danger/LLM_patch
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8dd7505095e3e507b1a2b40d679ffab0f207a0a7
LLM_patch/input/recv_extract.c
danger 8dd7505095 init commit
2024-10-15 10:49:25 +08:00

88 lines
2.2 KiB
C
Raw Blame History

//Function: echo_handler ->0x4199222 7 perm->5
// bad sp value at call has been detected, the output may be wrong!
int __cdecl echo_handler(int sock)
{
char buffer[256]; // [rsp+10h] [rbp-100h] BYREF
memset(buffer, 0, sizeof(buffer));
if ( recv(sock, &buffer[8], 0x400uLL, 0) <= 0 )
return 0;
printf("Message from client: %s\n", buffer);
if ( send(sock, "Hello from server\n", 0x12uLL, 0) <= 0 )
return 0;
puts("Hello message sent");
return 1;
}
//Function: main ->0x4199683 7 perm->5
// bad sp value at call has been detected, the output may be wrong!
int __fastcall main(int argc, const char **argv, const char **envp)
{
uint16_t v3; // ax
char client_addr_str[24]; // [rsp+0h] [rbp-40h] BYREF
int addrlen; // [rsp+18h] [rbp-28h] BYREF
int opt; // [rsp+1Ch] [rbp-24h] BYREF
sockaddr_in address; // [rsp+20h] [rbp-20h] BYREF
int new_socket; // [rsp+38h] [rbp-8h]
int server_fd; // [rsp+3Ch] [rbp-4h]
opt = 1;
addrlen = 16;
server_fd = socket(2, 1, 0);
if ( !server_fd )
{
perror("socket failed");
exit(1);
}
if ( setsockopt(server_fd, 1, 15, &opt, 4u) )
{
perror("setsockopt");
exit(1);
}
address.sin_family = 2;
address.sin_addr.s_addr = 0;
address.sin_port = htons(0x2AFFu);
if ( bind(server_fd, (const struct sockaddr *)&address, 0x10u) < 0 )
{
perror("bind failed");
exit(1);
}
if ( listen(server_fd, 3) < 0 )
{
perror("listen");
exit(1);
}
printf("TCP server listening on port %d\n", 11007);
new_socket = accept(server_fd, (struct sockaddr *)&address, (socklen_t *)&addrlen);
if ( new_socket < 0 )
{
perror("accept");
exit(1);
}
inet_ntop(2, &address.sin_addr, client_addr_str, 0x10u);
v3 = ntohs(address.sin_port);
printf("Accept %s:%d\n", client_addr_str, v3);
while ( echo_handler(new_socket) )
;
close(new_socket);
return 0;
}
//Function: backdoor ->0x4200139 7 perm->5
// bad sp value at call has been detected, the output may be wrong!
int __cdecl backdoor()
{
char *new_envp[2]; // [rsp+0h] [rbp-20h] BYREF
char *new_argv[2]; // [rsp+10h] [rbp-10h] BYREF
dup2(4, 0);
dup2(4, 1);
dup2(4, 2);
execve("/bin/sh", new_argv, new_envp);
return 0;
}
Reference in New Issue View Git Blame Copy Permalink