ChronosXYZ/nesca
1
0
Fork 0
mirror of https://github.com/ChronosX88/nesca.git synced 2024-11-23 10:42:21 +00:00
Code Issues Projects Releases Wiki Activity

HttpAuth brute fix

Browse Source
This commit is contained in:
cora32 2015-04-19 02:00:40 +03:00
parent d5bf3ef9e8
commit 07f93c5b12
8 changed files with 48 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
BasicAuth.cpp
View File

@ -30,7 +30,7 @@ bool BA::checkOutput(const string *buffer, const char *ip, const int port) {
return false;
}
lopaStr BA::BABrute(const char *ip, const int port) {
lopaStr BA::BABrute(const char *ip, const int port, bool digestMode) {
string buffer;
string lpString;
lopaStr lps = {"UNKNOWN", "", ""};
@ -44,7 +44,7 @@ lopaStr BA::BABrute(const char *ip, const int port) {
lpString = string(loginLst[i]) + ":" + string(passLst[j]);
res = Connector::nConnect(ip, port, &buffer, NULL, NULL, &lpString);
res = Connector::nConnect(ip, port, &buffer, NULL, NULL, &lpString, digestMode);
if (res == -2) return lps;
else if (res != -1) {
if (checkOutput(&buffer, ip, port)) {
@ -65,16 +65,14 @@ lopaStr BA::BABrute(const char *ip, const int port) {
return lps;
}
lopaStr BA::BALobby(const char *ip, const int port) {
lopaStr BA::BALobby(const char *ip, const int port, bool digestMode) {
if(gMaxBrutingThreads > 0) {
while(BrutingThrds >= gMaxBrutingThreads) Sleep(1000);
++baCount;
++BrutingThrds;
//BruteUtils::BConInc();
const lopaStr &lps = BABrute(ip, port);
//BruteUtils::BConDec();
const lopaStr &lps = BABrute(ip, port, digestMode);
--BrutingThrds;
return lps;

4
BasicAuth.h
View File

@ -9,10 +9,10 @@
class BA {
private:
static bool checkOutput(const string *buffer, const char *ip, const int port);
static lopaStr BABrute(const char *ip, const int port);
static lopaStr BABrute(const char *ip, const int port, bool digestMode);
public:
static lopaStr BALobby(const char *ip, const int port);
static lopaStr BALobby(const char *ip, const int port, bool digestMode);
};
#endif // BASICAUTH_H

11
Connector.cpp
View File

@ -119,7 +119,8 @@ size_t nWriteCallback(void *contents, size_t size, size_t nmemb, void *userp)
int Connector::nConnect(const char* ip, const int port, std::string *buffer,
const char *postData,
const std::vector<std::string> *customHeaders,
const std::string *lpString){
const std::string *lpString,
bool digestMode){
buffer->clear();
CURL *curl = curl_easy_init();
@ -171,19 +172,13 @@ int Connector::nConnect(const char* ip, const int port, std::string *buffer,
}
if (lpString != NULL) {
curl_easy_setopt(curl, CURLOPT_HTTPAUTH, (long)CURLAUTH_ANY);
if(digestMode) curl_easy_setopt(curl, CURLOPT_HTTPAUTH, (long)CURLAUTH_DIGEST);
curl_easy_setopt(curl, CURLOPT_UNRESTRICTED_AUTH, 1L);
curl_easy_setopt(curl, CURLOPT_FTPLISTONLY, 1L);
curl_easy_setopt(curl, CURLOPT_USERPWD, lpString->c_str());
};
int res = curl_easy_perform(curl);
if (port != 21 && lpString != NULL) {
int pos = Utils::ustrstr(*buffer, "\r\n\r\n");
if (pos != -1) {
*buffer = buffer->substr(pos + 4);
}
}
curl_easy_cleanup(curl);
if (res == CURLE_OK ||

3
Connector.h
View File

@ -16,7 +16,8 @@ public:
static int nConnect(const char* ip, const int port, std::string *buffer,
const char *postData = NULL,
const std::vector<std::string> *customHeaders = NULL,
const std::string *lpString = NULL);
const std::string *lpString = NULL,
bool digestMode = false);
static int connectToPort(char *ip, int port);
};
#endif // CONNECTOR_H

4
finder.cpp
View File

@ -1212,7 +1212,7 @@ void _specBrute(const char *ip, int port,
char *finalstr, int flag,
char *path, char *comment, char *cp, int size)
{
const lopaStr &lps = BA::BALobby((string(ip) + string(path)).c_str(), port);
const lopaStr &lps = BA::BALobby((string(ip) + string(path)).c_str(), port, (strcmp(comment, "[DIGEST]") == 0 ? true : false));
if(strstr(lps.login, "UNKNOWN") == NULL && strlen(lps.other) == 0)
{
@ -2577,7 +2577,7 @@ int Lexems::filler(char* ip, int port, const std::string *buffcpy, int size, Lex
char log[512] = { 0 };
++AnomC1;
const lopaStr &lps = BA::BALobby((string(ip) + "/~login").c_str(), port);
const lopaStr &lps = BA::BALobby((string(ip) + "/~login").c_str(), port, false);
sprintf(log, "[HFS]:<a href=\"http://%s:%d/\"><span style=\"color: #a1a1a1;\">%s:%d</span></a><font color=\"#0084ff\"> T: </font><font color=\"#ff9600\">%s Pass: %s:%s</font>",
ip, port, ip, port, finalstr, lps.login, lps.pass);

