rpc.c

rpc.c: Posted Feb 4, 2000; Authored by Console | Site etc-crew.org; rpc.c is a small rpc scanner to scan for vulnerabilities. Currently it checks for cmsd, ttdbserverd, sadmind, statd, and amd. Tested on Redhat, Solaris 7, and OpenBSD.; tags | tool, scanner, vulnerability; systems | linux, redhat, unix, solaris, openbsd; SHA-256 | 81bbde1e877e7e2dd448c7b709ed8f06ef43e9ef4a90418141a026b050d5e9cb; Download | Favorite | View

rpc.c

// rpc scanner by console
// easily add a new service by adding a id and a name to the rpc_targets struct
// should work on most OS's
// tested on redhat, solaris7, and openbsd


#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <signal.h>
#include <rpc/rpc.h>
#include <rpc/pmap_prot.h>
#include <rpc/pmap_clnt.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <netdb.h>
#include <netinet/in.h>
#include <arpa/inet.h>

#define pquit(x)        { perror(x); exit(1); }
#define cbuff(x)  { strcpy(x,"");       }

void usage(char *name) {
  fprintf(stderr,"Usage: %s <ipfile> <output>\n",name);
  exit(1); }



struct rpc_targets {
  int id;
  char *name;
 };

 struct rpc_targets targets[] =
{
  {100083, "cmsd"        },
  {100068, "ttdbserverd" },
  {100232, "sadmind"     },
  {100024, "statd"       },
  {300019, "amd"         },
  {0, 0                  }
};

int checkrpc(char *host,FILE *log) {
  struct sockaddr_in rpcaddr;
  struct pmaplist *head;
  struct hostent *he;
  int i;

if ((he=gethostbyname(host)) == NULL) return -1;


 memset(&rpcaddr, 0, sizeof(struct sockaddr_in));
 rpcaddr.sin_family = AF_INET;
 rpcaddr.sin_port   = htons(PMAPPORT);
 memcpy(&rpcaddr.sin_addr.s_addr, he->h_addr_list[0], he->h_length);


  if ((head = pmap_getmaps(&rpcaddr)) == NULL) return -1;


for ( ;head != NULL; head=head->pml_next) {
    for (i=0; targets[i].id; i++) {
         if (head->pml_map.pm_prog==targets[i].id) {
             fprintf(log,"%s is running %s\n",host,targets[i].name);
             fflush(log);
            }
        }
    }
}


int main(int argc, char **argv) {
 char hbuf[1024];
 FILE *input;
 FILE *output;
 pid_t pid;
 int i;

  if (argc < 2) usage(argv[0]);


  if ((input=fopen(argv[1],"r")) == NULL) pquit("error opening input file");
  if ((output=fopen(argv[2],"a")) == NULL) pquit("error opening output file");

  pid = fork();
  if (pid < 0) pquit("fork");
  if (pid > 0) {
         printf("launched in bg with pid %d\n",pid);
         exit(0); }

  while (fgets(hbuf,sizeof(hbuf)-1,input) != NULL) {
     hbuf[strlen(hbuf)-1]=0;
     checkrpc(hbuf,output);
     cbuff(hbuf);
     }
}

Top Authors In Last 30 Days

Red Hat 250 files
indoushka 175 files
Jay Turla 97 files
Ubuntu 89 files
h00die 38 files
juan vazquez 37 files
Gentoo 32 files
sinn3r 26 files
H D Moore 23 files
Karn Ganeshen 22 files

File Archives

Systems

AIX (430)
Apple (2,115)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,130)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (390)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,374)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,912)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,882)
UNIX (9,461)
UnixWare (188)
Windows (6,780)
Other

rpc.c

rpc.c

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

rpc.c

Share This

rpc.c

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems