Spoofing exploit still around?

Discussion of EFnet's IRCDs (hybrid, ratbox, csircd)

Moderators: Website/Forum Admins, Software/IRCD Moderators

1753
Posts: 3
Joined: Tue Mar 27, 2007 2:38 pm

Spoofing exploit still around?

Postby 1753 » Mon Sep 13, 2004 6:26 pm

Hey, just curious about EFNet and spoofing. Obviously admins now have the ability to add spoofs to their ircd configuration but what about spoof exploits? I recall years ago there being exploits that allowed end users to spoof hosts and I had originally thought that was cleared up. Recently I have heard more and more about users once again being able to spoof. I was just wondering how truthful this was and if so how come these servers are allowed to remain linked if they are in anyway exploitable?
prefect
Posts: 76
Joined: Mon Jul 14, 2003 6:25 pm
Location: Oslo

Postby prefect » Mon Sep 13, 2004 11:23 pm

exploits? no

1. using ipv6 while also resolving the host 'on ipv4' to someone elses ip
2. changing/removing the ip your host resolves to after connecting. while the ip will be cached in the nameservers the ircd is using for some time.. it will eventually go away. which is why some ircds now show the ip a user connected from in whois-output.
prefect!prefect@staff.blackened.com
1753
Posts: 3
Joined: Tue Mar 27, 2007 2:38 pm

Postby 1753 » Tue Sep 14, 2004 12:35 am

prefect wrote:exploits? no

1. using ipv6 while also resolving the host 'on ipv4' to someone elses ip
2. changing/removing the ip your host resolves to after connecting. while the ip will be cached in the nameservers the ircd is using for some time.. it will eventually go away. which is why some ircds now show the ip a user connected from in whois-output.


Yeah I'm aware of adding an A record along with an AAAA record to trick people into believing your IP is different.
And as for the whole change A record after connection that was a lot more useful back when nobdy knew about it, surprised it took as long as it did to catch on.

I suppose I've just been hearing lame rumors; glad this is the case. I enjoy using autoop in non-public channels.

Thanks
-wassup-
Posts: 103
Joined: Wed Aug 13, 2003 8:25 pm
Location: Middle East

Postby -wassup- » Fri Sep 17, 2004 8:53 pm

are you talking about that spoofing exploit that used to exist on dalnet ircds? there is a program called dr spoofee or something similiar that used to exploit that.

Return to “IRCD”

Who is online

Users browsing this forum: No registered users and 1 guest