static int get_flags(struct arguments *args, int argc, char *argv[]) { int c; for(;;) { int option_index = 0; static struct option long_options[] = { { "ipv4", 1, 0, '4' }, { "help", 0, 0, 'h' }, { "mx", 1, 0, 'm' }, { "offline", 0, 0, 'o' }, { "system", 1, 0, 's' }, { "wildcard", 1, 0, 'w' }, { "with-backmx", 0, 0, 'b' }, { "version", 0, 0, 'v' }, { NULL, 0, 0, 0 } }; c = getopt_long(argc, argv, "4:bm:os:w:", long_options, &option_index); if(c == -1) break; switch(c) { case '4': args->ipv4 = optarg; break; case 'v': print_version(stdout); exit(EXIT_SUCCESS); break; } } switch(argc-optind) { default: ret_msg(NONE, "wrong usage"); return RET_WRONG_USAGE; case 2: args->login = getenv("LOGIN"); if(args->login == NULL) { ret_msg(NONE, "environment variable LOGIN is empty"); return RET_WRONG_USAGE; } break; case 3: args->login = argv[ARGV_LOGIN]; } args->hostname = argv[ARGV_HOSTNAME]; return RET_OK; }
static int clear_atnet(const int s, struct arguments *args) { char *b64user; char message[BUFLEN]; if(strlen(args->login) > 128) { ret_msg(NONE, "username is too long"); return RET_ERROR; } memset(message,0,sizeof(message)); b64user = (char *)malloc((2 * strlen(args->login) + 1)); if(b64user == NULL) { ret_msg(PERR, "malloc() failed"); return RET_WARNING; } (void)memset(b64user, 0, 2 * strlen(args->login) + 1); base64encode(args->login, b64user); { char buffer[1024]; (void)snprintf(buffer, 1024, " GET /DynDNS/clear.cgi HTTP/1.1\r\n" "Host: %s\r\n" "Authorization: Basic %s\r\n" "User-Agent: %s %s - %s\r\n" "Connection: close\r\n" "Pragma: no-cache\r\n\r\n", DYNDNSHOST, b64user, PNAME, VERSION, HOMEPAGE); (void)strncat(message, buffer, BUFLEN - 1 - strlen(message)); } print_debug("\n\nMessage:" "\n--------------------------------------\n" "%s--------------------------------------\n\n", message); if(write(s, message, strlen(message)) == -1) { ret_msg(PERR, "write() failed"); return RET_WARNING; } free(b64user); return RET_OK; }
int client_interpret(t_client *clt) { int chk; bzero(clt->ret, 4096); chk = read(clt->fd, clt->ret, 4096); write(1, clt->ret, strlen(clt->ret)); if (clt->ret_att == 1) { if (clt->last_com == 0 && check_errmsg(clt->ret) == 0) { clt->log = 0; return (ret_msg(clt->ret)); } else if (check_errmsg(clt->ret) == 0) return (ret_msg(clt->ret)); } if (client_showret(clt, chk) == -1) return (-1); return (0); }
int atnet(int argc, char *argv[]) { struct arguments args; int s, ret; const char *ptr; (void)memset(&args, 0, sizeof(struct arguments)); if(get_flags(&args, argc, argv) != RET_OK) { return RET_WRONG_USAGE; } s = get_connection(DYNDNSHOST, PORT, &ptr); if(s == -1) { ret_msg(HERR, "%s: %s", ptr, DYNDNSHOST); ret = RET_WARNING; } else { ret = update_atnet(s, &args); if(ret == RET_OK) { ret = check_server_msg(s, args.hostname); } (void)close(s); } if(ret == RET_OK) { system("echo 1 > /var/ddns_status"); } else { system("echo 0 > /var/ddns_status"); } return ret; }
