我想通过两个管道执行 metasploit 来与之通信,但我在通信方面遇到了麻烦。当我运行我的程序时,我得到这个错误:“stty:标准输入:设备的不合适的 ioctl”并且我没有收到 metasploit 提示。
只需选择一个漏洞利用。
这是我的代码:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <unistd.h>
#include <iostream>
int main(int argc, char** argv)
{
int pipeIn[2];
int pipeOut[2];
pipe(pipeIn);
pipe(pipeOut);
pid_t hijo=fork();
if (hijo==0) {
dup2(pipeIn[0], STDIN_FILENO);
dup2(pipeOut[1], STDOUT_FILENO);
dup2(pipeOut[1], STDERR_FILENO);
close(pipeIn[0]);
close(pipeOut[1]);
close(pipeIn[1]);
close(pipeOut[0]);
char* argv[]={"msfconsole", NULL};
execvp("msfconsole", argv);
}else if (hijo==-1) {
perror("fork");
exit(EXIT_FAILURE);
} else{//padre
close(pipeIn[0]);
close(pipeOut[1]);
char buf[1024];
int count;
bool b=true;
int ccount=0;
for (;b;){
while (b && (count=read(pipeOut[0], buf, sizeof(char) * 1024))>0){
buf[count]='\0';
printf ("%s", buf);
if (strstr(buf, "msf >")!= 0){
write(pipeIn[1], "use exploit/windows/fileformat/adobe_pdf_embedded_exe_nojs \n\0 ", sizeof(char)*1024);
if (ccount++>=1){ printf ("encontrado"); b=false; }
} }
}
close(pipeIn[1]);
close(pipeOut[0]);
}}
它显示了这一点:
_ _
/ \ /\ __ _ __ /_/ __
| |\ / | _____ \ \ ___ _____ | | / \ _ \ \
| | \/| | | ___\ |- -| /\ / __\ | -__/ | || | || | |- -|
|_| | | | _|__ | |_ / -\ __\ \ | | | | \__/| | | |_
|/ |____/ \___\/ /\ \\___/ \/ \__| |_\ \___\
=[ metasploit v4.7.2-1 [core:4.7 api:1.0]
+ -- --=[ 1211 exploits - 733 auxiliary - 202 post
+ -- --=[ 317 payloads - 30 encoders - 8 nops
stty: standard input: Inappropriate ioctl for device
stty: standard input: Inappropriate ioctl for device
stty: standard input: Inappropriate ioctl for device
stty: standard input: Inappropriate ioctl for device
stty: standard input: Inappropriate ioctl for device
stty: standard input: Inappropriate ioctl for device
stty: standard input: Inappropriate ioctl for device
^C