Vulnerability Development: Re: Asterisk ignoring replayed libpcap sessions

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: Asterisk ignoring replayed libpcap sessions

From: Blue Boar <BlueBoar () thievco com>
Date: Thu, 02 Nov 2006 11:46:45 -0800

If you originally thought that a simple TCP replay, with sequence andport numbers fixed up, would always work, consider this:


-Client connects
-Server says "Say 3"
-Client says "3"
-connection continues.

So you replay that.  This time:

-Server says "Say 5"
-replayed Client says "3"
-Server disconnects.

In many cases, a replayer that doesn't understand the applicationprotocol will fail.

Now extend that to a TCP connection that does an encryption setup with achallenge-response.

BB

By Date By Thread

Current thread:

Re: Asterisk ignoring replayed libpcap sessions Stefano Zanero (Nov 01)
- Re: Asterisk ignoring replayed libpcap sessions nnp (Nov 01)
  - Re: Asterisk ignoring replayed libpcap sessions Stefano Zanero (Nov 01)
    - Re: Asterisk ignoring replayed libpcap sessions nnp (Nov 01)
    - Re: Asterisk ignoring replayed libpcap sessions Matthew Franz (Nov 02)
    - Re: Asterisk ignoring replayed libpcap sessions Blue Boar (Nov 02)
  - Re: Asterisk ignoring replayed libpcap sessions nnp (Nov 01)
- <Possible follow-ups>
- Re: Asterisk ignoring replayed libpcap sessions Pravin (Nov 01)
- Re: Asterisk ignoring replayed libpcap sessions Aaron Turner (Nov 01)