ChronosXYZ/nesca
1
0
Fork 0
mirror of https://github.com/ChronosX88/nesca.git synced 2024-11-23 18:52:19 +00:00
Code Issues Projects Releases Wiki Activity

HttpAuth brute fix

Browse Source
This commit is contained in:
cora32 2015-04-19 02:00:40 +03:00
parent d5bf3ef9e8
commit 07f93c5b12
8 changed files with 48 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
BasicAuth.cpp
View File

@ -30,7 +30,7 @@ bool BA::checkOutput(const string *buffer, const char *ip, const int port) {
return false; return false;
} }
lopaStr BA::BABrute(const char *ip, const int port) { lopaStr BA::BABrute(const char *ip, const int port, bool digestMode) {
string buffer; string buffer;
string lpString; string lpString;
lopaStr lps = {"UNKNOWN", "", ""}; lopaStr lps = {"UNKNOWN", "", ""};
@ -44,7 +44,7 @@ lopaStr BA::BABrute(const char *ip, const int port) {
lpString = string(loginLst[i]) + ":" + string(passLst[j]); lpString = string(loginLst[i]) + ":" + string(passLst[j]);
res = Connector::nConnect(ip, port, &buffer, NULL, NULL, &lpString); res = Connector::nConnect(ip, port, &buffer, NULL, NULL, &lpString, digestMode);
if (res == -2) return lps; if (res == -2) return lps;
else if (res != -1) { else if (res != -1) {
if (checkOutput(&buffer, ip, port)) { if (checkOutput(&buffer, ip, port)) {
@ -65,16 +65,14 @@ lopaStr BA::BABrute(const char *ip, const int port) {
return lps; return lps;
} }
lopaStr BA::BALobby(const char *ip, const int port) { lopaStr BA::BALobby(const char *ip, const int port, bool digestMode) {
if(gMaxBrutingThreads > 0) { if(gMaxBrutingThreads > 0) {
while(BrutingThrds >= gMaxBrutingThreads) Sleep(1000); while(BrutingThrds >= gMaxBrutingThreads) Sleep(1000);
++baCount; ++baCount;
++BrutingThrds; ++BrutingThrds;
//BruteUtils::BConInc(); const lopaStr &lps = BABrute(ip, port, digestMode);
const lopaStr &lps = BABrute(ip, port);
//BruteUtils::BConDec();
--BrutingThrds; --BrutingThrds;
return lps; return lps;

4
BasicAuth.h
View File

@ -9,10 +9,10 @@
class BA { class BA {
private: private:
static bool checkOutput(const string *buffer, const char *ip, const int port); static bool checkOutput(const string *buffer, const char *ip, const int port);
static lopaStr BABrute(const char *ip, const int port); static lopaStr BABrute(const char *ip, const int port, bool digestMode);
public: public:
static lopaStr BALobby(const char *ip, const int port); static lopaStr BALobby(const char *ip, const int port, bool digestMode);
}; };
#endif // BASICAUTH_H #endif // BASICAUTH_H

