summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorepochqwert <epoch@53flpnlls43fcguy.onion>2015-02-06 02:32:04 -0600
committerepochqwert <epoch@53flpnlls43fcguy.onion>2015-02-06 02:32:04 -0600
commit3c2d290d17b739f14774dfcdf48581c1fb212286 (patch)
tree4b3bcf021e9994c21030aad99f84831ad31dbe02
parentabe09a4717370f331b050ad39da3a7e9a478f02d (diff)
downloadmisc-3c2d290d17b739f14774dfcdf48581c1fb212286.tar.gz
misc-3c2d290d17b739f14774dfcdf48581c1fb212286.zip
some new tools. clump is useful. httpd got some better logging. cuturl got some bugfixes I think. todo is just a version of segfault's !todo but for shell. don't remember what I did to telnet-gateway.sh
-rwxr-xr-xnocompile/bin/decode_html_entities4
-rwxr-xr-xnocompile/bin/encode_html_entities4
-rwxr-xr-xnocompile/bin/todo2
-rwxr-xr-xnocompile/libexec/telnet-gateway.sh19
-rwxr-xr-xrebuild.sh4
-rw-r--r--src/bin/clump.c37
-rw-r--r--src/bin/cuturl.c49
-rw-r--r--src/libexec/httpd.c47
8 files changed, 130 insertions, 36 deletions
diff --git a/nocompile/bin/decode_html_entities b/nocompile/bin/decode_html_entities
new file mode 100755
index 0000000..08bd7c9
--- /dev/null
+++ b/nocompile/bin/decode_html_entities
@@ -0,0 +1,4 @@
+#!/bin/sh
+sed "s/\&gt;/>/g" \
+ | sed "s/\&lt;/</g" \
+ | sed "s/\&amp;/\&/g"
diff --git a/nocompile/bin/encode_html_entities b/nocompile/bin/encode_html_entities
new file mode 100755
index 0000000..4cb1836
--- /dev/null
+++ b/nocompile/bin/encode_html_entities
@@ -0,0 +1,4 @@
+#!/bin/sh
+sed "s/&/\&amp;/g" \
+ | sed "s/</\&lt;/g" \
+ | sed "s/>/\&gt;/g"
diff --git a/nocompile/bin/todo b/nocompile/bin/todo
new file mode 100755
index 0000000..611a25b
--- /dev/null
+++ b/nocompile/bin/todo
@@ -0,0 +1,2 @@
+#!/bin/sh
+cat -n /var/todo/$USER.txt | shuffle -f-| head -n1
diff --git a/nocompile/libexec/telnet-gateway.sh b/nocompile/libexec/telnet-gateway.sh
index aac9dd6..5b98cde 100755
--- a/nocompile/libexec/telnet-gateway.sh
+++ b/nocompile/libexec/telnet-gateway.sh
@@ -1,4 +1,7 @@
#!/bin/bash
+export PATH=$PATH:/usr/local/bin:/usr/pkg/bin
+export CUTURL_PORT=23
+
grep "^telnet:" /var/www/sites/hacking/links.txt \
| cat -n
printf "Which do you want to connect to?\nnumber: "
@@ -10,12 +13,10 @@ serverURL=$(grep "^telnet:" /var/www/sites/hacking/links.txt \
| tail -n1)
echo "You've selected: $serverURL (#$N)"
printf "connecting in...\n"
-for i in `seq 5 1`;do
- printf "\r%d..." $i
- sleep 1
-done
-port=$(printf "%s" "$serverURL" | cuturl | grep ^port | cut '-d ' -f2)
-exec ncat -i 600 $(printf "%s" "$serverURL" \
- | cuturl \
- | grep ^domain \
- | cut '-d ' -f2 ) $port
+#for i in `seq 5 1`;do
+# printf "\r%d..." $i
+# sleep 1
+#done
+port=$(printf "%s" "$serverURL" | cuturl --port)
+#yes ncat. I *really* meant 10 minutes. why force me to use ms for that?
+exec ncat -i 600000ms $(printf "%s" "$serverURL" | cuturl --domain ) $port
diff --git a/rebuild.sh b/rebuild.sh
index 6a7e829..f0f9877 100755
--- a/rebuild.sh
+++ b/rebuild.sh
@@ -10,7 +10,7 @@ for i in src/*;do
jout=$(basename $j | cut -d. -f1)
gcc -Wall -o $iout/$jout $j
done
- cp $iout/* /usr/local/$iout/
+ cp -f $iout/* /usr/local/$iout/
done
echo "building and installing tools without compiling..."
for i in nocompile/*;do
@@ -18,5 +18,5 @@ for i in nocompile/*;do
for j in nocompile/$i/* out=$(basename $i);do
jout=$(basename $j)
done
- cp $i/* /usr/local/$iout/
+ cp -f $i/* /usr/local/$iout/
done
diff --git a/src/bin/clump.c b/src/bin/clump.c
new file mode 100644
index 0000000..18c8e5b
--- /dev/null
+++ b/src/bin/clump.c
@@ -0,0 +1,37 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+//clumps together consecutive rows containing the same first column
+//to have column 2- printed after a single column 1 value.
+//just try it out.
+//printf "a a\na b\na c\nb a\nb b\nc a\nc b\n" | clump
+//still working on the name.
+
+int main() {
+ char line[256];
+ char *id;
+ char *value;
+ char *oldid=malloc(1);
+ *oldid=0;
+ while(fgets(line,sizeof(line),stdin)) {
+ id=line;
+ if(strchr(line,'\n')) *strchr(line,'\n')=0;
+ if(strchr(id,' ')) {
+ value=strchr(id,' ');
+ *value=0;
+ value++;
+ }
+ if(strcmp(id,oldid)) {
+ if(*oldid != 0) {
+ printf("\n");
+ }
+ printf("%s:",id);
+ free(oldid);
+ oldid=strdup(id);
+ }
+ printf(" %s",value);
+ }
+ printf("\n");
+ return 0;
+}
diff --git a/src/bin/cuturl.c b/src/bin/cuturl.c
index 4a2f3f5..f8b02c7 100644
--- a/src/bin/cuturl.c
+++ b/src/bin/cuturl.c
@@ -1,4 +1,4 @@
-
+#include <netdb.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -33,14 +33,6 @@
#define AorB(a,b) ((a)?(a):(b))
-#define DEFAULT_SCHEME AorB(getenv("CUTURL_SCHEME"),"DEFAULT")
-#define DEFAULT_USERNAME AorB(getenv("CUTURL_USERNAME"),"DEFAULT")
-#define DEFAULT_PASSWORD AorB(getenv("CUTURL_PASSWORD"),"DEFAULT")
-#define DEFAULT_PORT AorB(getenv("CUTURL_PORT"),"DEFAULT")
-#define DEFAULT_PATH AorB(getenv("CUTURL_PATH"),"DEFAULT")
-#define DEFAULT_QUERY_STRING AorB(getenv("CUTURL_QUERY_STRING"),"DEFAULT")
-#define DEFAULT_FRAGMENT_ID AorB(getenv("CUTURL_FRAGMENT_ID"),"DEFAULT")
-
#define F_SCHEME 1<<0
#define F_USERNAME 1<<1
#define F_PASSWORD 1<<2
@@ -63,13 +55,15 @@ int main(int argc,char *argv[]) {
char *path=0;
char *query_string=0;
char *fragment_id=0;
+ char sport[10];
+ struct servent *serv;
//exactly 8 parts! let's store that in a byte.
