📄 00000005.htm
字号:
<BR> 现在我们来检验一下goodie是否可以执行: <BR> <BR> <BR> telnet localhost 20001 <BR> <BR> 或 <BR> <BR> telnet your_host_name 20001 <BR> <BR> <BR> 执行结果 <BR> <BR> <BR> Trying 127.0.0.1... <BR> <BR> Connected to localhost. <BR> <BR> Escape character is '^]'. <BR> <BR> Welcome to goodie service! <BR> <BR> Connection closed by foreign host. <BR> <BR> <BR> 很简单不是吗? 信不信由您,telnet/pop3/imap/ftp都是靠这种方式建立起来 <BR> <BR> 的服务。 <BR> <BR> <BR> 我们现在来建立一点小小的"网路协定",这个协定使我们可以输入"exit"时, <BR> <BR> 离开程式,而其他的指令都是输出与输入相同的字串。 <BR> <BR> <BR> #include <stdio.h> <BR> <BR> #include <stdlib.h> <BR> <BR> #include <string.h> <BR> <BR> <BR> void main(void) <BR> <BR> { <BR> <BR> char buf[1024]; <BR> <BR> int ok; <BR> <BR> <BR> printf("Welcome to goodie service!\n"); <BR> <BR> fflush(stdout); <BR> <BR> <BR> ok=0; <BR> <BR> do { <BR> <BR> while (fgets(buf,1023,stdin)==NULL); <BR> <BR> if (strncasecmp(buf,"exit",4)==0) ok=1; <BR> <BR> printf(buf); <BR> <BR> fflush(stdout); <BR> <BR> } while (!ok); <BR> <BR> } <BR> <BR> <BR> 执行结果 <BR> <BR> <BR> telnet localhost 20001 <BR> <BR> 或 <BR> <BR> telnet your_host_name 20001 <BR> <BR> <BR> <BR> <BR> Trying 127.0.0.1... <BR> <BR> Connected to localhost. <BR> <BR> Escape character is '^]'. <BR> <BR> Welcome to goodie service! <BR> <BR> <BR> 输入"help" <BR> <BR> <BR> help <BR> <BR> help <BR> <BR> <BR> 输入"exit" <BR> <BR> <BR> exit <BR> <BR> exit <BR> <BR> Connection closed by foreign host. <BR> <BR> <BR> 接下来,我们将设计一个稍微复杂一点点的通讯协定,比较通用於一般用途。 <BR> <BR> #include <stdio.h> <BR> <BR> #include <stdlib.h> <BR> <BR> #include <string.h> <BR> <BR> <BR> char *cmds[]={ <BR> <BR> "help", <BR> <BR> "say", <BR> <BR> "hello", <BR> <BR> "bye", <BR> <BR> "exit", <BR> <BR> NULL <BR> <BR> }; <BR> <BR> <BR> int getcmd(char *cmd) <BR> <BR> { <BR> <BR> int n=0; <BR> <BR> while (cmds[n]!=NULL) { <BR> <BR> if (strncasecmp(cmd,cmds[n],strlen(cmds[n]))==0) return n; <BR> <BR> n++; <BR> <BR> } <BR> <BR> return -1; <BR> <BR> } <BR> <BR> <BR> void main(void) <BR> <BR> { <BR> <BR> char buf[1024]; <BR> <BR> int ok; <BR> <BR> <BR> printf("Welcome to goodie service!\n"); <BR> <BR> fflush(stdout); <BR> <BR> <BR> ok=0; <BR> <BR> do { <BR> <BR> while (fgets(buf,1023,stdin)==NULL); <BR> <BR> switch (getcmd(buf)) { <BR> <BR> case -1: printf("Unknown command!\n"); break; <BR> <BR> case 0: printf("How may I help you, sir?\n"); break; <BR> <BR> case 1: printf("I will say %s",&buf[3]); break; <BR> <BR> case 2: printf("How're you doing today?\n"); break; <BR> <BR> case 3: printf("Si ya, mate!\n"); ok=1; break; <BR> <BR> case 4: printf("Go ahead!\n"); ok=1; break; <BR> <BR> } <BR> <BR> fflush(stdout); <BR> <BR> } while (!ok); <BR> <BR> <BR> } <BR> <BR> <BR> telnet localhost 20001 <BR> <BR> 或 <BR> <BR> telnet your_host_name 20001 <BR> <BR> <BR> 试试看输入"help"、"say"、"hello"、"bye"、"exit"等等指令,及其它一些不 <BR> <BR> 在命令列中的指令。 <BR> <BR> <BR> 在设计inetd服务程式时,要特别注意buffer overflow的问题,也就是以下这 <BR> <BR> 种状况: <BR> <BR> <BR> char buffer_overflow[64]; <BR> <BR> fscanf(stdin,"%s",buffer_overflow); <BR> <BR> <BR> 历来几乎所有的安全漏洞都是由此而来的。 <BR> <BR> 你一定不可这样用,不论任何理由,类同的用法也不可以。Cracker可以透过将 <BR> <BR> 您的buffer塞爆,然後塞进他自己的程式进来执行。 <BR> <BR> <BR> <BR> OK STATION, Webmaster, Brian Lin <BR> <BR> <BR> <BR> <BR>-- <BR>在江湖中,只要拿起了刀,就是一场无涯的梦。 <BR> <BR>※ 来源:·BBS 水木清华站 bbs.net.tsinghua.edu.cn·[FROM: 159.226.21.168] <BR><CENTER><H1>BBS水木清华站∶精华区</H1></CENTER></BODY></HTML>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -