Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: Any handy programmers around?

  1. #1
    Junior Member
    Join Date
    Aug 2001
    Posts
    8

    Any handy programmers around?

    just wondering if anyone knows how to alter the makefile or other fileswith
    netcat to get the -e option up and running.
    Hobbit disables it to stop everybody using it.

    I have attached some error messages I received and a few bits of the netcat files
    that i think need changing or maybe not?I only know the basics of programming to be honest.I suppose this is a good enough way to learn.

    thanx

  2. #2
    Junior Member
    Join Date
    Aug 2001
    Posts
    8

    sorry here is the info

    just typed it in instead


    Error i got when compiling

    make: *** No rule to make target `GAPING_SECURITY_HOLE'. Stop.

    ************************************************
    Here is the mention of it in netcat.c.I tried removing #ifdef & #endif
    and putting in #define in place of #ifdef instead but still didnt work.
    Dont know if u should do this?Im really only beginning to learn programming!!


    #ifdef GAPING_SECURITY_HOLE
    char * pr00gie = NULL; /* global ptr to -e arg */

    /* doexec :
    fiddle all the file descriptors around, and hand off to another prog. Sort
    of like a one-off "poor man's inetd". This is the only section of code
    that would be security-critical, which is why it's ifdefed out by default.
    Use at your own hairy risk; if you leave shells lying around behind open
    listening ports you deserve to lose!! */
    doexec (fd)
    int fd;
    {
    register char * p;

    dup2 (fd, 0); /* the precise order of fiddlage */
    close (fd); /* is apparently crucial; this is */
    dup2 (0, 1); /* swiped directly out of "inetd". */
    dup2 (0, 2);
    p = strrchr (pr00gie, '/'); /* shorter argv[0] */
    if (p)
    p++;
    else
    p = pr00gie;
    Debug (("gonna exec %s as %s...", pr00gie, p))
    execl (pr00gie, p, NULL);
    bail ("exec %s failed", pr00gie); /* this gets sent out. Hmm... */
    } /* doexec */
    #endif/* GAPING_SECURITY_HOLE */

    **************************************************************************
    I dont really know what i was doing but just copied other lines around and I added
    these lines below to the makefile because hobbit wrote this in his explanation on
    getting the -e working and i think this -D code only goes in a makefile?idont
    really know?I use make generic cos make linux wouldnt work.heres what he said
    and what i added to make file.Could be all wrong:-

    If netcat is compiled with -DGAPING_SECURITY_HOLE, the -e argument specifies
    a program to exec after making or receiving a successful connection. In the
    listening mode, this works similarly to "inetd" but only for a single instance.
    Use with GREAT CARE. This piece of the code is normally not enabled; if you
    know what you're doing, have fun. This hack also works in UDP mode. Note that
    you can only supply -e with the name of the program, but no arguments. If you
    want to launch something with an argument list, write a two-line wrapper script
    or just use inetd like always.generic:


    DFLAGS = -DGAPING_SECURITY_HOLE #added this at top of makefile?


    make -e $(ALL) $(MFLAGS) XFLAGS='-DGENERIC'
    <--i added this bit below-------------->
    DFLAGS='- DGAPING_SECURITY_HOLE' STATIC=

  3. #3
    Senior Member
    Join Date
    Oct 2001
    Posts
    175

    Hmmm..

    Hello dkennedy,

    Could you please post where you found the source or email it to me..so I can look at the whole thing..

    I'll give it a try..but I don't know how useful I will be, because I don't run a Unix based OS.

    Email me the entire source or post where you found... and I will take a crack at it

    Hope I can help

    -- See this is a perfect example..of why AO should have a security programmers forum --
    Simon Templer

    \"Your work is to discover your world and then with all your heart give yourself to it. \"
    -The Buddha

  4. #4
    Senior Member
    Join Date
    Oct 2001
    Posts
    175

    I think I got it figured

    DKenney...

    Thanks for emailing the source files...

    OK.. here is what I suggest:

    Within the netcat.c add this line :

    /* This should enable the -e option */

    #define GAPING_SECURITY_HOLE

    ABOVE THE LINE:

    "#ifdef GAPING_SECURITY_HOLE"

    Why This Should Work

    The "#ifdef GAPING_SECURITY_HOLE" simply means that if GAPING_SECURITY_HOLE is not defined within the source, then the compiler should ignore the entrie block.

    So if we add this statement:

    #define GAPING_SECURITY_HOLE

    "GAPING_SECURITY_HOLE" has been defined and the compiler will compile the code contained within that block.

    Try and compile the program normally...It should work now
    The Make File should not need modification!

    Unfortunetly.. I couldn't try compiling...because I don't run a UNIX based operating system.

    I hope this helps to fix your problem
    Simon Templer

    \"Your work is to discover your world and then with all your heart give yourself to it. \"
    -The Buddha

  5. #5
    Senior Member
    Join Date
    Oct 2001
    Posts
    175

    LOOK..Let's Get Something CLEAR

    FIRST..let me say this.... I am more than glad to help anyone!

    BUT

    What you have just posted is COMPLETELY UNCALLED FOR!
    Oh, by the way, I forgot to mention that I like little boys. Does anyone feel like helping me out now? I'll suck your ****.
    I AM PERSONALLY ANGERED BY YOUR POST...WHATEVER IT IS THAT YOU DO IN REAL LIFE IS YOUR BUSINESS!

    I HOPE I SPEAK FOR OTHERS WHEN I SAY...DON'T BRING THAT CRAP TO THIS FORUM... THIS IS A SECURITY FORUM NOT A PERSONALS FORUM...

    SHAPE UP OR SHIP OUT !!!!
    Simon Templer

    \"Your work is to discover your world and then with all your heart give yourself to it. \"
    -The Buddha

  6. #6
    Banned
    Join Date
    Sep 2001
    Posts
    2,810

    Thumbs down

    Originally posted by dkennedy
    Oh, by the way, I forgot to mention that I like little boys. Does anyone feel like helping me out now? I'll suck your ****.
    Man what the hell is this, its got nothing to do with anything and it's sick. Im jewish man I dont want to see this kind of crap. God I didnt expect this kinda thing here.

  7. #7
    Junior Member
    Join Date
    Oct 2001
    Posts
    7
    Who in their right mine would say such a thing.I'm disgusted by this sicko's atitude.

  8. #8
    Junior Member
    Join Date
    Aug 2001
    Posts
    8

    oh my god

    i did not post that--i swear to god i didnt write tyhat at all

    please believe me
    i dont know how that happened.
    i really would like to ask the owners of this site to find out what could of happened.
    please believe me

  9. #9

    formerly dkennedy

    i have set up a new account and would like to say again that i have nothing to do with the f***ing pyschotic post above.
    i am now doing a full virus scan and trying to get the post removed.

    I hope i have your trust in this.

    i am probably the most anti-fascist person,anti-paedophile,and anti-homophobic person i know


  10. #10

    Smile regarding original post

    Thanx simon for the help but it still didnt work with that define included:
    #define GAPING_SECURITY_HOLE

    i got this error again

    make: *** No rule to make target `GAPING_SECURITY_HOLE'. Stop.

    anymore suggestions would be welcome.



Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •