📄 382.htm
字号:
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>CTerm非常精华下载</title>
</head>
<body bgcolor="#FFFFFF">
<table border="0" width="100%" cellspacing="0" cellpadding="0" height="577">
<tr><td width="32%" rowspan="3" height="123"><img src="DDl_back.jpg" width="300" height="129" alt="DDl_back.jpg"></td><td width="30%" background="DDl_back2.jpg" height="35"><p align="center"><a href="http://apue.dhs.org"><font face="黑体"><big><big>apue</big></big></font></a></td></tr>
<tr>
<td width="68%" background="DDl_back2.jpg" height="44"><big><big><font face="黑体"><p align="center"> ● UNIX网络编程 (BM: clown) </font></big></big></td></tr>
<tr>
<td width="68%" height="44" bgcolor="#000000"><font face="黑体"><big><big><p align="center"></big></big><a href="http://cterm.163.net"><img src="banner.gif" width="400" height="60" alt="banner.gif"border="0"></a></font></td>
</tr>
<tr><td width="100%" colspan="2" height="100" align="center" valign="top"><br><p align="center">[<a href="index.htm">回到开始</a>][<a href="377.htm">上一层</a>][<a href="383.htm">下一篇</a>]
<hr><p align="left"><small>发信人: VRGL (毕业设计做三维渲染----真苦!!!), 信区: Security <br>
标 题: Re: 请问哪儿可以下栽对sendmail进行攻击的源程序 <br>
发信站: BBS 水木清华站 (Sat Aug 5 08:55:39 2000) <br>
<br>
/* <br>
** sendmail_wrapper.c - wrap sendmail to prevent newlines in command line <br>
** and clean up the environment. <br>
** <br>
** Authors: Eric Halil, Danny Smith <br>
** AUSCERT <br>
** c/o Prentice Centre <br>
** The University of Queensland <br>
** Qld. 4072. <br>
** Australia <br>
** 22-Feb-1995 <br>
** <br>
** Disclaimer: The use of this program is at your own risk. It is <br>
** designed to combat a particular vulnerability, and may <br>
** not combat other vulnerabilities, either past or future. <br>
** The decision to use this program is yours, as are the <br>
** consequences of its use. <br>
** <br>
** This program is designed to be an interim relief measure <br>
** until appropriate patches can be obtained from your vendor. <br>
<br>
** <br>
** Installation instructions <br>
** ========================= <br>
** <br>
** 1. su to root. <br>
** <br>
** 2. Determine the location of sendmail. On SunOS and Ultrix <br>
** systems, it is located in the /usr/lib directory. On BSDI <br>
** systems, it is located in the /usr/sbin directory. For example <br>
** purposes only, /usr/lib will be used in the following instructions <br>
** steps. <br>
** <br>
** 3. Copy the sendmail program to sendmail.real. Change the permissions <br>
** on the copy of sendmail. <br>
** <br>
** # cd /usr/lib <br>
** # cp sendmail sendmail.real <br>
** # chmod 0700 sendmail.real <br>
** <br>
** 4. Determine the permissions, owner, and group of sendmail. This <br>
** information will be used later. <br>
** <br>
** For BSD users: <br>
** # ls -lg sendmail <br>
** For System V users: <br>
** # ls -l sendmail <br>
** <br>
** 5. Edit this wrapper program and define REAL_SENDMAIL. By default, <br>
** REAL_SENDMAIL is defined as "/usr/lib/sendmail.real". <br>
** <br>
** 6. Compile this program in a directory other than /usr/lib. For <br>
** example to use /tmp, first copy this file into /tmp. <br>
** <br>
** # cd /tmp <br>
** # cc -O -o sendmail sendmail_wrapper.c <br>
** <br>
** 7. Copy this new wrapper program into the directory containing sendmail <br>
. <br>
** Make sure this directory and its parent directories are protected so <br>
<br>
