Ticket #17 (new defect)

Opened 4 months ago

missing case in DownloadManager.cpp changeset 1487

Reported by: katsumi@grospolina.org Assigned to: common
Priority: minor Component: nepenthes
Keywords: m_ReplaceLocalIps changeset 1487 Cc:

Description

need to insert line 342 --- if ( ulAdress == 0 && m_ReplaceLocalIps == 0 )//delete down if 0.0.0.0 and ReplaceLocalIPs not set { //log something usefull here please delete down; return false; } ---

if honeytrap and bridge are loaded and ReplaceLocalIPs is "0" , nepenthes will try to download protocol//0.0.0.0:port what makes it listen on "port" and it seems it will try to bind any port it can get. The "port" will be proxied back to the attacker.This leads into various socket errors.

check the maillist for more information

Attachments

Add/Change #17 (missing case in DownloadManager.cpp changeset 1487)