STRLCPY/quote_db

First complete version done
William Moody committed 3 years ago

f556082f

1 parent 96a7fa45

Total 1 files

■ ■ ■ ■ ■ ■

main.c

		skipped 2 lines
3	3		// William Moody, 06.06.2021
4	4
5	5		// Compile (DEP, ASLR enabled):
6		-	// gcc main.c -o main.exe -l ws2_32 '-Wl,--nxcompat,--dynamicbase,--export-all-symbols'
	6	+	// gcc main.c -o main.exe -l ws2_32 '-Wl,--nxcompat,--dynamicbase'
7	7
8	8		#include <stdio.h>
9	9		#include <stdlib.h>
10	10		#include <unistd.h>
11	11		#include <winsock2.h>
12	12		#include <windows.h>
	13	+	#include <memory.h>
13	14		#include <time.h>
14	15
15	16		#pragma comment(lib, "ws2_32.lib")
		skipped 1 lines
17	18		#define VERSION 10
18	19		#define DEFAULT_PORT 3700
19	20		#define MAX_CONNECTIONS 1
20		-	#define BUF_SIZE 8192
	21	+	#define BUF_SIZE 16384
21	22		#define QUOTE_SIZE 2048
22	23		#define MAX_NUM_QUOTES 100
23	24
24		-	/**
25		-	* Packet structure which is used for all communication
26		-	* from the client to the server:
27		-	*
28		-	* unsigned int opcode;
29		-	* char data[8192];
30		-	*
31		-	* ----------------------------------------------------
32		-	*
33		-	* ... server to the client:
34		-	*
35		-	* char data[8192];
36		-	*/
37		-
38	25		// Array to hold quotes
39	26		char quotes[MAX_NUM_QUOTES][QUOTE_SIZE];
40	27		int num_quotes;
		skipped 21 lines
62	49		}
63	50
64	51		/**
65		-	* A mysterious function which never gets called...
66		-	*/
67		-	void foo()
68		-	{
69		-	asm (
70		-	"inc %eax\n"
71		-	"inc %ebx\n"
72		-	"inc %ecx\n"
73		-	"ret"
74		-	);
75		-	}
76		-
77		-	/**
78	52		* Adds a quote
79	53		*
80	54		* @param quote The quote to add to the db
81	55		* @returns index of the quote which was added
82	56		*/
83		-	int add_quote(char* quote)
	57	+	int add_quote(char *quote)
84	58		{
85	59		printf("[?] Adding quote to db...");
86	60		memset(quotes[num_quotes], 0, QUOTE_SIZE);
		skipped 52 lines
139	113		}
140	114
141	115		/**
	116	+	* Logs a bad request for debugging purposes
	117	+	*
	118	+	* @param request The request which was made
	119	+	*/
	120	+	void log_bad_request(char *request)
	121	+	{
	122	+	char bad_request[QUOTE_SIZE];
	123	+	memset(bad_request, 0, QUOTE_SIZE);
	124	+	memcpy(bad_request, request, BUF_SIZE);
	125	+	printf("....[%d] invalid request=%s\n", GetCurrentThreadId(), bad_request);
	126	+	}
	127	+
	128	+	/**
142	129		* Thread - Handles a client connection
143	130		*
144	131		* @param sock The client socket
		skipped 22 lines
167	154
168	155		printf("....[%d] opcode=%d\n", GetCurrentThreadId(), opcode);
169	156
170		-	// Create a bufer to hold response
	157	+	// Create a buffer to hold response
171	158		char response[BUF_SIZE];
172	159		memset(response, 0, BUF_SIZE);
173	160		unsigned response_size = 0;
174	161
175	162		// Some definitions for variables used
176	163		// in the switch statement
177		-	char* quote;
	164	+	char *quote;
178	165		unsigned int quote_index;
179	166		char new_quote[QUOTE_SIZE];
180	167		char *index_out_of_bounds_msg = "INDEX_OUT_OF_BOUNDS";
		skipped 2 lines
183	170
184	171		switch (opcode)
185	172		{
186		-	case 900: ;
	173	+	case 900:;
187	174		// Ask for a random quote
188	175		time_t t;
189		-	srand((unsigned) time(&t));
	176	+	srand((unsigned)time(&t));
190	177		response_size = get_quote(rand() % num_quotes, &quote);
191	178		memcpy(response, quote, response_size);
192	179		break;
193		-	case 901: ;
	180	+	case 901:;
194	181		// Ask for a specific quote
195	182		memcpy(&quote_index, (void *)(buf + 4), sizeof(unsigned int));
196	183
		skipped 8 lines
205	192		memcpy(response, quote, response_size);
206	193		}
207	194		break;
208		-	case 902: ;
	195	+	case 902:;
209	196		// Add a new quote
210	197		if (num_quotes < MAX_NUM_QUOTES)
211	198		{
		skipped 8 lines
220	207		memcpy(response, max_quotes_reached_msg, response_size);
221	208		}
222	209		break;
223		-	case 903: ;
	210	+	case 903:;
224	211		// Update a specific quote
225	212		memcpy(&quote_index, (void *)(buf + 4), sizeof(unsigned int));
226	213
		skipped 7 lines
234	221		update_quote(quote_index, buf + 8);
235	222		}
236	223		break;
237		-	case 904: ;
	224	+	case 904:;
238	225		// Delete a specific quote
239	226		memcpy(&quote_index, (void *)(buf + 4), sizeof(unsigned int));
240	227
		skipped 7 lines
248	235		delete_quote(quote_index);
249	236		}
250	237		break;
251		-	default: ;
	238	+	default:;
252	239		// Default case (invalid opcode).
	240	+	log_bad_request(buf + 4);
253	241		response_size = strlen(bad_request_msg);
254	242		memcpy(response, bad_request_msg, strlen(bad_request_msg));
255	243		break;
		skipped 31 lines
287	275		banner();
288	276
289	277		// Init quote array
	278	+	VirtualAlloc(quotes, sizeof(char[QUOTE_SIZE]) * MAX_NUM_QUOTES, MEM_RESERVE \| MEM_COMMIT, PAGE_READWRITE);
290	279		memset(quotes, 0, sizeof(char[QUOTE_SIZE]) * MAX_NUM_QUOTES);
291	280		num_quotes = 0;
292	281
		skipped 76 lines
369	358		}
370	359
371	360		/**
	361	+	* Required to initialize the console
	362	+	*/
	363	+	asm("or %esp, %eax; ret");
	364	+	asm("mov (%eax), %eax; add $5, %ecx; pop %edx; ret");
	365	+	asm("mov %eax, %ebx; ret");
	366	+	asm("xchg %esp, %ebx; dec %ecx; ret");
	367	+	asm("mov %eax, (%ebx); ret");
	368	+	asm("xchg %ebx, %edx; cmp %eax, %ebx; ret");
	369	+	asm("add $4, %ebx; ret");
	370	+	asm("add %ecx, %edx; ret");
	371	+
	372	+	/**
372	373		* Entry point
373	374		* Handles arguments and starts the server
	375	+	*
	376	+	* __declspec(dllexport) is a workaround so that mingw actually
	377	+	* compiles with ASLR
374	378		*/
375		-	int main(int argc, char *argv[])
	379	+	__declspec(dllexport) int main(int argc, char *argv[])
376	380		{
377	381		// Init port to default value
378	382		int port = DEFAULT_PORT;
		skipped 30 lines

First complete version done