From af42bb47f92b772411cd4235c850caa0ac988a10 Mon Sep 17 00:00:00 2001 From: epochqwert Date: Fri, 6 Feb 2015 04:41:43 -0600 Subject: ident.sh got a format string vuln fix. ident_service.sh will ident a service given its remote IP and port. (only run if ident is running on that remote computer) argc is just because I always forget what argc is for however many args. peereid is for unix sockets' ids peerip and sockip got the same upgrade. can now use the optional argv[1] to set the number of the file descriptor to use. --- nocompile/bin/ident.sh | 2 +- nocompile/bin/ident_service.sh | 2 ++ src/libexec/argc.c | 6 ++++++ src/libexec/peereid.c | 12 ++++++++++++ src/libexec/peerip.c | 3 ++- src/libexec/sockip.c | 3 ++- 6 files changed, 25 insertions(+), 3 deletions(-) create mode 100755 nocompile/bin/ident_service.sh create mode 100644 src/libexec/argc.c create mode 100644 src/libexec/peereid.c diff --git a/nocompile/bin/ident.sh b/nocompile/bin/ident.sh index 5a44253..a4827c4 100755 --- a/nocompile/bin/ident.sh +++ b/nocompile/bin/ident.sh @@ -1,2 +1,2 @@ #!/bin/sh -printf "$2 , $3\r\n" | nc $1 113 | tr -d '\r' +printf "%s , %s\r\n" "$2" "$3" | nc "$1" 113 | tr -d '\r' diff --git a/nocompile/bin/ident_service.sh b/nocompile/bin/ident_service.sh new file mode 100755 index 0000000..a77687a --- /dev/null +++ b/nocompile/bin/ident_service.sh @@ -0,0 +1,2 @@ +#!/bin/sh +ncat "$1" "$2" -c 'ident.sh '"$1"' '"$2"' $(/usr/local/libexec/sockip 3 | tail -n1) 1>&2' diff --git a/src/libexec/argc.c b/src/libexec/argc.c new file mode 100644 index 0000000..9c35294 --- /dev/null +++ b/src/libexec/argc.c @@ -0,0 +1,6 @@ +#include + +int main(int argc,char *argv[]) { + printf("argc:%d\n",argc); + return argc; +} diff --git a/src/libexec/peereid.c b/src/libexec/peereid.c new file mode 100644 index 0000000..e2e5c5f --- /dev/null +++ b/src/libexec/peereid.c @@ -0,0 +1,12 @@ +#include +#include +#include +#include + +int main(int argc,char *argv[]) { + uid_t euid; + gid_t egid; + if(getpeereid(argc>1?atoi(argv[1]):0,&euid,&egid) == -1) return 1; + printf("%d\n%d\n",euid,egid); + return 0; +} diff --git a/src/libexec/peerip.c b/src/libexec/peerip.c index 43d64d0..88b8fd4 100644 --- a/src/libexec/peerip.c +++ b/src/libexec/peerip.c @@ -1,4 +1,5 @@ #include +#include #include #include #include @@ -7,7 +8,7 @@ int main(int argc,char *argv[]) { struct sockaddr_in6 sa6; unsigned int sl=sizeof(sa6); char h[NI_MAXHOST], s[NI_MAXSERV]; - if(getpeername(0,(struct sockaddr *)&sa6,&sl) == -1) return 1; + if(getpeername(argc>1?atoi(argv[1]):0,(struct sockaddr *)&sa6,&sl) == -1) return 1; if(getnameinfo((struct sockaddr *)&sa6,sl,h,sizeof(h),s,sizeof(s),NI_NUMERICHOST|NI_NUMERICSERV)) return 2; puts(h); puts(s); diff --git a/src/libexec/sockip.c b/src/libexec/sockip.c index 542a88d..f1f0480 100644 --- a/src/libexec/sockip.c +++ b/src/libexec/sockip.c @@ -1,4 +1,5 @@ #include +#include #include #include #include @@ -7,7 +8,7 @@ int main(int argc,char *argv[]) { struct sockaddr_in6 sa6; unsigned int sl=sizeof(sa6); char h[NI_MAXHOST], s[NI_MAXSERV]; - if(getsockname(0,(struct sockaddr *)&sa6,&sl) == -1) return 1; + if(getsockname(argc>1?atoi(argv[1]):0,(struct sockaddr *)&sa6,&sl) == -1) return 1; if(getnameinfo((struct sockaddr *)&sa6,sl,h,sizeof(h),s,sizeof(s),NI_NUMERICHOST|NI_NUMERICSERV)) return 2; puts(h); puts(s); -- cgit v1.2.3