moguce exploitati program vrlo je jednostavna, ali se je o njoj jako malo
pricalo.
Na *BSD-u, ovaj program je moguce exploitati bez problema, za windowse
nisam 100% siguran (no za win treba ubaciti Winsock, a maknuti BSD sockete),
a na Linuxu prije pokretanja ovog programa treba postaviti limite (kao root) na otprilike:
ulimit -c unlimited
ulimit -s 8192
ulimit -n 2048
ulimit -u 1023
#include <stdio.h>
#include <arpa/inet.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <netdb.h>
#include <netinet/in.h>
#include <unistd.h>
#include <stdlib.h>
#include <sys/time.h>
char buf2[1024];
int waitsockdata(int sock, int timeosec, int timeousec)
{
char buf[256];
int test=256;
fd_set fds;
struct timeval tv;
int res;
tv.tv_sec = timeosec;
tv.tv_usec = timeousec;
FD_ZERO(&fds);
FD_SET(sock, &fds);
memcpy (buf,buf2,test);
if ((res = select (sock+1, &fds, NULL, NULL, &tv))!=1) return EOF;
return(sock);
}
main (int argc, char **argv)
{
struct sockaddr_in sin;
int fd,cl,n;
fd = socket (AF_INET,SOCK_STREAM,0);
sin.sin_addr.s_addr = INADDR_ANY;
sin.sin_port = htons (31338);
sin.sin_family = AF_INET;
bind (fd, (struct sockaddr*)&sin ,sizeof (struct sockaddr));
listen (fd, 10000);
n = sizeof(struct sockaddr);
while ((cl=accept (fd,(struct sockaddr*)&sin ,&n)) != -1)
{
read (cl,buf2,1024);
waitsockdata (cl,15,15);
}
}
Uglavnom...nek ovaj topic ne ostane prazan :-)