11
Connector.cpp
View File

@ -119,7 +119,8 @@ size_t nWriteCallback(void *contents, size_t size, size_t nmemb, void *userp)
int Connector::nConnect(const char* ip, const int port, std::string *buffer, int Connector::nConnect(const char* ip, const int port, std::string *buffer,
const char *postData, const char *postData,
const std::vector<std::string> *customHeaders, const std::vector<std::string> *customHeaders,
const std::string *lpString){ const std::string *lpString,
bool digestMode){
buffer->clear(); buffer->clear();
CURL *curl = curl_easy_init(); CURL *curl = curl_easy_init();
@ -171,19 +172,13 @@ int Connector::nConnect(const char* ip, const int port, std::string *buffer,
} }
if (lpString != NULL) { if (lpString != NULL) {
curl_easy_setopt(curl, CURLOPT_HTTPAUTH, (long)CURLAUTH_ANY); if(digestMode) curl_easy_setopt(curl, CURLOPT_HTTPAUTH, (long)CURLAUTH_DIGEST);
curl_easy_setopt(curl, CURLOPT_UNRESTRICTED_AUTH, 1L); curl_easy_setopt(curl, CURLOPT_UNRESTRICTED_AUTH, 1L);
curl_easy_setopt(curl, CURLOPT_FTPLISTONLY, 1L); curl_easy_setopt(curl, CURLOPT_FTPLISTONLY, 1L);
curl_easy_setopt(curl, CURLOPT_USERPWD, lpString->c_str()); curl_easy_setopt(curl, CURLOPT_USERPWD, lpString->c_str());
}; };
int res = curl_easy_perform(curl); int res = curl_easy_perform(curl);
if (port != 21 && lpString != NULL) {
int pos = Utils::ustrstr(*buffer, "\r\n\r\n");
if (pos != -1) {
*buffer = buffer->substr(pos + 4);
}
}
curl_easy_cleanup(curl); curl_easy_cleanup(curl);
if (res == CURLE_OK || if (res == CURLE_OK ||

3
Connector.h
View File

@ -16,7 +16,8 @@ public:
static int nConnect(const char* ip, const int port, std::string *buffer, static int nConnect(const char* ip, const int port, std::string *buffer,
const char *postData = NULL, const char *postData = NULL,
const std::vector<std::string> *customHeaders = NULL, const std::vector<std::string> *customHeaders = NULL,
const std::string *lpString = NULL); const std::string *lpString = NULL,
bool digestMode = false);
static int connectToPort(char *ip, int port); static int connectToPort(char *ip, int port);
}; };
#endif // CONNECTOR_H #endif // CONNECTOR_H

4
finder.cpp
View File

@ -1212,7 +1212,7 @@ void _specBrute(const char *ip, int port,
char *finalstr, int flag, char *finalstr, int flag,
char *path, char *comment, char *cp, int size) char *path, char *comment, char *cp, int size)
{ {
const lopaStr &lps = BA::BALobby((string(ip) + string(path)).c_str(), port); const lopaStr &lps = BA::BALobby((string(ip) + string(path)).c_str(), port, (strcmp(comment, "[DIGEST]") == 0 ? true : false));
if(strstr(lps.login, "UNKNOWN") == NULL && strlen(lps.other) == 0) if(strstr(lps.login, "UNKNOWN") == NULL && strlen(lps.other) == 0)
{ {
@ -2577,7 +2577,7 @@ int Lexems::filler(char* ip, int port, const std::string *buffcpy, int size, Lex
char log[512] = { 0 }; char log[512] = { 0 };
++AnomC1; ++AnomC1;
const lopaStr &lps = BA::BALobby((string(ip) + "/~login").c_str(), port); const lopaStr &lps = BA::BALobby((string(ip) + "/~login").c_str(), port, false);
sprintf(log, "[HFS]:<a href=\"http://%s:%d/\"><span style=\"color: #a1a1a1;\">%s:%d</span></a><font color=\"#0084ff\"> T: </font><font color=\"#ff9600\">%s Pass: %s:%s</font>", sprintf(log, "[HFS]:<a href=\"http://%s:%d/\"><span style=\"color: #a1a1a1;\">%s:%d</span></a><font color=\"#0084ff\"> T: </font><font color=\"#ff9600\">%s Pass: %s:%s</font>",
ip, port, ip, port, finalstr, lps.login, lps.pass); ip, port, ip, port, finalstr, lps.login, lps.pass);