** only root is able to make changes to files in the directory. This <br>
** will replace the existing sendmail. The following steps should be <br>
** executed quickly. <br>
** <br>
** Users will not be able to send e-mail during the time when the <br>
** wrapper is copied into place until the chmod command has been <br>
** executed. Use the information from step #4 and set the permissions <br>
** owner, and group of the new sendmail. <br>
** <br>
** # cp sendmail /usr/lib/sendmail <br>
** # cd /usr/lib <br>
** # chown root sendmail <br>
** # chmod 4511 sendmail <br>
** <br>
** 8. Kill the running sendmail process and start the new sendmail. <br>
** <br>
** For SunOS and Ultrix: <br>
** # kill -9 `head -1 /etc/sendmail.pid` <br>
** # /usr/lib/sendmail -bd -q1h <br>
** <br>
** For BSDI: <br>
** # kill -9 `head -1 /var/run/sendmail.pid` <br>
** # /usr/sbin/sendmail -bd -q1h <br>
** <br>
** <br>
** For other systems, follow your vendors guidelines or use the <br>
** following command. Kill the processes and start the new sendmail. <br>
** # ps -auxw | grep sendmail | grep -v grep <br>
** # kill -9 (process id numbers) <br>
** # ./sendmail -bd -q1h <br>
** <br>
** 9. Test that mail still works. <br>
** Version 1.1 22-Feb-1995. <br>
*/ <br>
#include <stdio.h> <br>
/* <br>
** REAL_SENDMAIL needs to be defined using the full pathname <br>
** of the real sendmail. A few known locations have been defined. <br>
*/ <br>
#ifdef sun <br>
#define REAL_SENDMAIL "/usr/lib/sendmail.real" <br>
#endif <br>
#ifdef ultrix <br>
#define REAL_SENDMAIL "/usr/lib/sendmail.real" <br>
#endif <br>
#if defined (__bsdi__) || defined(__386BSD__) || defined(__FreeBSD__) || def <br>
ined(__NetBSD__) <br>
#define REAL_SENDMAIL "/usr/sbin/sendmail.real" <br>
#endif <br>
int main( argc, argv, envp) <br>
int argc; <br>
char *argv[]; <br>
char *envp[]; <br>
{ <br>
char *cp; <br>
int i; <br>
int j; <br>
int status; <br>
/* <br>
** Ensure that there are no newlines in the arguments <br>
*/ <br>
for ( i = 1; i < argc; i++) <br>
{ <br>
for ( cp = argv[ i]; *cp != '\0'; cp++) <br>
{ <br>
if ( ( *cp == '\r') || ( *cp == '\n')) <br>
{ <br>
*cp = ' '; <br>
} <br>
} <br>
} <br>
} <br>
/* <br>
** While we are at it, let's clean up the environment <br>
** Remove LD_*, IFS, and PATH enviroment variables before execing <br>
*/ <br>
i = 0; <br>
while( envp[ i] != NULL) <br>
{ <br>
if ( strncmp( envp[ i], "LD_", 3) == 0) <br>
{ <br>
j = i; <br>
while ( envp[ j] != NULL) <br>
{ <br>
envp[ j] = envp[ j + 1]; <br>
j++; <br>
} <br>
continue; <br>
} <br>
if ( strncmp( envp[ i], "IFS=", 4) == 0) <br>
{ <br>
j = i; <br>
while ( envp[ j] != NULL) <br>
{ <br>
envp[ j] = envp[ j + 1]; <br>
j++; <br>
} <br>
continue; <br>
} <br>
if ( strncmp( envp[ i], "PATH=", 5) == 0) <br>
{ <br>
j = i; <br>
while ( envp[ j] != NULL) <br>
{ <br>
envp[ j] = envp[ j + 1]; <br>
j++; <br>
} <br>
continue; <br>
} <br>
/* <br>
** Now check for newlines in environment variables <br>
*/ <br>
for ( cp = envp[ i]; *cp != '\0'; cp++) <br>
{ <br>
{ <br>
if ( ( *cp == '\r') || ( *cp == '\n')) <br>
{ <br>
*cp = ' '; <br>
} <br>
} <br>
/* <br>
** next environment variable <br>
*/ <br>
i++; <br>
} <br>
/* <br>
** exec the real sendmail now <br>
*/ <br>
status = execve( REAL_SENDMAIL, argv, envp); <br>
perror( "execve sendmail"); <br>
return( status); <br>
} <br>
<br>
【 在 volkswagon (痛哭的人) 的大作中提到: 】 <br>
: 如题 <br>
<br>
<br>
-- <br>
</small><hr>
<p align="center">[<a href="index.htm">回到开始</a>][<a href="377.htm">上一层</a>][<a href="383.htm">下一篇</a>]
<p align="center"><a href="http://cterm.163.net">欢迎访问Cterm主页</a></p>
</table>
</body>
</html>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -