From 8c542d83091f9ba5ccb095fad730651f8e6c1eef Mon Sep 17 00:00:00 2001 From: Epoch Qwert Date: Thu, 23 Oct 2014 01:20:02 -0500 Subject: fixed gopherd's LFI and added excuting files. httpd had flushing issues. realpath is new! does what it says. gives absolute path of a file. deddos, peerip, peerip.pl, were laying around elsewhere. gethostbyname got a new trick. can do decimal addresses among other things. hop0 is a shell script that gets what IP will be put on the source address of outgoing packets sent to $1. rtfs. --- src/libexec/deddos.c | 53 ++++++++++++++++++++++++++++++++++++++++++++++++++++ src/libexec/httpd.c | 13 +++++++++---- src/libexec/peerip.c | 13 +++++++++++++ 3 files changed, 75 insertions(+), 4 deletions(-) create mode 100644 src/libexec/deddos.c create mode 100644 src/libexec/peerip.c (limited to 'src/libexec') diff --git a/src/libexec/deddos.c b/src/libexec/deddos.c new file mode 100644 index 0000000..245ba41 --- /dev/null +++ b/src/libexec/deddos.c @@ -0,0 +1,53 @@ + +#include +#include +#include +#include +#include +#include + +void ignore(int a) {} + +int main(int argc,char *argv[]) { + int i; + struct sockaddr sa; + signal(SIGALRM,exit); + alarm(10); + int sl=sizeof(sa); + char host[256]; + char serv[256]; + char cmd[256]; + char line[256]; + char iface[256]; + char *name[16]; + getpeername(0,&sa,&sl); + //this function is nifty as shit. + getnameinfo(&sa,sl,host,256,serv,256,NI_NUMERICHOST); + printf("connecting from: %s port %s\n",host,serv); + fflush(stdout); + printf("select interface:\n"); + fflush(stdout); + system("/bin/cat /etc/interfaces | /usr/bin/tr '\n' ' ' | /usr/bin/fold"); + fflush(stdout); + fgets(iface,sizeof(iface)-1,stdin); + for(i=0;iface[i];i++) { + if((iface[i] >= 'a' && iface[i] <= 'z') || (iface[i] >= '0' && iface[i] <= '9')) { + + } else { + iface[i]=0; + } + } + alarm(60); + name[0]="/usr/sbin/tcpdump"; + name[1]="-c10"; + name[2]="-ni"; + name[3]=iface; + name[4]="host"; + name[5]=host; + name[6]="and"; + name[7]="proto"; + name[8]="UDP"; + name[9]=0; + execv(name[0],name); + printf("shit fucked.\n"); +} diff --git a/src/libexec/httpd.c b/src/libexec/httpd.c index 4b14269..9da149f 100644 --- a/src/libexec/httpd.c +++ b/src/libexec/httpd.c @@ -2,13 +2,15 @@ #include #include #include +#include #define VHOST_ROOT "/var/www" #define CGI "cgi-bin" #define SERVER "epochttpd/2.0 (Unix)" void standard_headers() { - printf("Server: %s\n",SERVER); + printf("Server: %s\r\n",SERVER); + printf("Connection: close\r\n"); } int main(int argc,char *argv[]) { @@ -22,6 +24,8 @@ int main(int argc,char *argv[]) { char *get_param; char line[getpagesize()]; fgets(line,sizeof(line)-1,stdin); +// syslog(LOG_INFO,"ADDRESS did a LINE"); +// syslog(LOG_WARNING,"httpd syslog test\n"); if(!strchr(line,'\n')) { printf("HTTP/1.1 413 Entity Too Large\r\n"); standard_headers(); @@ -71,7 +75,7 @@ int main(int argc,char *argv[]) { printf("Location: /%sindex.html\r\n\r\n",page); return 0; } - if(fd=open(page,O_RDONLY) != -1) {//need to check that the file isn't a directory. :P + if((fd=open(page,O_RDONLY)) != -1) {//need to check that the file isn't a directory. :P printf("HTTP/1.1 200 OK\r\n"); standard_headers(); name[0]="/usr/local/bin/mime-type"; @@ -92,8 +96,9 @@ int main(int argc,char *argv[]) { wait(&s); fflush(stdout); printf("\r\n"); - while((n=read(fd,line,sizeof(line))) > 0) { - write(1,line,n); + fflush(stdout); + while((n=read(fd,line,sizeof(line)-1)) > 0) { + write(STDOUT_FILENO,line,n); } } else { printf("HTTP/1.1 404 Not Found\r\n"); diff --git a/src/libexec/peerip.c b/src/libexec/peerip.c new file mode 100644 index 0000000..d35aca7 --- /dev/null +++ b/src/libexec/peerip.c @@ -0,0 +1,13 @@ +#include +#include +#include + +int main(int argc,char *argv[]) { + int i; + struct sockaddr sa; + int sl=sizeof(sa); + char host[256]; + getpeername(0,&sa,&sl); + getnameinfo(&sa,sl,host,256,0,0,NI_NUMERICHOST); + puts(host); +} -- cgit v1.2.3