Well,
I am not sure but, does tcpreplay takes care of sequence numbers?
May be the victim is selecting different initial sequence number everytime,
Does tcpreplay modifies the sequence number accordingly?
On 10/29/06, nnp <version5_at_gmail.com> wrote:
> Hey,
> I'm currently testing the Asterisk PBX for vulnerabilities but I just
> encountered an interesting problem when trying to recreate a crash.
> Using a fuzzer I can crash it in the exact same place every time. I am
> recording these session using ethereal (wireshark) and then replaying
> them using tcpreplay e.g
>
> sudo tcpreplay -i lo dieAsterisk.eth
>
> Anyways, the problem is Asterisk completely ignores the data sent to
> it via tcpreplay. I'm not sure what the issue could be. The packets
> replayed are identical. Is anyone aware of any checksum that takes
> timing into account or whatnot in Asterisk?
>
> Thanks,
> nnp
>
> --
> http://silenthack.co.uk
>
--
Pravin Shinde
Received on Nov 01 2006
Intro