/** * This is the part that launches the code in the Unicorn emulator. **/ int em_code(u8 *code, u32 bytelength, u32 startat, u8 *seed_res, uc_arch arch){ // bit of lazy coding here: update a global arch var, so that // we can easily read the arch from the single step hook. // neither elegant nor dangerous. if (global_arch != arch) global_arch = arch; /* The start address must be aligned to 4KB, or uc_mem_map will * throw a UC_ERR_ARG error. */ u32 round_start = startat & (u32) (~0xFFF); u32 offset = startat - round_start; int errcode = 0; int roundlength = roundup(bytelength); uc_engine *uc; uc_err err; uc_hook hook1; int sys_abi_len; uc_mode mode; int ret_inst; int *sys_abi_vec; /* if (DEBUG){ */ /* printf("IN EMULATOR\n"); */ /* fdump(stdout, code, bytelength); */ /* } */ switch (arch) { case UC_ARCH_X86 : sys_abi_vec = x86_64_syscall_abi; // careful sys_abi_len = x86_64_syscall_abi_len; mode = UC_MODE_64; ret_inst = UC_X86_INS_RET; break; case UC_ARCH_ARM : if (DEBUG) printf("Emulating ARM architecture...\n"); sys_abi_vec = arm_32_syscall_abi; sys_abi_len = arm_32_syscall_abi_len; mode = UC_MODE_ARM; break; default : fprintf(stderr,"Unknown architecture requested of em_code.\nExiting.\n"); exit(EXIT_FAILURE); } union seedvals { u32 words[sys_abi_len]; // wrinkle here: the word size should be dynamic u8 bytes[sys_abi_len * sizeof(word)]; } seedvals; /* fprintf(stderr, "bytelength = %d\nroundlength = %d\nsizeof(seedvals.bytes) = %d\nsizeof(seed_res) = %d\nsizeof(word) * sys_abi_len = %d\n",bytelength, roundlength, sizeof(seedvals.bytes), sizeof(seed_res), (sys_abi_len * sizeof(word))); */ if (!memcpy(seedvals.bytes, seed_res, (sys_abi_len * sizeof(word)))){ fprintf(stderr, "Error in memcpy, in em_code.\n"); } /** * from the unicorn src: "This part of the API is less... clean... * because Unicorn supports arbitrary register types. So the least * intrusive solution is passing individual pointers. On the plus * side, you only need to make this pointer array once." */ void *ptrs[sys_abi_len]; int i; for (i = 0; i < sys_abi_len; i++) { ptrs[i] = &(seedvals.words[i]); } if ((err = uc_open(arch, mode, &uc))) { uc_perror("uc_open", err); return -1; } // seed the registers if ((err = uc_reg_write_batch(uc, sys_abi_vec, ptrs, sys_abi_len))){ uc_perror("uc_reg_write_batch", err); return -1; } /* Add a single-stepping hook if debugging */ if (DEBUG){ if ((err = uc_hook_add(uc, &hook1, UC_HOOK_CODE, hook_step, NULL, 1, 0, 0))) { uc_perror("uc_hook_add", err); return 1; } } // don't leave 0x1000 a magic number if ((err = uc_mem_map(uc, round_start, 0x1000, UC_PROT_ALL))) { // does PROT_ALL mean 777? might want to set to XN for ROP... uc_perror("uc_mem_map", err); return -1; } if ((err = uc_mem_write(uc, startat, (void *) code, bytelength-1))) { uc_perror("uc_mem_write", err); return -1; } // why does the unicorn example suggest sizeof(CODE) -1 // where I have bytelength (sizeof(CODE))? probably because // it's implemented as a string, so it ends with a null byte if ((err = uc_emu_start(uc, startat, startat + bytelength -1, 0, TTL))){ if (DEBUG){ uc_perror("uc_emu_start", err); if (err == UC_ERR_FETCH_UNMAPPED) ret_msg(uc, err, arch); } errcode = -2; } uc_reg_read_batch(uc, sys_abi_vec, ptrs, sys_abi_len); /** for testing **/ if (DEBUG) { printf("syscall vec: {"); for (i = 0; i < sys_abi_len; i++) { if (i != 0) printf(", "); printf(WORDFMT, seedvals.words[i]); } printf("}\n"); } /******************/ memcpy(seed_res, seedvals.bytes, (sys_abi_len * sizeof(word))); uc_close(uc); return errcode; }