[ http://www.rootshell.com/ ]

/*
 Black Angel proudly presents :
  -----------------------------
 
  QPOP Scanner V1.0
  
 Syntax :
  
  ./qscan 195.3.90.2 196.0.0.0 <- will scan the specified IP range
  
 What ist does :
 
  It scans for the POP3 service, and waiting for a "popper", a program
  with lots of bugs for getting root. It does *not* check the version,
  because there are so many bugs, that you will find a way. There are patches,
  but the must be installed, so... :).
  
  
  Have fun !


  PS : Use this program at your own risk.
*/


/*well I don't know whether we will need all, but... :)*/
#include <fcntl.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <signal.h>
#include <stdio.h>
#include <string.h>
#include <netdb.h>
#include <ctype.h>
#include <arpa/nameser.h>
#include <sys/stat.h>
#include <strings.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/socket.h>



void main(int argc, char *argv[])
{
 int sock;
 struct in_addr addr;
 struct sockaddr_in sin;
 unsigned long start;
 unsigned long end;
 unsigned long counter;
 char buffer[1000];

 printf("Black Angel's QPOP Scanner V1.0 7/1998\n");
 printf("E-Mail : b_angel98@yahoo.com\n\n");

 if (argc!=3)
 {
  printf("\nusage : %s start-ip-address  end-ip-address\n\n",argv[0]);
  exit(0);
 }
 
 start=inet_addr(argv[1]);
  end=inet_addr(argv[2]);
 
 sock=socket(AF_INET, SOCK_STREAM, 0);

 for (counter = ntohl(start); counter <= ntohl(end); counter++)
 {
  if ((counter & 0xff) == 255) counter++;
  if ((counter & 0xff) == 0)   counter++;
 
  sin.sin_family=AF_INET;
  sin.sin_port=htons(110);
  sin.sin_addr.s_addr=htonl(counter);
  addr.s_addr=htonl(counter);
  if (connect(sock, (struct sockaddr*)&sin, sizeof(sin))==0)
  {
   read(sock, buffer, sizeof(buffer));
   if (strstr(buffer, "QPOP")!=NULL)
   {
    fprintf(stdout, "FOUND : %s\n", inet_ntoa(addr));
   }
  }
 }
 close(sock);
}