void main()
{
Stocks s[SIZE];
load(s, SIZE);
sort(s, SIZE);
calc(s, SIZE);
print(s, SIZE);
savetext(s, SIZE);
gettextfile(s, SIZE);
printf("\n\n=============================after the text file has been retrieved==========================================\n\n");
print(s, SIZE);
savebinary(s, SIZE);
getbinaryfile(s, SIZE);
printf("\n ===================================after the binary file has been retrived ==============================================\n");
print(s, SIZE);
system("PAUSE");
}
static int
process_contest(int contest_id)
{
const struct contest_desc *cnts = 0;
unsigned char config_path[PATH_MAX];
unsigned char out_config_path[PATH_MAX];
unsigned char old_config_path[PATH_MAX];
const unsigned char *conf_dir = 0;
struct stat stbuf;
serve_state_t state = 0;
struct section_global_data *global = 0;
int lang_id;
struct section_language_data *lang, *cs_lang_by_short, *cs_lang_by_id, *cs_lang;
int compile_id;
int i;
int has_to_convert = 0, has_errors = 0;
int *lang_map = 0;
unsigned char **lang_shorts = 0;
unsigned char short_name[1024];
struct textfile config_text;
FILE *config_file = NULL;
FILE *out_config_file = NULL;
unsigned char cmd_buf[PATH_MAX];
memset(&config_text, 0, sizeof(config_text));
fprintf(stderr, "Processing contest %d\n", contest_id);
if (contests_get(contest_id, &cnts) < 0 || !cnts) {
error("cannot read contest XML for contest %d", contest_id);
goto failure;
}
if (cnts->conf_dir && os_IsAbsolutePath(cnts->conf_dir)) {
snprintf(config_path, sizeof(config_path), "%s/serve.cfg", cnts->conf_dir);
} else {
if (!cnts->root_dir) {
error("contest %d root_dir is not set", contest_id);
goto failure;
} else if (!os_IsAbsolutePath(cnts->root_dir)) {
error("contest %d root_dir %s is not absolute", contest_id, cnts->root_dir);
goto failure;
}
if (!(conf_dir = cnts->conf_dir)) conf_dir = "conf";
snprintf(config_path, sizeof(config_path),
"%s/%s/serve.cfg", cnts->root_dir, conf_dir);
}
if (stat(config_path, &stbuf) < 0) {
error("contest %d config file %s does not exist", contest_id, config_path);
goto failure;
}
if (!S_ISREG(stbuf.st_mode)) {
error("contest %d config file %s is not a regular file",
contest_id, config_path);
goto failure;
}
if (access(config_path, R_OK) < 0) {
error("contest %d config file %s is not readable",
contest_id, config_path);
goto failure;
}
state = serve_state_init(contest_id);
state->config_path = xstrdup(config_path);
state->current_time = time(0);
state->load_time = state->current_time;
if (prepare(NULL, state, state->config_path, 0, PREPARE_SERVE, "", 1, 0, 0) < 0)
goto failure;
global = state->global;
if (!global) {
error("contest %d has no global section", contest_id);
goto failure;
}
if (strcmp(global->rundb_plugin, "mysql") != 0) {
fprintf(stderr, "contest %d does not use mysql\n", contest_id);
goto failure;
}
if (state->max_lang >= 0) {
XCALLOC(lang_map, state->max_lang + 1);
XCALLOC(lang_shorts, state->max_lang + 1);
}
for (lang_id = 1; lang_id <= state->max_lang; ++lang_id) {
if (!(lang = state->langs[lang_id])) continue;
compile_id = lang->compile_id;
if (compile_id <= 0) compile_id = lang->id;
if (lang->id > 1000) {
fprintf(stderr, " language %s id > 1000 (%d)\n",
lang->short_name, lang->id);
has_errors = 1;
continue;
}
snprintf(short_name, sizeof(short_name), "%s", lang->short_name);
map_lang_aliases(short_name, sizeof(short_name));
/* search the language in the compilation server by short_name and by id */
cs_lang_by_short = 0;
cs_lang_by_id = 0;
for (i = 1; i < cs_lang_total; ++i) {
if ((cs_lang = cs_langs[i]) && cs_lang->id == compile_id) {
cs_lang_by_id = cs_lang;
break;
}
}
for (i = 1; i < cs_lang_total; ++i) {
if ((cs_lang = cs_langs[i]) && !strcmp(cs_lang->short_name, short_name)) {
cs_lang_by_short = cs_lang;
break;
}
}
/*
condition to convert:
1) contest language id does not match to compilation server language id;
2) contest language short name, compilation server language short name match.