68
nesca_3.cpp
View File

@ -160,8 +160,8 @@ void _LoadPersInfoToLocalVars(int savedTabIndex) {
} }
}; };
strncpy(gPorts, ("-p" + ui->portLine->text()).toLocal8Bit().data(), 65536); strncpy(gPorts, ("-p" + ui->ipmPortLine->text()).toLocal8Bit().data(), 65536);
gPorts[ui->lineEditPort->text().length() + 2] = '\0'; gPorts[ui->ipmPortLine->text().length() + 2] = '\0';
} }
else if (savedTabIndex == 1) else if (savedTabIndex == 1)
{ {
@ -170,14 +170,15 @@ void _LoadPersInfoToLocalVars(int savedTabIndex) {
strcpy(currentIP, ui->lineEditStartIPDNS->text().toLocal8Bit().data()); strcpy(currentIP, ui->lineEditStartIPDNS->text().toLocal8Bit().data());
strcpy(gTLD, ui->lineILVL->text().toLocal8Bit().data()); strcpy(gTLD, ui->lineILVL->text().toLocal8Bit().data());
strncpy(gPorts, ("-p" + ui->lineEditPort->text()).toLocal8Bit().data(), 65536); strncpy(gPorts, ("-p" + ui->dnsPortLine->text()).toLocal8Bit().data(), 65536);
gPorts[ui->lineEditPort->text().length() + 2] = '\0'; gPorts[ui->dnsPortLine->text().length() + 2] = '\0';
} }
else if (savedTabIndex == 2) else if (savedTabIndex == 2)
{ {
gMode = -1; gMode = -1;
gThreads = ui->importThreads->text().toInt(); gThreads = ui->importThreads->text().toInt();
strncpy(gPorts, ("-p" + ui->importPorts->text()).toLocal8Bit().data(), 65536); strncpy(gPorts, ("-p" + ui->importPortLine->text()).toLocal8Bit().data(), 65536);
gPorts[ui->dnsPortLine->text().length() + 2] = '\0';
}; };
strcpy(trcSrv, ui->lineTrackerSrv->text().toLocal8Bit().data()); strcpy(trcSrv, ui->lineTrackerSrv->text().toLocal8Bit().data());
@ -534,8 +535,9 @@ void SetValidators()
ui->ipLine->setValidator(validator); ui->ipLine->setValidator(validator);
validator = new QRegExpValidator(QRegExp("(\\d{1,5}[,|-]\\s{0,1})+"), NULL); validator = new QRegExpValidator(QRegExp("(\\d{1,5}[,|-]\\s{0,1})+"), NULL);
ui->portLine->setValidator(validator); ui->ipmPortLine->setValidator(validator);
ui->lineEditPort->setValidator(validator); ui->dnsPortLine->setValidator(validator);
ui->importPortLine->setValidator(validator);
validator = new QRegExpValidator(QRegExp("\\d{1,3}"), NULL); validator = new QRegExpValidator(QRegExp("\\d{1,3}"), NULL);
ui->importThreads->setValidator(validator); ui->importThreads->setValidator(validator);
@ -2017,7 +2019,7 @@ void nesca_3::IPScanSeq()
{ {
if(ui->ipLine->text() != "") if(ui->ipLine->text() != "")
{ {
if(ui->portLine->text() != "") if(ui->ipmPortLine->text() != "")
{ {
stopFirst = false; stopFirst = false;
ui->tabMainWidget->setTabEnabled(1, false); ui->tabMainWidget->setTabEnabled(1, false);
@ -2029,7 +2031,7 @@ void nesca_3::IPScanSeq()
stt->setTarget((ui->ipLine->text().indexOf("-") > 0 ? ui->ipLine->text() : stt->setTarget((ui->ipLine->text().indexOf("-") > 0 ? ui->ipLine->text() :
(ui->ipLine->text().indexOf("/") < 0 ? ui->ipLine->text() + "-" + ui->ipLine->text() : ui->ipLine->text()) (ui->ipLine->text().indexOf("/") < 0 ? ui->ipLine->text() + "-" + ui->ipLine->text() : ui->ipLine->text())
)); ));
stt->setPorts(ui->portLine->text().replace(" ", "")); stt->setPorts(ui->ipmPortLine->text().replace(" ", ""));
stt->start(); stt->start();
startFlag = true; startFlag = true;
@ -2087,7 +2089,7 @@ void nesca_3::DNSScanSeq()
{ {
if(ui->lineEditStartIPDNS->text() != "") if(ui->lineEditStartIPDNS->text() != "")
{ {
if(ui->lineEditPort->text() != "") if(ui->dnsPortLine->text() != "")
{ {
if(ui->lineEditStartIPDNS->text().indexOf(".") > 0) if(ui->lineEditStartIPDNS->text().indexOf(".") > 0)
{ {
@ -2110,7 +2112,7 @@ void nesca_3::DNSScanSeq()
stt->setMode(1); stt->setMode(1);
stt->setTarget(ui->lineEditStartIPDNS->text()); stt->setTarget(ui->lineEditStartIPDNS->text());
stt->setPorts(ui->lineEditPort->text().replace(" ", "")); stt->setPorts(ui->dnsPortLine->text().replace(" ", ""));
stt->start(); stt->start();
startFlag = true; startFlag = true;
@ -2155,7 +2157,7 @@ void nesca_3::ImportScanSeq()
stt->setMode(-1); stt->setMode(-1);
