Comments on: fishy FiSH http://blogs.23.nu/ilja/2007/03/antville-14493/ Mostly incoherent ramblings and rants about computer security Mon, 03 Aug 2009 11:11:30 +0200 http://wordpress.org/?v=2.8.4 hourly 1 By: tomten http://blogs.23.nu/ilja/2007/03/antville-14493/comment-page-1/#comment-48 tomten Thu, 16 Oct 2008 05:43:23 +0000 http://3.blogs.23.nu/ilja/2007/03/antville-14493/#comment-48 Problems with libfish and sparc Problems with libfish and sparc Hi, I'm having trubbel with libfish. Don't like it muth, it has problems with operating on difrent archs. I run sparc64, and when i try to decode a msg from a intel machine all i get is junk! Think its a problem with the bytorder.... Great work on the blogg, hope to read more soon. This comment was originally posted on 20080723T09:43:29 Problems with libfish and sparc

Problems with libfish and sparc
Hi, I’m having trubbel with libfish. Don’t like it muth, it has problems with operating on difrent archs. I run sparc64, and when i try to decode a msg from a intel machine all i get is junk! Think its a problem with the bytorder….

Great work on the blogg, hope to read more soon.

This comment was originally posted on 20080723T09:43:29

]]> By: ilja http://blogs.23.nu/ilja/2007/03/antville-14493/comment-page-1/#comment-47 ilja Thu, 16 Oct 2008 05:43:22 +0000 http://3.blogs.23.nu/ilja/2007/03/antville-14493/#comment-47 I didnt have to see that, I just barfed up my dinner. This comment was originally posted on 20070328T03:37:39 I didnt have to see that, I just barfed up my dinner.

This comment was originally posted on 20070328T03:37:39

]]> By: oxff http://blogs.23.nu/ilja/2007/03/antville-14493/comment-page-1/#comment-46 oxff Thu, 16 Oct 2008 05:43:21 +0000 http://3.blogs.23.nu/ilja/2007/03/antville-14493/#comment-46 He prevents Buffer Overflows! He prevents Buffer Overflows! FiSH-irssi-v0.99-source.zip:FiSH.c:79 // usually a received message does not exceed 512 chars, but we want to prevent evil buffer overflow if(msg_len >= (int)(sizeof(bf_dest)*1.5)) msg_ptr[(int)(sizeof(bf_dest)*1.5)-20]=''; Isn't that cute? This comment was originally posted on 20070328T00:59:18 He prevents Buffer Overflows!

He prevents Buffer Overflows!
FiSH-irssi-v0.99-source.zip:FiSH.c:79

// usually a received message does not exceed 512 chars, but we want to prevent evil buffer overflow
if(msg_len >= (int)(sizeof(bf_dest)*1.5)) msg_ptr[(int)(sizeof(bf_dest)*1.5)-20]=”;

Isn’t that cute?

This comment was originally posted on 20070328T00:59:18

]]> By: calcite http://blogs.23.nu/ilja/2007/03/antville-14493/comment-page-1/#comment-45 calcite Thu, 16 Oct 2008 05:43:20 +0000 http://3.blogs.23.nu/ilja/2007/03/antville-14493/#comment-45 Wow Wow I'm suprised to see strcpy() fuckup like that in such a widely used application. This comment was originally posted on 20070325T03:34:24 Wow

Wow
I’m suprised to see strcpy() fuckup like that in such a widely used application.

This comment was originally posted on 20070325T03:34:24

]]> By: ilja http://blogs.23.nu/ilja/2007/03/antville-14493/comment-page-1/#comment-44 ilja Thu, 16 Oct 2008 05:43:19 +0000 http://3.blogs.23.nu/ilja/2007/03/antville-14493/#comment-44 the fact that it has to be serverside in most cases is pretty obvious, and imo needn't even be mentioned. also it looks like you might be able to trigger the notice stacksmash clientside. I didn't know the xchat code was that different from the mirc code, I never looked, I just assumed, hence the "I believe ..." I wasn't stating facts. This comment was originally posted on 20070320T04:16:12 the fact that it has to be serverside in most cases is pretty obvious, and imo needn’t even be mentioned. also it looks like you might be able to trigger the notice stacksmash clientside.
I didn’t know the xchat code was that different from the mirc code, I never looked, I just assumed, hence the “I believe …” I wasn’t stating facts.

This comment was originally posted on 20070320T04:16:12

]]> By: slashy http://blogs.23.nu/ilja/2007/03/antville-14493/comment-page-1/#comment-43 slashy Thu, 16 Oct 2008 05:43:18 +0000 http://3.blogs.23.nu/ilja/2007/03/antville-14493/#comment-43 well done research.. a bit further and you would have noticed that you can't attack this without full control of the ircserver (or you have to find irc-servers which have a nicklen setting > 100). Also it should be mentioned that this flaws only applies to xchat version .. the flawed part of the code ain't reused in mIRC version past 1.25 read here for more: http://fish.sekure.us/forum/viewtopic.php?p=1166#1166 This comment was originally posted on 20070317T11:08:30 well done research.. a bit further and you would have noticed that you can’t attack this without full control of the ircserver (or you have to find irc-servers which have a nicklen setting > 100). Also it should be mentioned that this flaws only applies to xchat version .. the flawed part of the code ain’t reused in mIRC version past 1.25

read here for more: http://fish.sekure.us/forum/viewtopic.php?p=1166#1166

This comment was originally posted on 20070317T11:08:30

]]> By: sacrine http://blogs.23.nu/ilja/2007/03/antville-14493/comment-page-1/#comment-41 sacrine Thu, 16 Oct 2008 05:43:17 +0000 http://3.blogs.23.nu/ilja/2007/03/antville-14493/#comment-41 RE: RE: Echte mannen gebruiken FiSH ? I don't think so :) This comment was originally posted on 20070308T09:16:31 RE:

RE:
Echte mannen gebruiken FiSH ?

I don’t think so :)

This comment was originally posted on 20070308T09:16:31

]]> By: prdelka http://blogs.23.nu/ilja/2007/03/antville-14493/comment-page-1/#comment-42 prdelka Thu, 16 Oct 2008 05:43:17 +0000 http://3.blogs.23.nu/ilja/2007/03/antville-14493/#comment-42 Month of retro bugs! :-D This comment was originally posted on 20070315T14:00:47 Month of retro bugs! :-D

This comment was originally posted on 20070315T14:00:47

]]>