现在的位置: 首页 > 综合 > 正文

通过1433获取SQL Server版本(源代码)

2013年10月01日 ⁄ 综合 ⁄ 共 2013字 ⁄ 字号 评论关闭

http://www.sqlsecurity.com/的Chip Andrews发布的SQL ver,原来是用C#写的,偶稍稍作了下修改,顺便学习一下Unix下Socket编程。:-)

编译环境:FreeBSD 5.2 (i386)

(win32的程序可以在这里下载

http://www.xfocus.net/tools/200408/795.html

#include
#include
 
 
 
int main(int argc,char *argv[])
{
    struct sockaddr_in srt_addr;
    int    ssocket;             //the socket
    int    nret;                //the return value
    int    nport = 1433;
    char   szbuf1[] = {
   0x12,0x01,0x00,0x34,0x00,0x00,0x00,0x00,
   0x00,0x00,0x15,0x00,0x06,0x01,0x00,0x1b,
   0x00,0x01,0x02,0x00,0x1c,0x00,0x0c,0x03,
   0x00,0x28,0x00,0x04,0xff,0x08,0x00,0x01,
   0x55,0x00,0x00,0x00,0x4d,0x53,0x53,0x51,
   0x4c,0x53,0x65,0x72,0x76,0x65,0x72,0x00,
   0x04,0x08,0x00,0x00};
    char   szbuf2[1024] = {0};
    int    nrecvlen = 1024;
 

    if (argc < 2 || argc >3)
    {
        printf("/n/n[+]usage:%s targetip sqlport/n/n",argv[0]);
        printf("code by yztgx@hotmail.com/n");
        exit(1);
    }
  
    printf("/n/n[+]code by yztgx@hotmail.com/n");
    printf("[+]Author: Chip Andrews/n");
    printf("[+]reference:http://www.sqlsecurity.com/n");
    printf("[+]my blog:http://blog.csdn.net/yztgx/n/n/n");

 
    if (argc == 3)
    {
      nport = atoi(argv[2]);
      if (!nport)
         nport = 1433;
    }
    else
        nport = 1433;
    srt_addr.sin_family = AF_INET;
    srt_addr.sin_port = htons(nport);
    srt_addr.sin_addr.s_addr = inet_addr(argv[1]);
 
    ssocket = socket(AF_INET,SOCK_STREAM,0);
    if (ssocket < 0)
    {
        perror("create socket error/n");
        exit(1);
    }
 
    nret = connect(ssocket,(struct sockaddr *)&srt_addr,sizeof(srt_addr));
    if (nret)
    {
        perror("can't connect the port/n");
        exit(1);
    }
 

    nret = send(ssocket,szbuf1,sizeof(szbuf1),0);
    if (nret == -1)
    {
        perror("send date error/n");
        exit(1);
    }
 
    nret = recv(ssocket,szbuf2,nrecvlen,0);
    if (nret == -1)
    {
        perror("recv date error/n");
        exit(1);
    }
 
    printf("[*]sql ver is:%d.%d.%d/n/nfinish!/n",
                       (unsigned char)szbuf2[29],
                       (unsigned char)(szbuf2[30]),
                       (unsigned char)(szbuf2[31])*256+(unsigned char)szbuf2[32]);
 
    close(ssocket);
 
    return 0;
}
 
 

抱歉!评论已关闭.