stt->setTarget(fileName); stt->setTarget(fileName);
stt->setPorts(ui->importPorts->text().replace(" ", "")); stt->setPorts(ui->importPortLine->text().replace(" ", ""));
stt->start(); stt->start();
startFlag = true; startFlag = true;
@ -2170,10 +2172,7 @@ void nesca_3::ImportScanSeq()
); );
ui->dataText->clear(); ui->dataText->clear();
} }
else else stt->doEmitionYellowFoundData("Empty filename.");
{
stt->doEmitionYellowFoundData("Empty filename.");
};
} }
QLabel *smsgLbl; QLabel *smsgLbl;
@ -2207,18 +2206,9 @@ void nesca_3::slotRestoreDefPorts()
{ {
int ci = ui->tabMainWidget->currentIndex(); int ci = ui->tabMainWidget->currentIndex();
if(ci == 0) if (ci == 0) ui->ipmPortLine->setText(PORTSET);
{ else if (ci == 1) ui->dnsPortLine->setText(PORTSET);
ui->portLine->setText(PORTSET); else if (ci == 2) ui->importPortLine->setText(PORTSET);
}
else if(ci == 1)
{
ui->lineEditPort->setText(PORTSET);
}
else if(ci == 2)
{
ui->importPorts->setText(PORTSET);
};
} }
QGraphicsTextItem *textItem = NULL; QGraphicsTextItem *textItem = NULL;
@ -2330,10 +2320,10 @@ void nesca_3::ConnectEvrthng()
connect ( ui->lineEditStartIPDNS, SIGNAL( textChanged(QString) ), this, SLOT( DNSLine_ValueChanged(QString) ) ); connect ( ui->lineEditStartIPDNS, SIGNAL( textChanged(QString) ), this, SLOT( DNSLine_ValueChanged(QString) ) );
connect ( ui->ipLine, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClicked() ) ); connect ( ui->ipLine, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClicked() ) );
connect ( ui->threadLine, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClicked() ) ); connect ( ui->threadLine, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClicked() ) );
connect ( ui->portLine, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClicked() ) ); connect ( ui->ipmPortLine, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClicked() ) );
connect ( ui->lineEditStartIPDNS, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClickedDNS() ) ); connect ( ui->lineEditStartIPDNS, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClickedDNS() ) );
connect ( ui->lineILVL, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClickedDNS() ) ); connect ( ui->lineILVL, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClickedDNS() ) );
connect ( ui->lineEditPort, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClickedDNS() ) ); connect ( ui->dnsPortLine, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClickedDNS() ) );
connect ( ui->lineEditThread, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClickedDNS() ) ); connect ( ui->lineEditThread, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClickedDNS() ) );
connect ( ui->logoLabel, SIGNAL( clicked() ), this, SLOT( logoLabelClicked() ) ); connect ( ui->logoLabel, SIGNAL( clicked() ), this, SLOT( logoLabelClicked() ) );
connect ( ui->me2ScanBut, SIGNAL( clicked() ), this, SLOT( activateME2ScanScene() ) ); connect ( ui->me2ScanBut, SIGNAL( clicked() ), this, SLOT( activateME2ScanScene() ) );
@ -2505,22 +2495,22 @@ void RestoreSession()
PortString.replace("\n", ""); PortString.replace("\n", "");
if(PortString.length() > 0) { if(PortString.length() > 0) {
ui->lineEditPort->setText(PortString); ui->ipmPortLine->setText(PortString);
ui->portLine->setText(PortString); ui->dnsPortLine->setText(PortString);
ui->importPorts->setText(PortString); ui->importPortLine->setText(PortString);
} else { } else {
ui->lineEditPort->setText(PORTSET); ui->ipmPortLine->setText(PORTSET);
ui->portLine->setText(PORTSET); ui->dnsPortLine->setText(PORTSET);
ui->importPorts->setText(PORTSET); ui->importPortLine->setText(PORTSET);
} }
delete []fPorts; delete []fPorts;
} }
else else
{ {
ui->lineEditPort->setText(PORTSET); ui->ipmPortLine->setText(PORTSET);
ui->portLine->setText(PORTSET); ui->dnsPortLine->setText(PORTSET);
ui->importPorts->setText(PORTSET); ui->importPortLine->setText(PORTSET);
}; };
}; };

