Tuesday, December 29, 2009

Socket programming RCE

My sample of a simple socket code which connected to 127.0.0.1, port 555555

#include
#include "winsock2.h"
#include
//#pragma comment(lib, "wininet.lib")

void main() {
//----------------------
// Initialize Winsock
WSADATA wsaData;
int iResult = WSAStartup(MAKEWORD(2,2), &wsaData);
if (iResult != NO_ERROR)
printf("Error at WSAStartup()\n");

//----------------------
// Create a SOCKET for connecting to server
SOCKET ConnectSocket;
ConnectSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (ConnectSocket == INVALID_SOCKET) {
printf("Error at socket(): %ld\n", WSAGetLastError());
WSACleanup();
return;
}

//----------------------
// The sockaddr_in structure specifies the address family,
// IP address, and port of the server to be connected to.
sockaddr_in clientService;
clientService.sin_family = AF_INET;
clientService.sin_addr.s_addr = inet_addr( "127.0.0.1" );
clientService.sin_port = htons( 55555 );

//----------------------
// Connect to server.
if ( connect( ConnectSocket, (SOCKADDR*) &clientService, sizeof(clientService) ) == SOCKET_ERROR) {
printf( "Failed to connect.\n" );
WSACleanup();
return;
}

printf("Connected to server.\n");
WSACleanup();
return;
}

I debug the executable file in Ollydgb and monitor the connection with netcat. Connected! The IP and port number can see clearly in Ollydbg. During the process, 1 hardware breakpoint need to put. If i put in a normal software breakpoint, the program wont stop.


No comments:

Post a Comment