Be careful for those who like to play with aircrack-ng

4 views
Skip to first unread message

Fei

unread,
Feb 15, 2011, 4:33:43 AM2/15/11
to UTM Open Source Software Group
Hi all,

Just for your information.
"Remote buffer overflow in aircrack-ng causes DOS and possible code
execution"
http://seclists.org/bugtraq/2010/Mar/236
http://pyrit.wordpress.com/2010/03/28/remote-exploit-against-aircrack-ng/

Cheers,
Fei

Tan Kean Siong

unread,
Feb 15, 2011, 6:52:29 AM2/15/11
to utm...@googlegroups.com


Nice article. Crafting the EAPOL packet with length of 65000 bytes by scapy, as the original packet only 100 bytes. Like the author's say, it give us plenty of room to craft the payload. Interesting finding. Anyone test it?

Cheers,
Kean Siong
 

Khian Hui Poh

unread,
Feb 15, 2011, 9:05:04 AM2/15/11
to utm...@googlegroups.com
Hi,

Nope. But it is interesting....Anyone who had tested please let us know.

Cheers,
Fei

--
You received this message because you are subscribed to the Google Groups "UTM Open Source Software Group" group.
To post to this group, send email to utm...@googlegroups.com.
To unsubscribe from this group, send email to utm-oss+u...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/utm-oss?hl=en.

sanchez

unread,
Feb 15, 2011, 7:52:11 PM2/15/11
to UTM Open Source Software Group


On Feb 15, 7:52 pm, Tan Kean Siong <tankeansi...@gmail.com> wrote:
> On 15 February 2011 17:33, Fei <khian...@gmail.com> wrote:
>
> > Hi all,
>
> > Just for your information.
> > "Remote buffer overflow in aircrack-ng causes DOS and possible code
> > execution"
> >http://seclists.org/bugtraq/2010/Mar/236
> >http://pyrit.wordpress.com/2010/03/28/remote-exploit-against-aircrack...
>
> Nice article. Crafting the EAPOL packet with length of 65000 bytes by scapy,
> as the original packet only 100 bytes. Like the author's say, it give us
> plenty of room to craft the payload. Interesting finding. Anyone test it?
>
> Cheers,
> Kean Siong

Buffer overflow often being linked with carelessness or faulty code
developed by the author.
Nonetheless, it's all about incorrect use of memory allocation
functions which causes intended program to run correctly actually fail
upon compilation.
Haven tested the example file though.

Cheers,
Sanchez
Reply all
Reply to author
Forward
0 new messages