程序设计C编程

LINUX SYSCALL NUMBER

/usr/include/i386-linux-gnu/asm/unistd.h

# ifdef __i386__
#  include 
# else
#  include 
# endif

/usr/include/i386-linux-gnu/asm/unistd_32.h

#ifndef _ASM_X86_UNISTD_32_H
#define _ASM_X86_UNISTD_32_H
/*
 * This file contains the system call numbers.
 */
#define __NR_restart_syscall      0
#define __NR_exit		  1
#define __NR_fork		  2
#define __NR_read		  3
#define __NR_write		  4
#define __NR_open		  5
#define __NR_close		  6
#define __NR_waitpid		  7
#define __NR_creat		  8
#define __NR_link		  9
#define __NR_unlink		 10
#define __NR_execve		 11
#define __NR_chdir		 12
#define __NR_time		 13
#define __NR_mknod		 14
#define __NR_chmod		 15
#define __NR_lchown		 16
#define __NR_break		 17
#define __NR_oldstat		 18
#define __NR_lseek		 19
#define __NR_getpid		 20
#define __NR_mount		 21
#define __NR_umount		 22
#define __NR_setuid		 23
#define __NR_getuid		 24
#define __NR_stime		 25
#define __NR_ptrace		 26
#define __NR_alarm		 27
#define __NR_oldfstat		 28
#define __NR_pause		 29
#define __NR_utime		 30
#define __NR_stty		 31
#define __NR_gtty		 32
#define __NR_access		 33
#define __NR_nice		 34
#define __NR_ftime		 35
#define __NR_sync		 36
#define __NR_kill		 37
#define __NR_rename		 38
#define __NR_mkdir		 39
#define __NR_rmdir		 40
#define __NR_dup		 41
#define __NR_pipe		 42
#define __NR_times		 43
#define __NR_prof		 44
#define __NR_brk		 45
#define __NR_setgid		 46
#define __NR_getgid		 47
#define __NR_signal		 48
#define __NR_geteuid		 49
#define __NR_getegid		 50
#define __NR_acct		 51
#define __NR_umount2		 52
#define __NR_lock		 53
#define __NR_ioctl		 54
#define __NR_fcntl		 55
#define __NR_mpx		 56
#define __NR_setpgid		 57
#define __NR_ulimit		 58
#define __NR_oldolduname	 59
#define __NR_umask		 60
#define __NR_chroot		 61
#define __NR_ustat		 62
#define __NR_dup2		 63
#define __NR_getppid		 64
#define __NR_getpgrp		 65
#define __NR_setsid		 66
#define __NR_sigaction		 67
#define __NR_sgetmask		 68
#define __NR_ssetmask		 69
#define __NR_setreuid		 70
#define __NR_setregid		 71
#define __NR_sigsuspend		 72
#define __NR_sigpending		 73
#define __NR_sethostname	 74
#define __NR_setrlimit		 75
#define __NR_getrlimit		 76   /* Back compatible 2Gig limited rlimit */
#define __NR_getrusage		 77
#define __NR_gettimeofday	 78
#define __NR_settimeofday	 79
#define __NR_getgroups		 80
#define __NR_setgroups		 81
#define __NR_select		 82
#define __NR_symlink		 83
#define __NR_oldlstat		 84
#define __NR_readlink		 85
#define __NR_uselib		 86
#define __NR_swapon		 87
#define __NR_reboot		 88
#define __NR_readdir		 89
#define __NR_mmap		 90
#define __NR_munmap		 91
#define __NR_truncate		 92
#define __NR_ftruncate		 93
#define __NR_fchmod		 94
#define __NR_fchown		 95
#define __NR_getpriority	 96
#define __NR_setpriority	 97
#define __NR_profil		 98
#define __NR_statfs		 99
#define __NR_fstatfs		100
#define __NR_ioperm		101
#define __NR_socketcall		102
#define __NR_syslog		103
#define __NR_setitimer		104
#define __NR_getitimer		105
#define __NR_stat		106
#define __NR_lstat		107
#define __NR_fstat		108
#define __NR_olduname		109
#define __NR_iopl		110
#define __NR_vhangup		111
#define __NR_idle		112
#define __NR_vm86old		113
#define __NR_wait4		114
#define __NR_swapoff		115
#define __NR_sysinfo		116
#define __NR_ipc		117
#define __NR_fsync		118
#define __NR_sigreturn		119
#define __NR_clone		120
#define __NR_setdomainname	121
#define __NR_uname		122
#define __NR_modify_ldt		123
