Home page logo
/

bugtraq logo Bugtraq mailing list archives

BIND ID Brute Force Fix
From: vermont () gate net (Illuminati Primus)
Date: Sun, 27 Apr 1997 04:13:03 -0400


  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.
  Send mail to mime () docserver cac washington edu for more info.

---941424629-1004745063-862128783=:38774
Content-Type: TEXT/PLAIN; charset=US-ASCII


Here is a patch I hacked together to deal with an ID brute force attempt.
The patch is against a clean BIND 8.1-T2B without any other patches.
I just finished compiling this (and I must say the BIND source was very
nicely made), but havent tried testing it AT ALL.. So if it results in
your house blowing up and becoming a gateway for the Spawn of Hell, dont
blame me.  Besides, the sun is going to rise in a few hours and all I had
to eat were some chocolate cookies.

-vermont () gate net, aspiring mongoloid programmer

PD
Shameless plug: would like a decent internet security related job.. Young
and willing to learn

---941424629-1004745063-862128783=:38774
Content-Type: TEXT/PLAIN; charset=US-ASCII; name="anti-brute.patch"
Content-Transfer-Encoding: BASE64
Content-ID: <Pine.A32.3.93.970427041303.38774P () inca gate net>
Content-Description: An evil mime attachment

ZGlmZiAtdSAuLi9vbGQtbmFtZWQvbnNfZm9ydy5jIC4vbnNfZm9ydy5jDQot
LS0gLi4vb2xkLW5hbWVkL25zX2ZvcncuYwlXZWQgSmFuIDI5IDA0OjAxOjQ5
IDE5OTcNCisrKyAuL25zX2ZvcncuYwlTdW4gQXByIDI3IDAzOjQyOjM2IDE5
OTcNCkBAIC0xMDA1LDYgKzEwMDUsMTkgQEANCiB9DQogDQogc3RydWN0IHFp
bmZvICoNCitxYXBwcm94ZnJvbShzdHJ1Y3QgaW5fYWRkciBhZGRyZXNzKSB7
DQorCXN0cnVjdCBxaW5mbyAqcXA7DQorDQorCWZvciAocXAgPSBuc3FoZWFk
OyBxcCAhPSBOVUxMOyBxcCA9IHFwLT5xX2xpbmspDQorCQlpZiAoaW5hX2Vx
dWFsKHFwLT5xX2FkZHJbcXAtPnFfY3VyYWRkcl0ubnNfYWRkci5zaW5fYWRk
ciwNCisJCQlhZGRyZXNzKSkNCisJCQlicmVhazsNCisJbnNfZGVidWcobnNf
bG9nX2RlZmF1bHQsIDMsICJxYXBwcm94ZnJvbSglcykgLT4gJSNseCIsDQor
CQkgaW5ldF9udG9hKGFkZHJlc3MpLCAodV9sb25nKXFwKTsNCisJcmV0dXJu
IChxcCk7DQorfQ0KKw0KK3N0cnVjdCBxaW5mbyAqDQogcW5ldyhjb25zdCBj
aGFyICpuYW1lLCBpbnQgY2xhc3MsIGludCB0eXBlKSB7DQogCXN0cnVjdCBx
aW5mbyAqcXA7DQogDQpkaWZmIC11IC4uL29sZC1uYW1lZC9uc19mdW5jLmgg
Li9uc19mdW5jLmgNCi0tLSAuLi9vbGQtbmFtZWQvbnNfZnVuYy5oCVRodSBK
YW4gMzAgMTQ6MTI6NDIgMTk5Nw0KKysrIC4vbnNfZnVuYy5oCVN1biBBcHIg
MjcgMDM6NDk6NTYgMTk5Nw0KQEAgLTE3NCw2ICsxNzQsNyBAQA0KICAgICAg
ICAgICAgICAgICAgICAgICAgIG5zZnJlZShzdHJ1Y3QgcWluZm8gKiwgY2hh
ciAqKSwNCiAJCQlxZnJlZShzdHJ1Y3QgcWluZm8gKik7DQogZXh0ZXJuIHN0
cnVjdCBxaW5mbwkqcWZpbmRpZCh1X2ludDE2X3QpLA0KKwkJCSpxYXBwcm94
ZnJvbShzdHJ1Y3QgaW5fYWRkciksDQogCQkJKnFuZXcoY29uc3QgY2hhciAq
