MongoDB空口令檢測

// Mongdb.cpp : Defines the entry point for the console application.
//


#include "stdafx.h"
#include <Winsock2.h>
void usage()
{
  printf("Usage:\tmongdb.exe 127.0.0.1\n");
}
int main(int argc, char* argv[])
{
if(argv[1]==0)
{
       usage();
  return ;
}
char *ip=argv[1];
WORD wVersionRequested;
WSADATA wsaData;
int err;
char payload[]="\
\x3F\x00\x00\x00\x7B\x00\x00\x00\x00\x00\x00\x00\xD4\x07\x00\x00\
\x04\x00\x00\x00\x61\x64\x6D\x69\x6E\x2E\x24\x63\x6D\x64\x00\x00\
\x00\x00\x00\xFF\xFF\xFF\xFF\x18\x00\x00\x00\x10\x6C\x69\x73\x74\
\x44\x61\x74\x61\x62\x61\x73\x65\x73\x00\x01\x00\x00\x00\x00";


wVersionRequested = MAKEWORD( 1, 1 );
err = WSAStartup( wVersionRequested, &wsaData );
if ( err != 0 ) 
  return;


if ( LOBYTE( wsaData.wVersion ) != 1 ||
        HIBYTE( wsaData.wVersion ) != 1 ) {
  WSACleanup( );
  return; 
 }
 SOCKET sockClient=socket(AF_INET,SOCK_STREAM,0);
 SOCKADDR_IN addrSrv;
 addrSrv.sin_addr.S_un.S_addr=inet_addr(ip);
 addrSrv.sin_family=AF_INET;
 addrSrv.sin_port=htons(27017);
 connect(sockClient,(SOCKADDR*)&addrSrv,sizeof(SOCKADDR));
 char recvBuf[128];
 send(sockClient,(const char *)payload,sizeof(payload),0);
 recv(sockClient,recvBuf,64,0);
 if (strstr(recvBuf+41,"databases"))
 printf("%s","存在空口令！\n");
 closesocket(sockClient);
 WSACleanup();
 return ;
 
}