10
nesca_3.ui
View File

@ -171,7 +171,7 @@
<string>000.000.000.000-255.255.255.255</string> <string>000.000.000.000-255.255.255.255</string>
</property> </property>
</widget> </widget>
<widget class="QLineEdit" name="portLine"> <widget class="QLineEdit" name="ipmPortLine">
<property name="geometry"> <property name="geometry">
<rect> <rect>
<x>110</x> <x>110</x>
@ -482,7 +482,7 @@
<string>.mobi</string> <string>.mobi</string>
</property> </property>
</widget> </widget>
<widget class="QLineEdit" name="lineEditPort"> <widget class="QLineEdit" name="dnsPortLine">
<property name="geometry"> <property name="geometry">
<rect> <rect>
<x>110</x> <x>110</x>
@ -789,7 +789,7 @@ color: rgb(214, 214, 0);</string>
<string>100</string> <string>100</string>
</property> </property>
</widget> </widget>
<widget class="QLineEdit" name="importPorts"> <widget class="QLineEdit" name="importPortLine">
<property name="geometry"> <property name="geometry">
<rect> <rect>
<x>110</x> <x>110</x>
@ -3318,11 +3318,11 @@ background-color: #000000;</string>
<layoutdefault spacing="6" margin="11"/> <layoutdefault spacing="6" margin="11"/>
<tabstops> <tabstops>
<tabstop>ipLine</tabstop> <tabstop>ipLine</tabstop>
<tabstop>portLine</tabstop> <tabstop>ipmPortLine</tabstop>
<tabstop>threadLine</tabstop> <tabstop>threadLine</tabstop>
<tabstop>lineEditStartIPDNS</tabstop> <tabstop>lineEditStartIPDNS</tabstop>
<tabstop>lineILVL</tabstop> <tabstop>lineILVL</tabstop>
<tabstop>lineEditPort</tabstop> <tabstop>dnsPortLine</tabstop>
<tabstop>lineEditThread</tabstop> <tabstop>lineEditThread</tabstop>
<tabstop>lineTrackerSrv</tabstop> <tabstop>lineTrackerSrv</tabstop>
<tabstop>lineTrackerScr</tabstop> <tabstop>lineTrackerScr</tabstop>

2
version
View File

@ -1 +1 @@
24B93-2E 24B93-9B