LCBpbnQsIGludCk7DQogLyogLS1mcm9tIG5zX2ZvcncuYy0tICovDQogDQpk
aWZmIC11IC4uL29sZC1uYW1lZC9uc19yZXNwLmMgLi9uc19yZXNwLmMNCi0t
LSAuLi9vbGQtbmFtZWQvbnNfcmVzcC5jCVRodSBKYW4gMzAgMTQ6MTI6NDQg
MTk5Nw0KKysrIC4vbnNfcmVzcC5jCVN1biBBcHIgMjcgMDQ6MDU6NTAgMTk5
Nw0KQEAgLTI3NCwxNSArMjc0LDQ2IEBADQogCXN0cnVjdCBmd2RpbmZvICpm
d2Q7DQogCXN0cnVjdCBkYXRhYnVmICpkcDsNCiAJaW50IGZvcmNlY21zZyA9
IDA7DQorCXN0YXRpYyBpbnQgc3Bvb2ZzID0gMDsgLyogTnVtYmVyIG9mIHNw
b29mcyB3ZSByZWNlaXZlICovDQogDQogCW5hbWVzZXJJbmNyKGZyb20uc2lu
X2FkZHIsIG5zc1JjdmRSKTsNCiAJbnNwWzBdID0gTlVMTDsNCiAJaHAgPSAo
SEVBREVSICopIG1zZzsNCiAJaWYgKChxcCA9IHFmaW5kaWQoaHAtPmlkKSkg
PT0gTlVMTCApIHsNCi0JCW5zX2RlYnVnKG5zX2xvZ19kZWZhdWx0LCAxLCAi
RFVQPyBkcm9wcGVkIChpZCAlZCkiLA0KLQkJCSBudG9ocyhocC0+aWQpKTsN
Ci0JCW5hbWVzZXJJbmNyKGZyb20uc2luX2FkZHIsIG5zc1JjdmREdXBSKTsN
Ci0JCXJldHVybjsNCisJCS8qIA0KKwkJICogRml4IHRvIHJlY29nbml6ZSBh
IGJydXRlIGZvcmNlIGF0dGVtcHQgYW5kIHJlc29ydCB0bw0KKwkJICogVENQ
IHF1ZXJpZXMgd2hlbiBkaXNjb3ZlcmVkLiAgSWYgdGhhdCBmYWlscywgaXQg
cmVtb3Zlcw0KKwkJICogdGhlIHJlcXVlc3QgdGhhdCB0aGUgYXR0YWNrZXIg
aXMgdHJ5aW5nIHRvIGZvcmdlIGFuDQorCQkgKiBhbnN3ZXIgdG8gc28gdGhh
dCBmdXJ0aGVyIGF0dGVtcHRzIHdpbGwgZmFsbCBvbiBkZWFmDQorCQkgKiBl
YXJzLg0KKwkJICogQnkgVmVybW9udCBSdXRoZXJmb29yZCAodmVybW9udEBn
YXRlLm5ldCkuDQorCQkgKi8NCisNCisJCS8qIHRyeSB0byBmaW5kIHdoYXQg
cXVlcnkgdGhleSBhcmUgdHJ5aW5nIHRvIHNwb29mICovDQorCQlpZiAoKHFw
ID0gcWFwcHJveGZyb20oZnJvbS5zaW5fYWRkcikpID09IE5VTEwgKSB7DQor
CQkJLyogQ291bGRudCBmaW5kIGFueSAqLw0KKwkJCW5zX2RlYnVnKG5zX2xv
Z19zZWN1cml0eSwgMSwNCisJCQkJIkxhbWUgQXR0ZW1wdCBhdCBJRCBTcG9v
Zi9EdXBsaWNhdGUgcmVwbHkgZnJvbSBkZWFkIHF1ZXJ5Iik7DQorCQkJbmFt
ZXNlckluY3IoZnJvbS5zaW5fYWRkciwgbnNzUmN2ZER1cFIpOw0KKwkJCXJl
dHVybjsNCisJCX0gZWxzZSB7IC8qIFNvbWVvbmUgaXMgdHJ5aW5nIHRvIGJl
IGVsZWV0ICovDQorCQkJbnNfZGVidWcobnNfbG9nX3NlY3VyaXR5LCAxLA0K
KwkJCQkiUmVjZWl2ZWQgQXR0ZW1wdGVkIElEIFNwb29mLCByZXRyeWluZyB3
aXRoIFRDUCIpOw0KKwkJCS8qIGhvcGVmdWxseSB0aGlzIGlzIGJlaW5nIGRv
bmUgY29ycmVjdGx5ICovDQorCQkJaWYgKCEocXAtPnFfZmxhZ3MgJiBRX1VT
RVZDKSkgew0KKwkJCQlxcC0+cV9mbGFncyB8PSBRX1VTRVZDOw0KKwkJCQl1
bnNjaGVkKHFwKTsNCisJCQkJc2NoZWRyZXRyeShxcCwgNjApOw0KKwkJCQlp
ZiAodGNwX3NlbmQocXApICE9IE5PRVJST1IpDQorCQkJCQkvKg0KKwkJCQkJ
ICogRC1vaC4gT3VyIGxhc3QgcmVzb3J0IGZhaWxlZCFADQorCQkJCQkgKiBS
ZW1vdmUgZnJvbSBxdWV1ZSB0byBwcmV2ZW50DQorCQkJCQkgKiBicnV0ZSBm
b3JjZSBmcm9tIHN1Y2NlZWRpbmcuDQorCQkJCQkgKi8NCisJCQkJCXFyZW1v
dmUocXApOw0KKwkJCX0NCisJCQlyZXR1cm47DQorCQl9DQogCX0NCiANCiAJ
bnNfZGVidWcobnNfbG9nX2RlZmF1bHQsIDIsICJSZXNwb25zZSAoJXMgJXMg
JXMpIG5zaWQ9JWQgaWQ9JWQiLA0K
---941424629-1004745063-862128783=:38774--



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault