Hi,
* Folkert van Heusden <[email protected]> [2009-06-05 11:39]:
> > * Olaf van der Spek <[email protected]> [2009-06-05 00:12]:
> > > When I start httping and then disconnect the SSH session,
> > > httping keeps running. This is unexpected behaviour. Why
> > > doesn't it exit?
> >
> > It looks like httping is installing a signal handler for
> > SIGHUP to do a memory dump which doesn't set the start
> > variable used in the main loop to quit the pinging :/
> > Folkert any reason this is needed? Can we just strip this
> > functionality? I didn't actually notice it so far.
>
> Yes, can be removed.
> Attached version should work.
> Please test.
Version looks good to me.
> > Besides this has a small (not that important :) security
> > issue:
> > static void MEMLOG(char *s, ...)
> > {
> > va_list ap;
> > FILE *fh = fopen("log.log", "a+");
> > if (!fh)
> > error_exit("error logging\n");
> >
> > va_start(ap, s);
> > vfprintf(fh, s, ap);
> > va_end(ap);
> >
> > fclose(fh);
> > }
> >
> > So in case a victim is executing httping in a directory the attacker
> > has write privileges to he can place a symlink log.log pointing to
> > an arbitrary file of the victim and write httping memory dumps in it
> > by sending SIGHUP to the httping process.
>
> true
Well I overlooked that this is not possible like this as an
attacker doesn't have the rights to send signals to the
victims process.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - [email protected] - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
