PANIC!!!!!!!!!! :-)
/* sc.c */
#include <sys/socket.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <netdb.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <errno.h>
#include <arpa/inet.h>
static void print_recvbuf(const unsigned char *buf, size_t size)
{
size_t i;
for (i = 0; i < size; ++i)
{
(void) fprintf(stderr, "0x%x ", (unsigned int) buf[i]);
if ((i % 10) == 0)
(void) fprintf(stderr, "\n");
}
}
int main(int argc, char *argv[])
{
int sockfd = 0, n = 0, port = 0;
unsigned char recvbuf[1024];
struct sockaddr_in serv_addr;
if (argc != 3)
{
(void) fprintf(stderr,
"Usage: %s <ip-address> <port>\n", argv[0]);
return 1;
}
port = atoi(argv[2]);
if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) < 0)
{
(void) fprintf(stderr,
"error: socket(3) could not create socket!\n");
return 1;
}
(void) memset(&serv_addr, 0, sizeof(serv_addr));
serv_addr.sin_family = AF_INET;
serv_addr.sin_port = htons(port);
if (inet_pton(AF_INET, argv[1], &serv_addr.sin_addr) <= 0)
{
(void) fprintf(stderr, "error: inet_pton(3) error!\n");
return 1;
}
if (connect(sockfd, (struct sockaddr *)&serv_addr, sizeof(serv_addr)) < 0)
{
(void) fprintf(stderr, "error: connect(3) failed!\n");
return 1;
}
(void) memset(recvbuf, 0, sizeof(recvbuf));
while ((n = read(sockfd, recvbuf, sizeof(recvbuf)-1)) > 0)
print_recvbuf(recvbuf, n);
if (n < 0)
(void) fprintf(stderr, "error: read(2) error!\n");
close(sockfd);
return 0;
}
%> gcc --version
gcc (GCC) 5.3.1 20160406 (Red Hat 5.3.1-6)
Copyright (C) 2015 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
%> gcc -g -O2 -std=c99 -Wall -Wextra sc.c -o sc
%> ./sc 127.0.0.1 16992
error: connect(3) failed!
%> ./sc 127.0.0.1 22
0x53
0x53 0x48 0x2d 0x32 0x2e 0x30 0x2d 0x4f 0x70 0x65
0x6e 0x53 0x53 0x48 0x5f 0x37 0x2e 0x32 0xd 0xa
^C
%> uname -a
Linux xxxxxxxxx.xxxxxxxxx.xxx 4.7.10-100.fc23.x86_64 #1 SMP Wed Oct 26 23:29:32 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
%> cat /proc/cpuinfo
[ ... ]
processor : 7
vendor_id : GenuineIntel
cpu family : 6
model : 30
model name : Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz
stepping : 5
microcode : 0x7
cpu MHz : 931.000
cache size : 6144 KB
[ ... ]
It looks like some additional software is needed for this vulnerability to be enabled, because no-one seems to be listening on port 16992 on an - admittedly old-ish - Corei7.