That doesn't seem to be correct. The digit character 0 is not the same as the null character ('\0'). Just write 0 or use `struct sockaddr_in serv_addr = { 0 };`.
It is common for code which is designed to trigger security bugs in systems to be published with several errors, so that skiddies can't just compile and run.
Additionally there are a bunch of other things very wrong with the exploit code.
If the connect() fails, it will use file descriptor 1 which is usually stdout and write the request to it and try to read from it.
And there is a problem with strstr() not getting a null terminated string (if the stack memory for recvBuff wasn't automatically zero'd out which some compilers can do).
Why do these people bother writing the exploit in C? A curl one liner is good enough.
Also the check for 'The request has an invalid header name' seems dubious to me because a proxy in front would likely return a different error (the header name is not invalid but rather the range not satisfyable).