#define __NR_adjtimex		124
#define __NR_mprotect		125
#define __NR_sigprocmask	126
#define __NR_create_module	127
#define __NR_init_module	128
#define __NR_delete_module	129
#define __NR_get_kernel_syms	130
#define __NR_quotactl		131
#define __NR_getpgid		132
#define __NR_fchdir		133
#define __NR_bdflush		134
#define __NR_sysfs		135
#define __NR_personality	136
#define __NR_afs_syscall	137 /* Syscall for Andrew File System */
#define __NR_setfsuid		138
#define __NR_setfsgid		139
#define __NR__llseek		140
#define __NR_getdents		141
#define __NR__newselect		142
#define __NR_flock		143
#define __NR_msync		144
#define __NR_readv		145
#define __NR_writev		146
#define __NR_getsid		147
#define __NR_fdatasync		148
#define __NR__sysctl		149
#define __NR_mlock		150
#define __NR_munlock		151
#define __NR_mlockall		152
#define __NR_munlockall		153
#define __NR_sched_setparam		154
#define __NR_sched_getparam		155
#define __NR_sched_setscheduler		156
#define __NR_sched_getscheduler		157
#define __NR_sched_yield		158
#define __NR_sched_get_priority_max	159
#define __NR_sched_get_priority_min	160
#define __NR_sched_rr_get_interval	161
#define __NR_nanosleep		162
#define __NR_mremap		163
#define __NR_setresuid		164
#define __NR_getresuid		165
#define __NR_vm86		166
#define __NR_query_module	167
#define __NR_poll		168
#define __NR_nfsservctl		169
#define __NR_setresgid		170
#define __NR_getresgid		171
#define __NR_prctl              172
#define __NR_rt_sigreturn	173
#define __NR_rt_sigaction	174
#define __NR_rt_sigprocmask	175
#define __NR_rt_sigpending	176
#define __NR_rt_sigtimedwait	177
#define __NR_rt_sigqueueinfo	178
#define __NR_rt_sigsuspend	179
#define __NR_pread64		180
#define __NR_pwrite64		181
#define __NR_chown		182
#define __NR_getcwd		183
#define __NR_capget		184
#define __NR_capset		185
#define __NR_sigaltstack	186
#define __NR_sendfile		187
#define __NR_getpmsg		188	/* some people actually want streams */
#define __NR_putpmsg		189	/* some people actually want streams */
#define __NR_vfork		190
#define __NR_ugetrlimit		191	/* SuS compliant getrlimit */
#define __NR_mmap2		192
#define __NR_truncate64		193
#define __NR_ftruncate64	194
#define __NR_stat64		195
#define __NR_lstat64		196
#define __NR_fstat64		197
#define __NR_lchown32		198
#define __NR_getuid32		199
#define __NR_getgid32		200
#define __NR_geteuid32		201
#define __NR_getegid32		202
#define __NR_setreuid32		203
#define __NR_setregid32		204
#define __NR_getgroups32	205
#define __NR_setgroups32	206
#define __NR_fchown32		207
#define __NR_setresuid32	208
#define __NR_getresuid32	209
#define __NR_setresgid32	210
#define __NR_getresgid32	211
#define __NR_chown32		212
#define __NR_setuid32		213
#define __NR_setgid32		214
#define __NR_setfsuid32		215
#define __NR_setfsgid32		216
#define __NR_pivot_root		217
#define __NR_mincore		218
#define __NR_madvise		219
#define __NR_madvise1		219	/* delete when C lib stub is removed */
#define __NR_getdents64		220
#define __NR_fcntl64		221
/* 223 is unused */
#define __NR_gettid		224
#define __NR_readahead		225
#define __NR_setxattr		226
#define __NR_lsetxattr		227
#define __NR_fsetxattr		228
#define __NR_getxattr		229
#define __NR_lgetxattr		230
#define __NR_fgetxattr		231
#define __NR_listxattr		232
#define __NR_llistxattr		233
#define __NR_flistxattr		234
#define __NR_removexattr	235
#define __NR_lremovexattr	236
#define __NR_fremovexattr	237
#define __NR_tkill		238
#define __NR_sendfile64		239
