Posted: Tue Jan 13, 2009 12:27 pm Post subject: For those who use Pidgin Instant Messenger
The other day while chatting online (yahoo) I came across a guy/boy talking about how he can "hack" people and give them a bad day, and how he was "unbootable"
Note: Unbootable means can't be kicked off the chat servers
Well this arose my questions......
What kind of protection does the person have? I asked myself,
I also asked a few more questions in my head.
A few years ago I was teaching myself programming, which was Visual Basic 6.0. Now wish I never chose that as a first language, It kinda hurt me when I tried learning C or C++, but oh well.
I made a chat client like yahoo's messenger, so not knowing the person's Ip Address (I asked for permission first of course) all I had was his screen name. Well my another question came up....I wonder if I sent him standard yahoo packets, since his program accepts them, would there be a way to flood/DoS Pidgin?.....
Low and behold after about 200K+ packets I was finially able to crash his client, he left in defeat, but he started all wrong claiming this and claiming that......script kiddie.....can you blame me?
But to the exploit I have done any engineering on this, just dont have the time but maybe their is a possible buffer overflow avaible?...dont know
Maybe the packet count depends on the person bandwidth and memory?....dont know
What ever it is it works for the latest version of Jan/2009
Maybe his client buffer was overloaded.....dont know
If anyone has any insight on this please share
Joined: 21 Sep 2003 Posts: 16777097 Location: Portugal
Posted: Tue Jan 13, 2009 4:03 pm Post subject:
Some further details would help.
What kind of packets were you sending? What were you sending in the way of content? Were you sending random garbage (in which case perhaps you hit a bug on the client's input parser), or were you just sending the same packet over and over again?
What was your sending throughput? Did it largely outweigh his receiving bandwidth? If so, this may have been just a bandwidth attack - you may have just flooded his pipe, which would obviously knock him out regardless of which client he's using. That is of course, assuming his client didn't crash, that it just went offline.
What effects did he witness on his side? Do you know for a fact that the client crashed?
I would recommend some troubleshooting, repeating the experiment and reducing the amount of unknown variables. Get to a point where you can say "this is what causes it, when I do this it crashes". Then, if it turns out to be a problem with pidgin, report it to the pidgin developers.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum