91av视频/亚洲h视频/操亚洲美女/外国一级黄色毛片 - 国产三级三级三级三级

資源簡介

模糊測試作為發(fā)現(xiàn)漏洞的重要手段,為每個安全技術(shù)人員必須掌握。 本例子作為基礎(chǔ)的應(yīng)用層協(xié)議測試例子,代碼簡短精悍,注釋完全,結(jié)構(gòu)清晰,旨在揭示模糊測試原理,為初學者揭開其神秘面紗,對其不再感到困惑,當有拋磚引玉作用。

資源截圖

代碼片段和文件信息 

/*
?*?simple_http_fuzzer.c
?*
?*/
#include?
#include?
#include?
#include?

//maximum?length?to?grow?out?url
#define?MAX_NAME_LEN?2048
//max?strlen?of?a?valid?IP?address?+?null
#define?MAX_IP_LEN?16

//static?HTTP?protocol?content?into?which?we?insert?fuzz?string
char?request[]?=?“GET?%*s.html?HTTP/1.1\r\nHost:?%s\r\n\r\n“;
int?main(int?argc?char?**argv)?{
	//buffer?to?build?out?long?request
	char?buf[MAX_NAME_LEN?+?sizeof(request)?+?MAX_IP_LEN];
	//server?address?structure
	struct?sockaddr_in?server;
	int?sock?len?req_len;
	if?(argc?!=?3)?{?//require?IP?address?on?the?command?line
		fprintf(stderr?“Missing?server?IP?address\n“);
		exit(1);
	}
	
	memset(&server?0?sizeof(server));?//clear?the?address?info
	server.sin_family?=?AF_INET;?//building?an?IPV4?address
	server.sin_port?=?htons(80);?//connecting?to?port?80
	//convert?the?dotted?IP?in?argv[1]?into?network?representation
	if?(inet_pton(AF_INET?argv[1]?&server.sin_addr)?<=?0)?{
		fprintf(stderr?“Invalid?server?IP?address:?%s\n“?argv[1]);
		exit(1);
	}
	
	//This?is?the?basic?fuzzing?loop.?We?loop?growing?the?url?by
	//4?characters?per?pass?until?an?error?occurs?or?we?reach?MAX_NAME_LEN
	for?(len?=?4;?len?		//first?we?need?to?connect?to?the?server?create?a?socket...
		sock?=?socket(AF_INET?SOCK_STREAM?0);
		if?(sock?==?-1)?{
			fprintf(stderr?“Could?not?create?socket?quitting\n“);
			exit(1);
		}
		//and?connect?to?port?80?on?the?web?server
		if?(connect(sock?(struct?sockaddr*)&server?sizeof(server)))?{
			fprintf(stderr?“Failed?connect?to?%s?quitting\n“?argv[1]);
			close(sock);
			exit(1);????//terminate?if?we?can‘t?connect
		}
		//build?the?request?string.?Request?really?only?reserves?space?for
		//the?name?field?that?we?are?fuzzing?(using?the?*?format?specifier)
		req_len?=?snprintf(buf?sizeof(buf)?request?len?“A“?argv[1]);
		
		//this?actually?copies?the?growing?number?of?A‘s?into?the?request
		memset(buf?+?4?‘A‘?len);
		
		//now?send?the?request?to?the?server
		send(sock?buf?req_len?0);
		//try?to?read?the?server?response?for?simplicity‘s?sake?let‘s?assume
		//that?the?remote?side?choked?if?no?bytes?are?read?or?a?recv?error
		//occurs
		if?(read(sock?buf?sizeof(buf)?0)?<=?0)?{
			fprintf(stderr?“Bad?recv?at?len?=?%d\n“?len);
			close(sock);
			break;?//a?recv?error?occurred?report?it?and?stop?looping
		}
		close(sock);
	}
	return?0;
}

?屬性????????????大小?????日期????時間???名稱
-----------?---------??----------?-----??----

?????文件???????2516??2013-08-19?14:41??simple_http_fuzzer.c

-----------?---------??----------?-----??----

?????????????????2516????????????????????1


評論

共有 條評論