#define __NR_futex		240
#define __NR_sched_setaffinity	241
#define __NR_sched_getaffinity	242
#define __NR_set_thread_area	243
#define __NR_get_thread_area	244
#define __NR_io_setup		245
#define __NR_io_destroy		246
#define __NR_io_getevents	247
#define __NR_io_submit		248
#define __NR_io_cancel		249
#define __NR_fadvise64		250
/* 251 is available for reuse (was briefly sys_set_zone_reclaim) */
#define __NR_exit_group		252
#define __NR_lookup_dcookie	253
#define __NR_epoll_create	254
#define __NR_epoll_ctl		255
#define __NR_epoll_wait		256
#define __NR_remap_file_pages	257
#define __NR_set_tid_address	258
#define __NR_timer_create	259
#define __NR_timer_settime	(__NR_timer_create+1)
#define __NR_timer_gettime	(__NR_timer_create+2)
#define __NR_timer_getoverrun	(__NR_timer_create+3)
#define __NR_timer_delete	(__NR_timer_create+4)
#define __NR_clock_settime	(__NR_timer_create+5)
#define __NR_clock_gettime	(__NR_timer_create+6)
#define __NR_clock_getres	(__NR_timer_create+7)
#define __NR_clock_nanosleep	(__NR_timer_create+8)
#define __NR_statfs64		268
#define __NR_fstatfs64		269
#define __NR_tgkill		270
#define __NR_utimes		271
#define __NR_fadvise64_64	272
#define __NR_vserver		273
#define __NR_mbind		274
#define __NR_get_mempolicy	275
#define __NR_set_mempolicy	276
#define __NR_mq_open 		277
#define __NR_mq_unlink		(__NR_mq_open+1)
#define __NR_mq_timedsend	(__NR_mq_open+2)
#define __NR_mq_timedreceive	(__NR_mq_open+3)
#define __NR_mq_notify		(__NR_mq_open+4)
#define __NR_mq_getsetattr	(__NR_mq_open+5)
#define __NR_kexec_load		283
#define __NR_waitid		284
/* #define __NR_sys_setaltroot	285 */
#define __NR_add_key		286
#define __NR_request_key	287
#define __NR_keyctl		288
#define __NR_ioprio_set		289
#define __NR_ioprio_get		290
#define __NR_inotify_init	291
#define __NR_inotify_add_watch	292
#define __NR_inotify_rm_watch	293
#define __NR_migrate_pages	294
#define __NR_openat		295
#define __NR_mkdirat		296
#define __NR_mknodat		297
#define __NR_fchownat		298
#define __NR_futimesat		299
#define __NR_fstatat64		300
#define __NR_unlinkat		301
#define __NR_renameat		302
#define __NR_linkat		303
#define __NR_symlinkat		304
#define __NR_readlinkat		305
#define __NR_fchmodat		306
#define __NR_faccessat		307
#define __NR_pselect6		308
#define __NR_ppoll		309
#define __NR_unshare		310
#define __NR_set_robust_list	311
#define __NR_get_robust_list	312
#define __NR_splice		313
#define __NR_sync_file_range	314
#define __NR_tee		315
#define __NR_vmsplice		316
#define __NR_move_pages		317
#define __NR_getcpu		318
#define __NR_epoll_pwait	319
#define __NR_utimensat		320
#define __NR_signalfd		321
#define __NR_timerfd_create	322
#define __NR_eventfd		323
#define __NR_fallocate		324
#define __NR_timerfd_settime	325
#define __NR_timerfd_gettime	326
#define __NR_signalfd4		327
#define __NR_eventfd2		328
#define __NR_epoll_create1	329
#define __NR_dup3		330
#define __NR_pipe2		331
#define __NR_inotify_init1	332
#define __NR_preadv		333
#define __NR_pwritev		334
#define __NR_rt_tgsigqueueinfo	335
#define __NR_perf_event_open	336
#define __NR_recvmmsg		337
#define __NR_fanotify_init	338
#define __NR_fanotify_mark	339
#define __NR_prlimit64		340
#define __NR_name_to_handle_at	341
#define __NR_open_by_handle_at  342
#define __NR_clock_adjtime	343
#define __NR_syncfs             344
#define __NR_sendmmsg		345
#define __NR_setns		346
#define __NR_process_vm_readv	347
#define __NR_process_vm_writev	348
#endif /* _ASM_X86_UNISTD_32_H */
C编程

