LINK VALIDATOR LINUX C SOCKETS

JIHAD · July 11, 2014

Salut,

in rumatorul exemplu o sa va arat un link validator folosind sockets in Linux C.

In acest exemplu am folosit PMA ca target.

Incercam sa validam daca fisierul respectiv exista si daca este PMA.

Exemplul este bun ptr. a realiza scanner de PMA sau orice are nevoie de validare ptr. a rula exploit.


#ifdef HAVE_WINSOCK2_H
# include <winsock2.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
# include <sys/socket.h>
#endif
#ifdef HAVE_NETINET_IN_H
# include <netinet/in.h>
#endif
#ifdef HAVE_SYS_SELECT_H
# include <sys/select.h>
#endif
# ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#ifdef HAVE_ARPA_INET_H
# include <arpa/inet.h>
#endif
#include <sys/time.h>
#include <sys/types.h>
#include <stdlib.h>
#include <fcntl.h>
#include <string.h>
#include <errno.h>
#include <stdio.h>
#include <ctype.h>
#include <netdb.h>
#include <time.h>
#include <sys/wait.h>
#include <termios.h>
#define USERAGENT "JIHAD HTTP AGENT"


int checkpage(char *hostname, char *port, char *page)
{
    char *authok = "Set-Cookie: phpMyAdmin=";
    int socket_desc;
    struct sockaddr_in server;
    char server_reply[2000];
    char message[2000];
    struct timeval timeout;      
    timeout.tv_sec = 3;
    timeout.tv_usec = 0;

    socket_desc = socket(AF_INET , SOCK_STREAM , 0);
    if (socket_desc == -1)
    {
       return 1;
    }

    server.sin_addr.s_addr = inet_addr(hostname);
    server.sin_family = AF_INET;
    server.sin_port = htons( atoi(port) );

    if (setsockopt (socket_desc, SOL_SOCKET, SO_RCVTIMEO, (char *)&timeout,
                sizeof(timeout)) < 0)
        error("setsockopt failed\n");

    if (setsockopt (socket_desc, SOL_SOCKET, SO_SNDTIMEO, (char *)&timeout,
                sizeof(timeout)) < 0)
        error("setsockopt failed\n");

    if (connect(socket_desc , (struct sockaddr *)&server , sizeof(server)) < 0)
    {
       return 1;
    }


    sprintf(message,"GET %s HTTP/1.0\r\nHost: %s\r\nUser-Agent: %s\r\n\r\n", page, hostname, USERAGENT);
    if( send(socket_desc , message , strlen(message), 0) < 0)  { return 1; }
    if( recv(socket_desc, server_reply , 2000 , 0) < 0)   { return 1;  }

    if(strstr(server_reply, authok) != NULL) 
    {


                fprintf(stderr, "[*] OK : %s:%s%s \n", hostname, port, page);
                close(socket_desc);
                exit (0);
    } 

    else

    {
                fprintf(stderr, "[*] NOT OK : %s:%s%s \n", hostname, port, page);
                close(socket_desc);
                exit (0);
    }
                close(socket_desc);
                exit (0);

    }



int main(int argc, char **argv)
 {
  checkpage(argv[1],argv[2], argv[3]);
 }

Rulam:



liviu@superstars:~/jihad-pma$ ./tutorial 64.46.50.34 80 /phpmyadmin/scripts/setup.php
<p>[*] OK : 64.46.50.34:80/phpmyadmin/scripts/setup.php </p>
liviu@superstars:~/jihad-pma$ ./tutorial 64.46.50.34 80 /phpmyadmin/scripts/setup.php2
<p>[*] NOT OK : 64.46.50.34:80/phpmyadmin/scripts/setup.php2 </p>

Sign In

LINK VALIDATOR LINUX C SOCKETS

Recommended Posts

JIHAD

Join the conversation

Browse

Activity

Pages