, or i would have wasted time

wtf ? come on.. nano.. this is getting silly

> kcope...its just that simple, and no offences atall, i was able to
> spot this, but, do not sit there, telling me and everyone else, that
> it was working, tested... coz, we both know that was NOT the same code
> released, you cannot deny the code.... simple.
> you screwed this one up. go back to exploiting :P itsd better and your
> better at it! :P

As I said I tested it with two VMS in a testbed and both Ubuntu and
OpenSUSE crashed
instantly.

> I like your shit, but, i realllllly prefer, when kxcope, is thinking
> of b0f and new methods etc, like i know the one from 2009 did, and
> found the biggest remote hole ever,and you even released this , and
> people can hate you and whatever but there is no denying it, your damn
> skilled, so im just saying, i dont like crippled work, nowdays, and
> when it is released with a mark of approval, from someone i trust.

Its 2011 and I found a bug in FreeBSD ftpd. Which is better than ProFTPD coz
it rocks, have you ever seen a bug in FreeBSD ftpd since ~10 years ?

> this is private, and, stays here but, this is why i attacked you dude,
> and, nothing bad about it, it stays here, and, thats it... i wont say
> shit, i have said what i wanted, your a nice guy, i like you, so,
> thats all, i just dont want to see you ending up like them other fags,
> they have 0 respect UG... you do atleast have that... fuck fd lists
> respect... but still, you just had to leave out that line 'tested' ;)

I like the public scene more than the dark one.

> ok, sorry for any confusion etc but, thats all i think and, i want you
> to know exactly what i think, and know i am not being mean atall...
> and apologise for even puttingthat retort onto fd..i should have just
OMG how the ***** you have time to write me so long lines ?

> pmd you, but i loose sight of your nickname sometimes...anyhow... i
> hope your not offended but, i did not try to offend you atall, i just
> found it really weird that yopu released that and, it was shitty
> lol... lan d0s :P i mean, we could have lan PARTY now, we could all
> get drunk and crunk but, not lan-d0s :P

HEHE, I want to see the CCC Hackerspace got hit by that.

> hehe, tcare man, i fucking find you one of my inspirations and why i
> get up everyday, is to greet the people, who have some repspect in
> them, i will makesure also the post goes only for regged members or
> sumthin also, just to make it abit harder i guess for ppl to look
> at...fkit.. i should not have even bothered saying shit but, i love
> packets :P

I have respect of you too. But next time please dont rls my FreeBSD locals
on pastebin.

> i just do, and, i added the other codes, so anyone could modify the
> other codes, or port it to windows... and, nothing more... it is only
> a frag adding app, and shows basic socket use... nothing more... so,
> it was basically, an adon, to your tool, it would be nice to do a test
> with fragging.. anyhow, i might do that myself...see howfar this bug
> can be pushed... take care man, i hope your cool , take it easy and
> speak to you soon
> drew

Ok good, so your code works actually? Over the internet ............
This is an exercise for the interested reader.

Regards,

Kingcope

>
> On 20 January 2012 00:28, HI-TECH .
> <isowarez.isowarez.isowarez@xxxxxxxxxxxxxx> wrote:
>> Hello xD,
>> sorry I don't understand a word you are talking about.
>> To put everything together about what you were ranting would take too
>> much time for me.
>> Did I offend you in any way ?
>> It's just a PoC for people to test their systems nothing else...
>> I cannot check each every system if it works, I just checked two boxes
>> and thats enough for me.
>>
>> Regards,
>>
>> Kc
>>
>> Am 19. Januar 2012 04:56 schrieb xD 0x41 <secn3t@xxxxxxxxx>:
>>> Now, heres the one wich works, without in_chksum bug ;)
>>>
>>> http://pastebin.com/x1ShKAUT
>>>
>>> now, sorry but,  had to try it remotely, sheesh, and, you dont
>>> cripple, code of old bugs and, half of this code is from an old bug
>>> anyhow, so why the heck not leave it... i guess now your starting to
>>> look like Jon Oberheldie the king of fucked up cripples... lol...
>>> ewnjoy folks. this version, may even work! omg isnt this amazing!!
>>> XD says to FD a BIG FUCKS YOU ,well cept kcope and few other decent
>>> guys like me :P ,and nme, and tropic and well, #Haxnet :)
>>> now go fucking shoot yourselves away with your newbie working
>>> undeadattack.. dont know why someone did not inform me they would
>>> cripple it, and maybe forward a copy to me but, now this file, goes
>>> where the rest go, to the shame files...
>>>
>>>
>>>
>>>
>>>
>>> On 18 January 2012 08:11, HI-TECH .
>>> <isowarez.isowarez.isowarez@xxxxxxxxxxxxxx> wrote:
>>>> Demonstration of the Exploit:
>>>> http://www.youtube.com/watch?v=78nAxh70yZE (thanks ClsHack)
>>>>
>>>> see attached content
>>>>
>>>> /Kingcope
>>>>
>>>> _______________________________________________
>>>> Full-Disclosure - We believe in it.
>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/