unsigned char flags=0;
int i;
int size=1024;
char using_stdin=1;
char malloced=0;
- if(argc > 0) {
+ if(argc > 1) {
if(!strcmp(argv[1],"--help") || !strcmp(argv[1],"-h")) {
printf("usage: echo urls | cuturl [options]\n");
printf("usage: cuturl [options] url [options] [url]\n\n");
@@ -82,11 +76,16 @@ int main(int argc,char *argv[]) {
}
}
while(1) {
- //
- // todo: add argument parsing
- //
+ scheme=0;
+ username=0;
+ password=0;
+ domain=0;
+ port=0;
+ path=0;
+ query_string=0;
+ fragment_id=0;
if(!using_stdin) flags=0;
- if(argc > 0) {
+ if(argc > 1) {
for(argc--,argv++;argc>0;argc--,argv++) {
for(i=0;long_opts[i];i++) {
if(!strncmp(*argv,"--",2)) {
@@ -111,7 +110,7 @@ int main(int argc,char *argv[]) {
}
}
if(using_stdin) {
- line=malloc(size);
+ line=malloc(size+1);
malloced=1;
if(!fgets(line,size,stdin)) {
return 0;
@@ -133,7 +132,6 @@ int main(int argc,char *argv[]) {
break;
}
}
-
if(path) {
if(strchr(path,'?')) {
query_string=strchr(path,'?');
@@ -213,14 +211,19 @@ int main(int argc,char *argv[]) {
// printf("scheme://username:password@domain:port/path?query_string#fragment_id\n\n");
//let's set them to what'll get printed now...
- scheme=AorB(scheme,DEFAULT_SCHEME);
- username=AorB(username,DEFAULT_USERNAME);
- password=AorB(password,DEFAULT_PASSWORD);
+ scheme=AorB(scheme,AorB(getenv("CUTURL_SCHEME"),"DEFAULT"));
+ username=AorB(username,AorB(getenv("CUTURL_USERNAME"),"DEFAULT"));
+ password=AorB(password,AorB(getenv("CUTURL_PASSWORD"),"DEFAULT"));
//domain=domain; doesn't change. heh.
- port=AorB(port,DEFAULT_PORT);
- path=AorB(path,DEFAULT_PATH);
- query_string=AorB(query_string,DEFAULT_QUERY_STRING);
- fragment_id=AorB(fragment_id,DEFAULT_FRAGMENT_ID);
+ serv=getservbyname(scheme,strcmp(scheme,"udp")?"tcp":"udp");
+ if(serv) snprintf(sport,sizeof(sport)-1,"%d",ntohs(serv->s_port));
+ port=AorB(port,AorB(getenv("CUTURL_PORT"),(serv?sport:"DEFAULT")));
+ //port=AorB(port,AorB(getenv("CUTURL_PORT"),"DEFAULT"));
+
+
+ path=AorB(path,AorB(getenv("CUTURL_PATH"),"DEFAULT"));
+ query_string=AorB(query_string,AorB(getenv("CUTURL_QUERY_STRING"),"DEFAULT"));
+ fragment_id=AorB(fragment_id,AorB(getenv("CUTURL_FRAGMENT_ID"),"DEFAULT"));
if(flags) {
if(flags&F_SCHEME) printf("%s\n",scheme);
diff --git a/src/libexec/httpd.c b/src/libexec/httpd.c
index 8ba9413..f22e139 100644
--- a/src/libexec/httpd.c
+++ b/src/libexec/httpd.c
@@ -15,6 +15,37 @@
#define CGI "cgi-bin"
#define SERVER "epochttpd/2.0 (Unix)"
+// WARNING: this http software is vulnerable. I'm leaving it that way.
+
+/* just notes for environment variables for CGIs when I need them.
+
+Key Value
+DOCUMENT_ROOT The root directory of your server
+HTTP_COOKIE The visitor's cookie, if one is set
+HTTP_HOST The hostname of the page being attempted
+HTTP_REFERER The URL of the page that called your program
+HTTP_USER_AGENT The browser type of the visitor
+HTTPS "on" if the program is being called through a secure server
+PATH The system path your server is running under
+QUERY_STRING The query string (see GET, below)
+REMOTE_ADDR The IP address of the visitor
+REMOTE_HOST The hostname of the visitor (if your server has
+ reverse-name-lookups on; otherwise this is the IP address again)
+REMOTE_PORT The port the visitor is connected to on the web server
+REMOTE_USER The visitor's username (for .htaccess-protected pages)
+REQUEST_METHOD GET or POST
+REQUEST_URI The interpreted pathname of the requested document or CGI
+ (relative to the document root)
+SCRIPT_FILENAME The full pathname of the current CGI
+SCRIPT_NAME The interpreted pathname of the current CGI (relative to
+ the document root)
+SERVER_ADMIN The email address for your server's webmaster
+SERVER_NAME Your server's fully qualified domain name (e.g.
