Home page logo

fulldisclosure logo Full Disclosure mailing list archives

From: "n d" <trpz () broken org>
Date: 21 Mar 2003 11:48:46 -0000

this is sample code for a new block handling system called duck.

use Socket;
require 'block.pl';
$h = $ARGV[0];

foreach $k (@m) {
  &d_append_string($k,"$k /meep/duck.htm HTTP/1.0\r\n\r\n");
  $s = sockaddr_in(80, inet_aton($h)) || die "meep\n";
  socket (S, PF_INET, SOCK_STREAM, getprotobyname('TCP')) || die "meep\n";
  if(connect(S, $s)) {
    $j = \*S;
    print "*** WRITTEN\n";
    @b = <$j>;
    foreach (@b) {
      if($_ =~ /Method/i || $_ =~ /Allowed/i || $_ =~ /Supported/i) {
        print "$k NEGATIVE\n";
      print "$k WEBDAV ARE LOOKING GOOD\n";
  } else {
    print "copuld not connect\n";


duck allows you to build strings made up of binary data, unicode, integers and norml ascii strings as well as allows 
you to parse them to a wide range of filehandle handling code. the first version of duck should be completed by the end 
of the month, and the source will be released under a license that allows me to keep control of the source but allow 
worthy additions. if you would like the preliminary version feel free to contact me.

if you want to read more about this idea, www2.immunitysec.com and look for dave aitels paper about SPIKE and using 
blocks of data in fuzzing situations.

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
  • duck n d (Mar 21)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]