*/
if (lang->id != compile_id && cs_lang_by_short != NULL
&& cs_lang_by_short == cs_lang_by_id) {
has_to_convert = 1;
fprintf(stderr, " language %s id %d to be changed to %d\n",
lang->short_name, lang->id, compile_id);
lang_map[lang_id] = compile_id;
lang_shorts[lang_id] = xstrdup(lang->short_name);
} else if (lang->id == compile_id && cs_lang_by_short != NULL
&& cs_lang_by_short == cs_lang_by_id) {
/*
condition to do nothing:
1) contest language id match compilation server language id;
2) contest language short name, compilation server language short name match.
*/
} else {
has_errors = 1;
fprintf(stderr, " unexpected language %s, id %d, compile id %d\n",
lang->short_name, lang->id, lang->compile_id);
if (cs_lang_by_id) {
fprintf(stderr, " CS lang by id: id %d, short %s\n",
cs_lang_by_id->id, cs_lang_by_id->short_name);
} else {
fprintf(stderr, " CS lang by id: NULL\n");
}
if (cs_lang_by_short) {
fprintf(stderr, " CS lang by short name: id %d, short %s\n",
cs_lang_by_short->id, cs_lang_by_short->short_name);
} else {
fprintf(stderr, " CS lang by short name: NULL\n");
}
}
}
if (has_errors) {
fprintf(stderr, "contest %d cannot be converted\n", contest_id);
return 0;
}
if (!has_to_convert) {
fprintf(stderr, "contest %d is ok\n", contest_id);
return 0;
}
config_file = fopen(config_path, "r");
if (!config_file) {
fprintf(stderr, "cannot open %s\n", config_path);
return 0;
}
if (gettextfile(config_file, &config_text) <= 0) {
fprintf(stderr, "configuration file %s is empty\n", config_path);
return 0;
}
fclose(config_file); config_file = NULL;
normalize_text(&config_text);
process_text(&config_text, state->max_lang + 1,
lang_map, lang_shorts);
snprintf(out_config_path, sizeof(out_config_path),
"%s.out", config_path);
out_config_file = fopen(out_config_path, "w");
if (!out_config_file) {
fprintf(stderr, "cannot open %s\n", out_config_path);
return 0;
}
puttext(out_config_file, &config_text);
fclose(out_config_file); out_config_file = NULL;
snprintf(cmd_buf, sizeof(cmd_buf), "diff -u %s %s",
config_path, out_config_path);
//fprintf(stderr, ">>%s\n", cmd_buf);
system(cmd_buf);
process_db(contest_id, state->max_lang + 1, lang_map);
snprintf(old_config_path, sizeof(old_config_path),
"%s.old", config_path);
fprintf(stderr, "Rename: %s->%s, %s->%s\n", config_path, old_config_path,
out_config_path, config_path);
if (rename(config_path, old_config_path) < 0) {
fprintf(stderr, "Rename: %s->%s failed\n", config_path, old_config_path);
}
if (rename(out_config_path, config_path) < 0) {
fprintf(stderr, "Rename: %s->%s failed\n", out_config_path, config_path);
}
return 0;
failure:
return 1;
}
main(int argc, char *argv[])
{
int sock,debugm=0;
struct in_addr addr;
struct sockaddr_in sin;
struct hostent *he;
unsigned long start;
unsigned long end;
unsigned long counter;
char askfortxt[10];
char foundmsg[] = "200";
char *cgistr;
char buffer[1024];
int count=0;
int numin;
char cgibuff[1024];
char *buff[50]; /* Don't u think 50 is enought? */
char *cginame[50]; /* Don't u think 50 is enought? */
buff[1] = "GET /cgi-bin/phf HTTP/1.0\n\n";
buff[2] = "GET /cgi-bin/Count.cgi HTTP/1.0\n\n";
buff[3] = "GET /cgi-bin/test-cgi HTTP/1.0\n\n";