+ www.cgi101.com)
+SERVER_PORT The port number your server is listening on
+SERVER_SOFTWARE The server software you're using (e.g. Apache 1.3)
+*/
+
void standard_headers() {
printf("Server: %s\r\n",SERVER);
printf("Connection: close\r\n");
@@ -33,7 +64,9 @@ int main(int argc,char *argv[]) {
struct sockaddr_in6 sa6;
unsigned int sl=sizeof(sa6);
char h[NI_MAXHOST];
- if(getpeername(0,(struct sockaddr *)&sa6,&sl) == -1) syslog(LOG_WARNING,"getpeername: %m");
+ openlog("httpd",LOG_PID,LOG_DAEMON);
+ if(getpeername(0,(struct sockaddr *)&sa6,&sl) == -1)
+ syslog(LOG_WARNING,"getpeername: %m");
getnameinfo((struct sockaddr *)&sa6,sl,h,sizeof(h),0,0,NI_NUMERICHOST);
setenv("REMOTE_ADDR",h,1);
if(!strchr(line,'\n')) {
@@ -41,10 +74,10 @@ int main(int argc,char *argv[]) {
standard_headers();
printf("Content-type: text/plain\r\n\r\n");
printf("use smaller (<%d bytes) headers.\n",getpagesize());
+ syslog(LOG_WARNING,"413 Entity Too Large %s len: %d\n",h,strlen(line));
return 0;
}
if(strchr(line,'\r')) *strchr(line,'\r')=0;
- syslog(LOG_WARNING,"%s %s\n",h,line);
method=strdup(line);
if((page=strchr(method,' '))) {
*page=0;
@@ -67,24 +100,32 @@ int main(int argc,char *argv[]) {
standard_headers();
printf("Content-type: text/plain\r\n\r\n");
printf("use smaller (<%d bytes) headers.\n",getpagesize());
+ syslog(LOG_WARNING,"413 somewhere in request line 2+: %s %d\n",h,strlen(line));
return 0;
}
if(strchr(line,'\r')) *strchr(line,'\r')=0;
if(!strncasecmp(line,"Host: ",6)) {
setenv("HTTP_HOST",line+6,1);
}
+ if(!strncasecmp(line,"User-agent: ",12)) {
+ setenv("HTTP_USER_AGENT",line+12,1);
+ }
if(!strcmp(line,"")) {
break;
}
}
alarm(0);//no more timeout.
+ //
+ syslog(LOG_WARNING,"%s: %s %s %s\n",h,getenv("HTTP_USER_AGENT"),page,get_param);
//TODO: sanitize this.
if(chdir(VHOST_ROOT) == -1) {
printf("HTTP/1.1 500 Internal Server Error\r\n");
standard_headers();
printf("Content-type: text/html\r\n\r\ncouldn't chdir(\"%s\");",VHOST_ROOT);
+ syslog(LOG_WARNING,"can't chdir to VHOST_ROOT: %s",VHOST_ROOT);
exit(3);
}
+ //I had fun exploiting this. :)
if(chdir((char*)getenv("HTTP_HOST")) == -1) {
if(chdir(SITES_ROOT) != -1) {
if(chdir("default") == -1) {
@@ -92,6 +133,7 @@ int main(int argc,char *argv[]) {
printf("HTTP/1.1 500 Internal Server Error\r\n");
standard_headers();
printf("Content-type: text/html\r\n\r\nfuck");
+ syslog(LOG_WARNING,"can't chdir to default site dir.");
exit(1);
}
//we're good.
@@ -100,6 +142,7 @@ int main(int argc,char *argv[]) {
standard_headers();
printf("Content-type: text/html\r\n\r\ncouldn't chdir(\"%s\");",SITES_ROOT);
//wtf? no sites dir???
+ syslog(LOG_WARNING,"can't chdir to SITES_ROOT: %s",SITES_ROOT);
exit(2);
}
}