结构体数组指针

结构体数组指针有点绕,使用和数组指针一样的

#include 
#include 
typedef struct {
    long int    num;
    char        name[20];
    char        sex;
    float       score;
} student;
student stu_1[10], *p;
int main(void) {
    p = &stu_1;
    stu_1[1].num = 89101;
    strcpy(stu_1[1].name, "LiLin");
    p->sex='M';
    p->score=89.5;
    printf("%ld, %s,%c,%fn", (p+1)->num, (p+1)->name,stu_1[0].sex,p->score);
    return 0;
}
C编程

子进程的返回值问题status

最近有一个程序,转移到另一台服务器上了,在接受返回值的时候一直出问题。

waitpid(pid, &status, WNOHANG);

WEXITSTATUS(status)老实返回16,郁闷。
最后发现是信号的问题。在fork子进程前,添加对子进程的信号接受就可以了。

signal(SIGCHLD,SIG_DFL);
LinuxC编程

kill进程组所有进程 

#include 
#include 
#include 
int main(void)
{
    pid_t   pid;
    printf("father-pgrpid=[%d]n", getpgrp());
    pid = fork();
    if (pid < 0) {
        printf("fork errn");
    } else if (pid == 0) {
        setpgrp();
        printf("child-pid[%d]n", getpid());
        printf("child-pgrpid=[%d]n", getpgrp());
        if(pid=fork() <0) {
            printf("fork errn");
        }else if (pid == 0) {
            while(1)
                sleep(10);
            exit(0);
        }
        sleep(100);
        exit(1);
    }else{
        sleep(1);
        printf("fathern");
        if(kill(-pid, SIGTERM) != 0) {
            perror("kill");
        }else{
            printf("killed okn");
        }
    }
}
网络安全

OpenSSH key pem和SSH2 key格式互转 (openssh 高版本)

openssl genkey 和 ssk-keygen 密钥的格式是不一样的
“RFC4716” (RFC 4716/SSH2 public or private key)
“PKCS8” (PEM PKCS8 public key)
ubuntu:
ssh-keygen -e -f ~/.ssh/id_rsa.pub > ~/.ssh/id_rsa_pub.pem
ssh-keygen -f ~/.ssh/id_rsa_pub.pem -i -m RFC4716 > ~/.ssh/id_rsa.pub
windows:
1)Use the puttyGen
2) Run puttygen and click generate
3) Run your mouse round the blank part for a while.
4) Enter a keyphrase (and repeat)
5) Click save public key and save it publickey
6) Click save private key and save it privatekey (extension gets added automatically, this is no good for spoon, but good for putty)
7) Click Conversions->Export OpenSSH key and save as sshkey.pem
8) In the main window is you key for pasting into OpenSSH authorized_keys file. Copy this in its entirety and past it into your ubuntu machine in /home//.ssh/authorized_keys file.
9) Ok, you can close putty key generator.
10) Utilize the .pem in the tool.
http://www.yinqisen.cn/blog-177.html

