Soldier of FORTRAN mainframed
sensepost
/ x3270-hack.patch
Created
November 22, 2013 22:24
Patch to x3270 to make it ignore protected fields, and allow them to be modified. This provided some significant pwnage on an assessment where the mainframe (IMS) application appeared to pass the username from one field to another. I'm still researching this, and it could turn out to be very specific to the set of apps I'm testing (maybe CICS ap…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff -u x3270-3.3/ctlr.c x3270-3.3-hacked/ctlr.c | |
| --- x3270-3.3/ctlr.c 2013-07-11 17:03:24.000000000 -0500 | |
| +++ x3270-3.3-hacked/ctlr.c 2013-11-22 15:30:50.000000000 -0600 | |
| @@ -334,8 +334,10 @@ | |
| ea_buf[-1].fa = FA_PRINTABLE | FA_MODIFY; | |
| aea_buf[-1].fa = FA_PRINTABLE | FA_MODIFY; | |
| } else { | |
| - ea_buf[-1].fa = FA_PRINTABLE | FA_PROTECT; | |
| - aea_buf[-1].fa = FA_PRINTABLE | FA_PROTECT; | |
| + //ea_buf[-1].fa = FA_PRINTABLE | FA_PROTECT; |