Giters

zardus / preeny

Some helpful preload libraries for pwning stuff.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Questions about accept in src/desock.c

thinkycx opened this issue · comments

commented

Hello! Thanks for your awesome codes!
Here I have some questions about the accept function in src/desock.c. After writte the accept function ,I think all the accept will return a fake addr and port (0.0.0.0:9000) and addrlen which will have an influence on the normal request ?

int accept(int sockfd, struct sockaddr *addr, socklen_t *addrlen)
{
	if (preeny_desock_did_accept)
		exit(0);
	preeny_desock_did_accept = 1;

	//initialize a sockaddr_in for the peer
	 struct sockaddr_in peer_addr;
	 memset(&peer_addr, '0', sizeof(struct sockaddr_in));

	//Set the contents in the peer's sock_addr. 
	//Make sure the contents will simulate a real client that connects with the intercepted server, as the server may depend on the contents to make further decisions. 
	//The followings set-up should be fine with Nginx.
	 peer_addr.sin_family = AF_INET;
	 peer_addr.sin_addr.s_addr = htonl(INADDR_ANY);
         peer_addr.sin_port = htons(9000); 

	//copy the initialized peer_addr back to the original sockaddr. Note the space for the original sockaddr, namely addr, has already been allocated
	if (addr) memcpy(addr, &peer_addr, sizeof(struct sockaddr_in));

	if (preeny_socket_threads_to_front[sockfd]) return dup(sockfd);
	else return original_accept(sockfd, addr, addrlen);
}

So I think we should change the if (preeny_socket_threads_to_front[sockfd]) like the following? If it is correct, I am glad to pull a request to update it.

int accept(int sockfd, struct sockaddr *addr, socklen_t *addrlen)
{
    if (preeny_socket_threads_to_front[sockfd]) 
    {
        if (preeny_desock_did_accept)
            exit(0);
        preeny_desock_did_accept = 1;

        //initialize a sockaddr_in for the peer
        struct sockaddr_in peer_addr;
        memset(&peer_addr, '0', sizeof(struct sockaddr_in));

        //Set the contents in the peer's sock_addr. 
        //Make sure the contents will simulate a real client that connects with the intercepted server, as the server may depend on the contents to make further decisions. 
        //The followings set-up should be fine with Nginx.
        peer_addr.sin_family = AF_INET;
        peer_addr.sin_addr.s_addr = htonl(INADDR_ANY);
            peer_addr.sin_port = htons(9000); 

        //copy the initialized peer_addr back to the original sockaddr. Note the space for the original sockaddr, namely addr, has already been allocated
        if (addr) memcpy(addr, &peer_addr, sizeof(struct sockaddr_in));

        return dup(sockfd);
    }
    else return original_accept(sockfd, addr, addrlen);
}