网络安全LinuxC编程

openssl API md5效验 

#include 
#include 
#include 
#include 
#include 
int main(int argc, char **argv)
{
    MD5_CTX ctx;
    unsigned char md[32 + 1];
    char    md5[32 + 1];
    char    tmp[2];
    char    buff[256];
    char    *filename;
    FILE    *fp;
    int     i;
    if (argc < 2) {
        printf("Usage:%s n", argv[0]);
        exit(1);
    }
    filename = argv[1];
    memset(md5, 0x00, sizeof(md5));
    memset(md, 0x00, sizeof(md));
    if(MD5_Init(&ctx) == 0) {
        perror("MD5_Init");
        exit(1);
    }
    if((fp=fopen(filename,"rb")) == NULL) {
        perror("fopen");
        exit(1);
    }
    while (! feof(fp) ) {
        memset(buff, 0x00, sizeof(buff));
        fgets(buff, 256, fp);
        if(MD5_Update(&ctx, buff, strlen(buff)) == 0) {
            perror("MD5_Update");
            exit(1);
        }
    }
    fclose(fp);
    if(MD5_Final(md, &ctx) == 0) {
        perror("MD5_Final:");
        exit(1);
    }
        for(i=0; i< 16; i++) {
        memset(tmp, 0x00, sizeof(tmp));
            sprintf(tmp, "%02X", md[i]);
            strcat(md5, tmp);
    }
    printf("md5(%s):%sn", filename, md5);
    return 0;
}

root@bt:~/c# cc -o testmd5 testmd5.c -lssl
root@bt:~/c# ./testmd5 1.c
md5(1.c):1558734758F8CB08D6DB8D5B57E71BF7
root@bt:~/c# ./testmd5 2.c
md5(2.c):0C8E614EC0AB5B5CEF90D012F5C11797
root@bt:~/c# openssl md5 1.c
MD5(1.c)= 1558734758f8cb08d6db8d5b57e71bf7
root@bt:~/c# openssl md5 2.c
MD5(2.c)= 0c
程序设计C编程

高级I/O select 复用 

#include 
#include 
#include 
#include 
#include 
#include 
#include 
#define	MAX_BACK 5
#define BUFF_SIZE 1024
#define TIMEOUT 30
int sockfds[MAX_BACK];
int main(int argc, char **argv)
{
    struct sockaddr_in sevaddr, cliaddr;
    socklen_t socklen = sizeof(struct sockaddr_in);
    int sockfd, newfd, maxfd,  port, iBytes;
    char	buff[BUFF_SIZE];
    int n = 1;
    if(argc != 2){
        printf("Usage: %s  n", argv[0]);
        exit(1);
    }
    port = atoi(argv[1]);
    if((sockfd=socket(AF_INET, SOCK_STREAM, 0)) == -1) {
        perror("socket:");
        exit(1);
    }
    sevaddr.sin_family = AF_INET;
    sevaddr.sin_addr.s_addr = htonl(INADDR_ANY);
    sevaddr.sin_port = htons(port);
    setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &n, sizeof(int));
    if(bind(sockfd, (struct sockaddr *)&sevaddr, socklen) == -1) {
        perror("bind:");
        exit(1);
    }
    listen(sockfd, MAX_BACK);
    printf("Listen port:%dn", port);
    int	ret;
    fd_set readfds;
    struct timeval	val;
    maxfd = sockfd;
    int i;
    int comm_amount = 0 ;
    while(1) {
        FD_ZERO(&readfds);
        FD_SET(sockfd, &readfds);
        memset(&cliaddr, 0x00, socklen);
        val.tv_sec = 2;
        val.tv_usec = 0;
        for (i=0; i < MAX_BACK; i++) {
            if(sockfds[i] != 0) {
                FD_SET(sockfds[i], &readfds);
            }
        }
        ret = select(sockfd + 1, &readfds, 0, 0, &val);
        if(ret < 0) {
            perror("select:");
            break;
        }else if (ret == 0 ) {
            printf("timeoutn");
            continue;
        }
        for (i=0; i maxfd) maxfd = newfd;
            }else {
                printf("max connection arrive, exitn");
                send(newfd,"bye", 4, 0);
                close(newfd);
                continue;
            }
        }
    }
}
程序设计C编程