buff[4] = "GET /cgi-bin/php.cgi HTTP/1.0\n\n";
buff[5] = "GET /cgi-bin/handler HTTP/1.0\n\n";
buff[6] = "GET /cgi-bin/webgais HTTP/1.0\n\n";
buff[7] = "GET /cgi-bin/websendmail HTTP/1.0\n\n";
buff[8] = "GET /cgi-bin/webdist.cgi HTTP/1.0\n\n";
buff[9] = "GET /cgi-bin/faxsurvey HTTP/1.0\n\n";
buff[10] = "GET /cgi-bin/htmlscript HTTP/1.0\n\n";
buff[11] = "GET /cgi-bin/pfdisplay.cgi HTTP/1.0\n\n";
buff[12] = "GET /cgi-bin/perl.exe HTTP/1.0\n\n";
buff[13] = "GET /cgi-bin/wwwboard.pl HTTP/1.0\n\n";
buff[14] = "GET /cgi-bin/finger HTTP/1.0\n\n";
buff[15] = "GET /cgi-bin/bnbform.cgi HTTP/1.0\n\n";
buff[16] = "GET /cgi-bin/survey.cgi HTTP/1.0\n\n";
buff[17] = "GET /cgi-bin/classifieds.cgi HTTP/1.0\n\n";
buff[18] = "GET /cgi-bin/textcounter.pl HTTP/1.0\n\n";
cginame[1] = "phf";
cginame[2] = "Count.cgi";
cginame[3] = "test-cgi";
cginame[4] = "php.cgi";
cginame[5] = "handler";
cginame[6] = "webgais";
cginame[7] = "websendmail";
cginame[8] = "webdist.cgi";
cginame[9] = "faxsurvey";
cginame[10] = "htmlscript";
cginame[11] = "pfdisplay";
cginame[12] = "perl.exe";
cginame[13] = "wwwboard.pl";
cginame[14] = "finger";
cginame[15] = "bnbform.cgi";
cginame[16] = "survey.cgi";
cginame[17] = "classifieds.cgi";
cginame[18] = "textcounter.pl";
if (argc<2)
{
printf("\nusage : %s host ",argv[0]);
printf("\n Or : %s host -d for debug mode\n\n",argv[0]);
exit(0);
}
if (argc>2)
{
if(strstr("-d",argv[2]))
{
debugm=1;
}
}
if ((he=gethostbyname(argv[1])) == NULL)
{
herror("gethostbyname");
exit(0);
}
printf("\n\n\t\t [Ech0's CGI Scanner] By CKS\n\n\n");
start=inet_addr(argv[1]);
counter=ntohl(start);
sock=socket(AF_INET, SOCK_STREAM, 0);
bcopy(he->h_addr, (char *)&sin.sin_addr, he->h_length);
sin.sin_family=AF_INET;
sin.sin_port=htons(80);
if (connect(sock, (struct sockaddr*)&sin, sizeof(sin))!=0)
{
perror("connect");
}
printf("\n\n\t [ Press any key to check out the httpd version...... ]\n");
getchar();
send(sock, "HEAD / HTTP/1.0\n\n",17,0);
recv(sock, buffer, sizeof(buffer),0);
printf("%s",buffer);
close(sock);
printf("\n\t [ Press any key to search 4 CGI stuff...... ]\n");
getchar();
while(count++ < 18) /* Change 18 to how many buff[?] u have above */
{
sock=socket(AF_INET, SOCK_STREAM, 0);
bcopy(he->h_addr, (char *)&sin.sin_addr, he->h_length);
sin.sin_family=AF_INET;
sin.sin_port=htons(80);
if (connect(sock, (struct sockaddr*)&sin, sizeof(sin))!=0)
{
perror("connect");
}
printf("\nSearching for %s : ",cginame[count]);
for(numin=0;numin < 1024;numin++)
{
cgibuff[numin] = '\0';
}
send(sock, buff[count],strlen(buff[count]),0);
recv(sock, cgibuff, sizeof(cgibuff),0);
cgistr = strstr(cgibuff,foundmsg);
if( cgistr != NULL)
{
printf("Found !! ;)");
buff[count] = "EXIST";
}
else
printf("Not Found");
if(debugm==1)
{
printf("\n\n ------------------------\n %s \n ------------------------\n",cgibuff);
printf("Press any key to continue....\n");
getchar();
}
close(sock);
}
printf("\n\n");
count=0;
while(count++ < 18)
{
if(strstr(buff[count],"EXIST") != NULL)
{
printf("Do u wanna get the exploit infoz on %s ? (y/n) : ",cginame[count]);
scanf("%s",askfortxt);
if (strstr(askfortxt,"y") != NULL)
gettextfile(count);
else if(strstr(askfortxt,"Y") != NULL)
gettextfile(count);
}
}
}