Re: Bittorrent Data Port Probe

Paul Melson wrote:


I can't seem to recreate this:

$ perl -e 'for (my $i=0; $i <= 90; $i++) {print chr(int(rand 255));}' | nc
-v localhost 6881
Connection to localhost 6881 port [tcp/*] succeeded!
$ perl -e 'for (my $i=0; $i <= 95; $i++) {print chr(int(rand 255));}' | nc
-v localhost 6881
Connection to localhost 6881 port [tcp/*] succeeded!
$ perl -e 'for (my $i=0; $i <= 96; $i++) {print chr(int(rand 255));}' | nc
-v localhost 6881
Connection to localhost 6881 port [tcp/*] succeeded!
$ perl -e 'for (my $i=0; $i <= 100; $i++) {print chr(int(rand 255));}' | nc
-v localhost 6881
Connection to localhost 6881 port [tcp/*] succeeded!
$ perl -e 'for (my $i=0; $i <= 1000; $i++) {print chr(int(rand 255));}' | nc
-v localhost 6881
Connection to localhost 6881 port [tcp/*] succeeded!

If you care, the client is bittorrent-curses 4.4.0 on OpenBSD (it's what I
had quick access to). I haven't tried your nasl code in Nessus, so maybe
I'm missing something. But if I understand your previous post, this should
elicit some response from a seeding client, and in my case it doesn't.



There's an outside possibility that bittorent-curses for OpenBSD
*wasn't* one of the platforms that I tested against. ;-)

If it doesn't work from outside localhost, then I'd bet I just happened
upon some quirky windows-bittorrent-client thingee...

--
John Lampe
Senior Security Researcher
TENABLE Network Security, Inc.
jwlampe@{nessus.org,tenablesecurity.com}
Tele: (410) 872-0555
www.tenablesecurity.com

Is your network TENABLE?
---------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Relevant Pages

  • Xdm and the XDMPC CHooser.. How?
    ... I have one machine that has an X server. ... I would like to have XDM throw up a chooser menu that contains all 5 ... examples with 1 possible client machine and one Xserver machine ... CHOOSER localhost client ...
    (freebsd-questions)
  • Re: 127.0.0.1/localhost in ActiveSync, Windows Mobile 5
    ... The actual exchange server name should be entered in the activesync client, ... workaround is to use 'localhost' in web browser and mail client. ...
    (microsoft.public.pocketpc.developer)
  • Re: Web session come from IP 127.0.0.1 ???
    ... you have a browser open at the ISA and it's configured to use either "localhost" or "127.0.0.1" in the proxy settings ... In ISA session monitor, I saw Web session come from IP ... I think that some client use firewall-pass- ...
    (microsoft.public.isa)
  • Re: how to allow read/write socket only from localhost?
    ... InetAddress.getHostnameis not "localhost" sometimes, ... non-local clients from connecting in the first place. ... Just specify the localhost address when you create the ServerSocket. ... Is that saying the client must have a local address that is the same ...
    (comp.lang.java.programmer)
  • Re: In C# ein Array aus PHP Skript empfangen
    ... Leider kann man nur von Localhost auf die Datenbank zugreifen und der C# ... Client ist natürlich nicht localhost:) ... Ich werde mich mal mit der XML Möglichkeit befassen und schauen wie das so ...
    (microsoft.public.de.german.entwickler.dotnet.csharp)