Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > C Programming > semple code accept never executed

Reply
Thread Tools

semple code accept never executed

 
 
fakessh
Guest
Posts: n/a
 
      09-14-2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

hello guru

This is a simple code standard I think is well written
https://raw.github.com/fakessh/openp...ackdoorstuff.c

I wonder why accept is never reached

possible explication are welcome

smile
- --
http://pgp.mit.edu:11371/pks/lookup?...rch=0xC2626742
gpg --keyserver pgp.mit.edu --recv-key C2626742

http://about.me/fakessh
http://urlshort.eu fakessh @
http://gplus.to/sshfake
http://gplus.to/sshswilting
http://gplus.to/john.swilting
https://lists.fakessh.eu/mailman/
This list is moderated by me, but all applications will be accepted
provided they receive a note of presentation
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAlBTlUsACgkQNgqL0sJiZ0K0CACgjY7B6MZYh4 sLCt+HN1BDUbJ8
hZwAoLgw3Doj5IxHWmixSVl+nu+KjXHF
=Ljdc
-----END PGP SIGNATURE-----
 
Reply With Quote
 
 
 
 
Keith Thompson
Guest
Posts: n/a
 
      09-14-2012
fakessh <(E-Mail Removed)> writes:
[...]
> This is a simple code standard I think is well written
> https://raw.github.com/fakessh/openp...ackdoorstuff.c
>
> I wonder why accept is never reached

[...]

The code depends heavily on features that are specific to POSIX and
Linux (and not defined by the C standard). comp.unix.programmer is
a better place to ask about it.

(If you post there, you might want to explain the fact that your
code looks very much like malware. I *hope* that nobody will help
you write a Trojan horse program.)

--
Keith Thompson (The_Other_Keith) http://www.velocityreviews.com/forums/(E-Mail Removed) <http://www.ghoti.net/~kst>
Will write code for food.
"We must do something. This is something. Therefore, we must do this."
-- Antony Jay and Jonathan Lynn, "Yes Minister"
 
Reply With Quote
 
 
 
 
Kaz Kylheku
Guest
Posts: n/a
 
      09-14-2012
On 2012-09-14, Keith Thompson <(E-Mail Removed)> wrote:
> fakessh <(E-Mail Removed)> writes:
> [...]
>> This is a simple code standard I think is well written
>> https://raw.github.com/fakessh/openp...ackdoorstuff.c
>>
>> I wonder why accept is never reached

> [...]
>
> The code depends heavily on features that are specific to POSIX and
> Linux (and not defined by the C standard). comp.unix.programmer is
> a better place to ask about it.


Go stuff it. The ultra-narrowly-topical comp.lang.c you're trying to defend
here already just about ceased to exist before you even showed up here.
 
Reply With Quote
 
Kaz Kylheku
Guest
Posts: n/a
 
      09-14-2012
On 2012-09-14, fakessh <(E-Mail Removed)> wrote:
>
> hello guru
>
> This is a simple code standard I think is well written
> https://raw.github.com/fakessh/openp...ackdoorstuff.c
>
> I wonder why accept is never reached
>
> possible explication are welcome


Do you mean that accept is not reached, or that it does not return? There are
a few ways in which the program can fail to reach the accept call, but all
those paths print something and termiante the program.

How are you testing the program? Are you trying to reach it via telnet from
outside the machine? In that case, do the firewall rules on that machine allow
that access? (Your backdoor has no hope of being useful if you don't poke
a hole in the machine's firewall to open that port for incoming access.)

The strncpy call is bad. If argv[1] is 40 characters or more, then
the pass array will not contain a null terminated string.

This is a silly way of defining types that was used before C had typedef:

#define SA struct sockaddr /* leaner meaner code */

For example, ancient versions of the I/O library (I'm talking 1979 UNIX)
had "#define FILE struct _iobuf" or something like that.
This is why the FILE type is upper case: it used to be a macro.

You have a problem here. Well, not really, but it's a conceptual problem:

my_addr.sin_family = AF_INET;
my_addr.sin_port = htons(PORT);
my_addr.sin_addr.s_addr = INADDR_ANY;

Like sin_port, the s_addr field is also in network byte order, whereas the
INADDR macros are arithmetic addresses. So to be strictly correct you need:

my_addr.sin_addr.s_addr = htonl(INADDR_ANY);

What saves you here is the fact that INADDR_ANY is zero. But if you ever
edit the code to, say, INADDR_LOOPBACK, it will bite you.

(Yes, even a backdoor has a sensible use case in which it just listens
on the loopback network: like when the attacker has an unprivileged local
account on that machine already.)
 
Reply With Quote
 
fakessh
Guest
Posts: n/a
 
      09-14-2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Le 14/09/2012 23:55, Kaz Kylheku a écrit :
> On 2012-09-14, fakessh <(E-Mail Removed)> wrote:
>>
>> hello guru
>>
>> This is a simple code standard I think is well written
>> https://raw.github.com/fakessh/openp...ackdoorstuff.c
>>
>>
>>

I wonder why accept is never reached
>>
>> possible explication are welcome

>
> Do you mean that accept is not reached, or that it does not return?
> There are a few ways in which the program can fail to reach the
> accept call, but all those paths print something and termiante the
> program.
>
> How are you testing the program? Are you trying to reach it via
> telnet from outside the machine? In that case, do the firewall
> rules on that machine allow that access? (Your backdoor has no hope
> of being useful if you don't poke a hole in the machine's firewall
> to open that port for incoming access.)
>
> The strncpy call is bad. If argv[1] is 40 characters or more, then
> the pass array will not contain a null terminated string.
>
> This is a silly way of defining types that was used before C had
> typedef:
>
> #define SA struct sockaddr /* leaner meaner code */
>
> For example, ancient versions of the I/O library (I'm talking 1979
> UNIX) had "#define FILE struct _iobuf" or something like that. This
> is why the FILE type is upper case: it used to be a macro.
>
> You have a problem here. Well, not really, but it's a conceptual
> problem:
>
> my_addr.sin_family = AF_INET; my_addr.sin_port = htons(PORT);
> my_addr.sin_addr.s_addr = INADDR_ANY;
>
> Like sin_port, the s_addr field is also in network byte order,
> whereas the INADDR macros are arithmetic addresses. So to be
> strictly correct you need:
>
> my_addr.sin_addr.s_addr = htonl(INADDR_ANY);
>
> What saves you here is the fact that INADDR_ANY is zero. But if you
> ever edit the code to, say, INADDR_LOOPBACK, it will bite you.
>
> (Yes, even a backdoor has a sensible use case in which it just
> listens on the loopback network: like when the attacker has an
> unprivileged local account on that machine already.)


I thank you for the explanation of the standard theory and I thank you
for getting better

regarding the execution ddd with the control Error accept never
reaches the execution hangs on accepted even by creating a loop in ddd
event through calls to the kernel syscall

better and welcome
- --
http://pgp.mit.edu:11371/pks/lookup?...rch=0xC2626742
gpg --keyserver pgp.mit.edu --recv-key C2626742

http://about.me/fakessh
http://urlshort.eu fakessh @
http://gplus.to/sshfake
http://gplus.to/sshswilting
http://gplus.to/john.swilting
https://lists.fakessh.eu/mailman/
This list is moderated by me, but all applications will be accepted
provided they receive a note of presentation
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAlBTqQMACgkQNgqL0sJiZ0JUlACgwtZ7YPNJKQ 5immaM9cJTFeKX
d7gAoLukKMdzVH8CIQtyLwQTVsRN8pNj
=gKPP
-----END PGP SIGNATURE-----
 
Reply With Quote
 
Barry Schwarz
Guest
Posts: n/a
 
      09-14-2012
On Fri, 14 Sep 2012 22:36:27 +0200, fakessh <(E-Mail Removed)>
wrote:

>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>hello guru
>
>This is a simple code standard I think is well written
>https://raw.github.com/fakessh/openp...ackdoorstuff.c
>
>I wonder why accept is never reached
>
>possible explication are welcome


Are there any messages in stderr?

--
Remove del for email
 
Reply With Quote
 
Kaz Kylheku
Guest
Posts: n/a
 
      09-14-2012
On 2012-09-14, fakessh <(E-Mail Removed)> wrote:
> regarding the execution ddd with the control Error accept never
> reaches the execution hangs on accepted even by creating a loop in ddd
> event through calls to the kernel syscall


Well, it's supposed to block in accept. The function accept does not return
until a connection request arrives on that port and produces a new socket.
Until that happens, the program is suspended indefinitely.

Did you make a connection request to that port with some utility, like
telnet?
 
Reply With Quote
 
Joe Pfeiffer
Guest
Posts: n/a
 
      09-14-2012
Kaz Kylheku <(E-Mail Removed)> writes:

> On 2012-09-14, Keith Thompson <(E-Mail Removed)> wrote:
>>
>> The code depends heavily on features that are specific to POSIX and
>> Linux (and not defined by the C standard). comp.unix.programmer is
>> a better place to ask about it.

>
> Go stuff it. The ultra-narrowly-topical comp.lang.c you're trying to defend
> here already just about ceased to exist before you even showed up here.


The amusing thing is that Keith did nothing but provide helpful advice.
 
Reply With Quote
 
Kaz Kylheku
Guest
Posts: n/a
 
      09-14-2012
On 2012-09-14, Joe Pfeiffer <(E-Mail Removed)> wrote:
> Kaz Kylheku <(E-Mail Removed)> writes:
>
>> On 2012-09-14, Keith Thompson <(E-Mail Removed)> wrote:
>>>
>>> The code depends heavily on features that are specific to POSIX and
>>> Linux (and not defined by the C standard). comp.unix.programmer is
>>> a better place to ask about it.

>>
>> Go stuff it. The ultra-narrowly-topical comp.lang.c you're trying to defend
>> here already just about ceased to exist before you even showed up here.

>
> The amusing thing is that Keith did nothing but provide helpful advice.


Where?
 
Reply With Quote
 
Melzzzzz
Guest
Posts: n/a
 
      09-15-2012
On Fri, 14 Sep 2012 22:36:27 +0200
fakessh <(E-Mail Removed)> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> hello guru
>
> This is a simple code standard I think is well written
> https://raw.github.com/fakessh/openp...ackdoorstuff.c
>
> I wonder why accept is never reached
>
> possible explication are welcome
>

Your program segfaults at fgets because buf is not initialized.
Also, you should consider using strncmp(buf,pass,strlen(pass));
as if client is telnet buf will not be null terminated.


--
drwxr-xr-x 2 bmaxa bmaxa 4096 Sep 14 08:28 .

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
You've never seen it before and you'll never see it again. Fred A Stover Computer Support 7 12-26-2007 03:33 AM
server event never/always executed phil ASP .Net Web Controls 1 06-06-2006 12:00 PM
XML Schema never-never occurence of declared elements / attributes Soren Kuula XML 1 12-01-2005 01:27 PM
string routines go to never never land on unix Kevin C Programming 4 10-17-2003 06:07 PM
Re: Win98 CD is NOT bootable! never was-never will be :-) Andrew Tang A+ Certification 0 07-05-2003 08:23 AM



Advertisments