gethostbyname alarm超时处理

在使用gethostbyname DNS查询的时候,处理很慢的情况。使用alarm设置超时时间,并用setjmp进行处理。

#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#define EXIT_SUCC	exit(0);
#define	EXIT_FAIL	exit(-1);
#define TIME_OUT	3
jmp_buf	ebuf;
void handler()
{
    longjmp(ebuf,1);
}
int main(int argc, char **argv)
{
    char		*hostname;
    char		buff[]="request msg";
    struct 		sockaddr_in sevaddr;
    int		sockfd, port, iBytes;
    struct		hostent *host;
    if(argc != 3) {
        printf("Usage: %s  n", argv[0]);
        EXIT_SUCC;
    }
    if(setjmp(ebuf)) {
        printf("gethostbyname timeoutn");
        exit(1);
    }
    hostname = argv[1];
    port	 = atoi(argv[2]);
    signal(SIGALRM, handler);
    alarm(TIME_OUT);
    if((host = gethostbyname(hostname)) == NULL) {
        perror("gethostbyname");
        EXIT_FAIL;
    }
    alarm(0);
    if((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
        perror("socket:");
        EXIT_FAIL;
    }
    memset(&sevaddr, 0x00, sizeof(struct sockaddr_in));
    sevaddr.sin_family = AF_INET;
    sevaddr.sin_addr = *((struct in_addr *)host->h_addr);
    sevaddr.sin_port = htons(port);
    printf("connect to remote server ....n");
    if(connect(sockfd, (struct sockaddr *)&sevaddr, sizeof(struct sockaddr_in)) == -1) {
        perror("connect");
        EXIT_FAIL;
    }
    iBytes = send(sockfd, buff, strlen(buff), 0);
    if(iBytes < 0) {
        perror("send");
        EXIT_FAIL;
    }
    printf("Send Data :len[%d]buff[%s]n", iBytes, buff);
    close(sockfd);
    EXIT_SUCC;
}
网络安全

渗透技巧:利用pcntl_exec突破disable_functions

1、说明
pcntl是linux下的一个扩展,可以支持php的多线程操作。
pcntl_exec函数的作用是在当前进程空间执行指定程序,版本要求:PHP 4 >= 4.2.0, PHP 5
2、利用
在做渗透的时候被disable_functions卡住不能执行命令是家常便饭,今天在一国外虚拟主机上又被卡了,但我在执行phpinfo();的时候眼前闪过–enable-pcntl。当时我就偷笑了,没啥好说的,我一直强调渗透要细心做人做事也一样。
#exec.php

#/tmp/b4dboy.sh
#!/bin/bash
ls -l /
原文:http://www.secoff.net/archives/116.html

程序设计C编程

mmap offset偏移量的简单使用

mmap原型为:

SYNOPSIS
#include <sys/mman.h>
void *mmap(void *addr, size_t length, int prot, int flags,int fd, off_t offset);
int munmap(void *addr, size_t length);

offset 必须为PAGE_SIZE的整数倍
LINUX下面获取PAGE_SIZE的命令

root@bt:~/c# getconf PAGE_SIZE
4096

root@bt:~/c# cat mmap.c
#include 
#include 
#include 
#include 
#include 
#include 
#include 
int main(int argc, char **argv)
{
    char buff[1024];
    char *mmaped;
    int fd;
    int offset, realOffset, length, realLen;
    if(argc != 4) {
        printf("Usage:%s   n", argv[0]);
        exit(1);
    }
    if((fd=open(argv[1], O_RDWR)) < 0) {
        perror("open");
        exit(1);
    }
    offset = atoi(argv[2]);
    length = atoi(argv[3]);
    printf("System Page_Size:[%ld]n", sysconf(_SC_PAGE_SIZE));
    realOffset = offset & ~(sysconf(_SC_PAGE_SIZE) - 1);  //必须为PAGE_SIZE倍数
    printf("realOffset:[%d]n", realOffset);
    realLen = length + offset - realOffset;
    printf("realLen:[%d]n", realLen);
    if((mmaped = mmap(NULL, realLen, PROT_READ|PROT_WRITE, MAP_SHARED, fd, realOffset)) == (void *)-1) {
        perror("mmap");
        exit(1);
    }
    close(fd);
    memset(buff,0x00,sizeof(buff));
    memcpy(buff, mmaped, realLen);
    printf("buff:[%s]n", buff);
    munmap(mmaped, realLen);
    return 0;
}
root@bt:~/c# gcc mmap.c
root@bt:~/c# ./a.out data.txt 4096  7
System Page_Size:[4096]
realOffset:[4096]
realLen:[7]
buff:[567890
]
root@bt:~/c# ./a.out data.txt 1  7
System Page_Size:[4096]
realOffset:[0]
realLen:[8]
buff:[12345678]
root@bt:~/c#