API tools faq
paste
Advertisement
SecurityObscurity

vserver source code

SecurityObscurity
Jan 2nd, 2014
214
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C 1.95 KB | None | 0 0
raw download clone embed print report
  1. /*
  2. *   Vulnerable server linked to these videos
  3. *    - Windows Exploit Development Remote Stack Buffer Overflow  http://www.youtube.com/watch?v=ekazS--EYfM
  4. *    - Build Metasploit Module (Windows Exploit Development)  http://www.youtube.com/watch?v=bvI541y4gFI
  5. *
  6. */
  7. #include "iostream.h"
  8. #include "string.h"
  9. #include "windows.h"
  10. #include "winsock2.h"
  11.  
  12. #pragma comment(lib,"ws2_32.lib")
  13.    
  14. // This must be an array of chars
  15. char *validPwd = "root";
  16.  
  17. int checkPwd( char *msg ) {
  18.  
  19.     char pwd[50] = "";
  20.     strcpy( pwd, msg );
  21.  
  22.     if( strcmp( pwd, validPwd ) == 0 )
  23.         return 1;
  24.     else
  25.         return 0;
  26.  
  27. }
  28.  
  29. int main() {
  30.  
  31.     HINSTANCE hinstLib= LoadLibrary(TEXT("ws2help.dll"));
  32.     char pwd[500] = "";
  33.  
  34.     WSADATA WsaDat;
  35.     if(WSAStartup(MAKEWORD(2,2),&WsaDat)!=0)
  36.     {
  37.         printf("WSA Initialization failed!\r\n");
  38.         return 0;
  39.     }
  40.  
  41.     SOCKET Socket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
  42.     if( Socket == INVALID_SOCKET ) {
  43.  
  44.         printf("Socket creation failed.\r\n");
  45.         return 0;
  46.     }
  47.  
  48.     SOCKADDR_IN serverInf;
  49.     serverInf.sin_family = AF_INET;
  50.     serverInf.sin_addr.s_addr = INADDR_ANY;
  51.     serverInf.sin_port = htons(15000);
  52.  
  53.     if( bind(Socket,(SOCKADDR*)(&serverInf),sizeof(serverInf)) == SOCKET_ERROR ) {
  54.         printf("Unable to bind socket!\r\n");
  55.         return 0;
  56.     }
  57.  
  58.     listen(Socket,1);
  59.     SOCKET sd; // Socket descriptor
  60.  
  61.     while( 1 ) {
  62.  
  63.         printf(  "Listening on port 15000...\r\n");
  64.  
  65.         if( (sd = accept(Socket, NULL, NULL) ) == -1 ) {
  66.             printf("Accept error" );
  67.             return 1;
  68.         }
  69.  
  70.         printf( "Client connected!\r\n\r\n" );
  71.  
  72.  
  73.         // Receive password
  74.         char bufferP[4000] = "";
  75.         memset(bufferP, 0, 4000);
  76.         int inDataLength = recv( sd, bufferP, 4000, 0);
  77.  
  78.         // If password is correct
  79.         if( checkPwd( bufferP ) )
  80.             printf( "Welcome to vserver!\n" );
  81.         else
  82.             printf( "Access denied\n" );
  83.  
  84.  
  85.     } // End while
  86.  
  87.     // Shutdown our socket
  88.     shutdown(sd,SD_SEND);
  89.     // Close our socket entirely
  90.     closesocket(sd);
  91.  
  92.  
  93.     // Cleanup Winsock
  94.     WSACleanup();
  95.     return 0;
  96. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!