为什么?为什么阻塞了????????
//下面程序我从cgi.txt里面读出漏洞列表,然后开线程扫描
//可是一扫描就阻塞了。
//在getcgi函数里面的recv处卡住
//怎么办??????
struct cgi{
char *rmt_host;
CString url;
int n;
};
UINT cgiScan()
{
char rbuff[1024];
struct cgi mycgi[10];
CString cginame[900];
CString csline;
int line=0;
CStdioFile file;
SOCKET sockfd;
SOCKADDR_IN addr;
sockfd = socket(AF_INET, SOCK_STREAM, 0);
if (sockfd < 0)
{
printf("无法建立Socket\r\n");
return 0;
}
addr.sin_family = AF_INET;
addr.sin_port = htons(80);
addr.sin_addr.s_addr = inet_addr(rmt_host);
if(connect(sockfd,(struct sockaddr *) &addr, sizeof(addr))<0)
{
printf("目标没有开放www服务...\r\n");
fEvent.SetEvent();
return 0;
}
if(file.Open("cgi.txt", CFile::modeRead,NULL)==0)
{
printf("cgi漏洞列表文件cgi.txt被损坏!请确认");
}
while(file.ReadString(csline)!=NULL)
{
cginame[line]=csline;
line++;
}
file.Close();
memset(rbuff,0,1024);
printf("WWW服务器的Banner:");
send(sockfd,"HEAD / HTTP/1.0\n\n",sizeof("HEAD / HTTP/1.0\n\n"),0);
Sleep(1000);
recv(sockfd,rbuff,sizeof(rbuff),0);
Sleep(1000);
printf(rbuff);
closesocket(sockfd);
printf("开始CGI漏洞的扫描,由于扫描漏洞数量较多,请耐心等待...\r\n");
for(int i=0;i<(line/10);i++)
{
for(int j=0;j<10;j++)
{
mycgi[j].rmt_host=rmt_host;
mycgi[j].url=cginame[i*10+j];
mycgi[j].n=j;
Thread[j]=AfxBeginThread(getcgi,(LPVOID)&mycgi[j]);
hThread[j]=Thread[j]->m_hThread;
Sleep(1);
}
WaitForMultipleObjects(10,hThread,TRUE,120000);
}
fEvent.SetEvent();
return 0;
}
UINT getcgi(LPVOID pParam)
{
char rbuff[1024];
struct cgi* tcgi=(struct cgi *)pParam;
CString hole=tcgi->url;
CString url="GET ";
url+=hole;
url+=" HTTP/1.0\r\n";
int num=tcgi->n;
char *rmt_host=tcgi->rmt_host;
SOCKET sockfd;
SOCKADDR_IN addr;
sockfd = socket(AF_INET, SOCK_STREAM, 0);
if (sockfd < 0)
{
exit(0);
}
addr.sin_family = AF_INET;
addr.sin_port = htons(80);
addr.sin_addr.s_addr = inet_addr(rmt_host);
int r = connect(sockfd,(struct sockaddr *) &addr, sizeof(addr));
send(sockfd,url,url.GetLength(),0);
memset(rbuff,0,1024);
Sleep(1000);
recv(sockfd,rbuff,sizeof(rbuff),0);
Sleep(1000);
CString display="\t发现";
display+=hole;
display+="漏洞\r\n";
printf(display);
if (strstr(rbuff,"200 OK")!=NULL)
{
printf(display);
}
closesocket(sockfd);
return 0;
}