> * Olaf van der Spek <olafvds...@gmail.com> [2009-06-05 00:12]: > > When I start httping and then disconnect the SSH session, > > httping keeps running. This is unexpected behaviour. Why > > doesn't it exit? > > It looks like httping is installing a signal handler for > SIGHUP to do a memory dump which doesn't set the start > variable used in the main loop to quit the pinging :/ > Folkert any reason this is needed? Can we just strip this > functionality? I didn't actually notice it so far.
Yes, can be removed.
Attached version should work.
Please test.
> Besides this has a small (not that important :) security
> issue:
> static void MEMLOG(char *s, ...)
> {
> va_list ap;
> FILE *fh = fopen("log.log", "a+");
> if (!fh)
> error_exit("error logging\n");
>
> va_start(ap, s);
> vfprintf(fh, s, ap);
> va_end(ap);
>
> fclose(fh);
> }
>
> So in case a victim is executing httping in a directory the attacker
> has write privileges to he can place a symlink log.log pointing to
> an arbitrary file of the victim and write httping memory dumps in it
> by sending SIGHUP to the httping process.
true
Folkert van Heusden
--
Multitail es una herramienta flexible que permite visualizar los "log
file" y seguir la ejecución de comandos. Permite filtrar, añadir
colores, combinar archivos, la visualización de diferencias (diff-
view), etc. http://www.vanheusden.com/multitail/
----------------------------------------------------------------------
Phone: +31-6-41278122, PGP-key: 1F28D8AE, www.vanheusden.com
httping-1.3.1-beta.tgz
Description: GNU Unix tar archive
signature.asc
Description: Digital signature
