I don't want to re-type something I typed already swamped between work + lab + play + home + etc. So copy and paste
There I was minding my business listening to Frontline Assembly's Machine Slave while attacking one vendor's product via packetfuzzing when in return I stumbled upon a vulnerability for another vendor. Not a big deal, the same thing happened while fiddling around and tripping up a nasty Wireshark bug earlier this year.
What interested me the most was, the collateral damage from the tool. What a wicked little tool on my hands. Imagine running a DoS attack inside of a virtualized server and making that DoS attack disconnect EVERY single machine on the virtualized server. Doesn't seem to matter who the target is or the source address being spoofed. After about 2 minutes, the entire VMWare stack is hosed. Hosed as in, there is nothing you can do to reset the virtualized host. Restart the virtualized machine? No workie workie. Restart VMWare as a service? No workie workie. All of the virtualized machines in the server are hosed, sayanora; "you are the weakest link goodbye."
Solution? Reboot the entire server. Unsure of a public release of the tool.
Possible attack uses:
* Insider attack on a rogue nation state's cloud infrastructure.
* Parallel(slash)Escalation based attack where reboot is needed. (surely non working VM servers'll do that)
* Being a script kiddiot
* Being an "Advanced Persistent Script Kiddiot"
With all this said, I now present a demo on mushroom cloud in high def (1280x720). X-lation full screen viewing is best
Step 1) Exploit
Step 2) Lallygag and debate to disclose or ZDI the thing...