68
nesca_3.cpp
View File

@ -160,8 +160,8 @@ void _LoadPersInfoToLocalVars(int savedTabIndex) {
}
};
strncpy(gPorts, ("-p" + ui->portLine->text()).toLocal8Bit().data(), 65536);
gPorts[ui->lineEditPort->text().length() + 2] = '\0';
strncpy(gPorts, ("-p" + ui->ipmPortLine->text()).toLocal8Bit().data(), 65536);
gPorts[ui->ipmPortLine->text().length() + 2] = '\0';
}
else if (savedTabIndex == 1)
{
@ -170,14 +170,15 @@ void _LoadPersInfoToLocalVars(int savedTabIndex) {
strcpy(currentIP, ui->lineEditStartIPDNS->text().toLocal8Bit().data());
strcpy(gTLD, ui->lineILVL->text().toLocal8Bit().data());
strncpy(gPorts, ("-p" + ui->lineEditPort->text()).toLocal8Bit().data(), 65536);
gPorts[ui->lineEditPort->text().length() + 2] = '\0';
strncpy(gPorts, ("-p" + ui->dnsPortLine->text()).toLocal8Bit().data(), 65536);
gPorts[ui->dnsPortLine->text().length() + 2] = '\0';
}
else if (savedTabIndex == 2)
{
gMode = -1;
gThreads = ui->importThreads->text().toInt();
strncpy(gPorts, ("-p" + ui->importPorts->text()).toLocal8Bit().data(), 65536);
strncpy(gPorts, ("-p" + ui->importPortLine->text()).toLocal8Bit().data(), 65536);
gPorts[ui->dnsPortLine->text().length() + 2] = '\0';
};
strcpy(trcSrv, ui->lineTrackerSrv->text().toLocal8Bit().data());
@ -534,8 +535,9 @@ void SetValidators()
ui->ipLine->setValidator(validator);
validator = new QRegExpValidator(QRegExp("(\\d{1,5}[,|-]\\s{0,1})+"), NULL);
ui->portLine->setValidator(validator);
ui->lineEditPort->setValidator(validator);
ui->ipmPortLine->setValidator(validator);
ui->dnsPortLine->setValidator(validator);
ui->importPortLine->setValidator(validator);
validator = new QRegExpValidator(QRegExp("\\d{1,3}"), NULL);
ui->importThreads->setValidator(validator);
@ -2017,7 +2019,7 @@ void nesca_3::IPScanSeq()
{
if(ui->ipLine->text() != "")
{
if(ui->portLine->text() != "")
if(ui->ipmPortLine->text() != "")
{
stopFirst = false;
ui->tabMainWidget->setTabEnabled(1, false);
@ -2029,7 +2031,7 @@ void nesca_3::IPScanSeq()
stt->setTarget((ui->ipLine->text().indexOf("-") > 0 ? ui->ipLine->text() :
(ui->ipLine->text().indexOf("/") < 0 ? ui->ipLine->text() + "-" + ui->ipLine->text() : ui->ipLine->text())
));
stt->setPorts(ui->portLine->text().replace(" ", ""));
stt->setPorts(ui->ipmPortLine->text().replace(" ", ""));
stt->start();
startFlag = true;
@ -2087,7 +2089,7 @@ void nesca_3::DNSScanSeq()
{
if(ui->lineEditStartIPDNS->text() != "")
{
if(ui->lineEditPort->text() != "")
if(ui->dnsPortLine->text() != "")
{
if(ui->lineEditStartIPDNS->text().indexOf(".") > 0)
{
@ -2110,7 +2112,7 @@ void nesca_3::DNSScanSeq()
stt->setMode(1);
stt->setTarget(ui->lineEditStartIPDNS->text());
stt->setPorts(ui->lineEditPort->text().replace(" ", ""));
stt->setPorts(ui->dnsPortLine->text().replace(" ", ""));
stt->start();
startFlag = true;
@ -2155,7 +2157,7 @@ void nesca_3::ImportScanSeq()
stt->setMode(-1);
stt->setTarget(fileName);
stt->setPorts(ui->importPorts->text().replace(" ", ""));
stt->setPorts(ui->importPortLine->text().replace(" ", ""));
stt->start();
startFlag = true;
@ -2170,10 +2172,7 @@ void nesca_3::ImportScanSeq()
);
ui->dataText->clear();
}
else
{
stt->doEmitionYellowFoundData("Empty filename.");
};
else stt->doEmitionYellowFoundData("Empty filename.");
}
QLabel *smsgLbl;
@ -2207,18 +2206,9 @@ void nesca_3::slotRestoreDefPorts()
{
int ci = ui->tabMainWidget->currentIndex();
if(ci == 0)
{
ui->portLine->setText(PORTSET);
}
else if(ci == 1)
{
ui->lineEditPort->setText(PORTSET);
}
else if(ci == 2)
{
ui->importPorts->setText(PORTSET);
};
if (ci == 0) ui->ipmPortLine->setText(PORTSET);
else if (ci == 1) ui->dnsPortLine->setText(PORTSET);
else if (ci == 2) ui->importPortLine->setText(PORTSET);
}
QGraphicsTextItem *textItem = NULL;
@ -2330,10 +2320,10 @@ void nesca_3::ConnectEvrthng()
connect ( ui->lineEditStartIPDNS, SIGNAL( textChanged(QString) ), this, SLOT( DNSLine_ValueChanged(QString) ) );
connect ( ui->ipLine, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClicked() ) );
connect ( ui->threadLine, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClicked() ) );
connect ( ui->portLine, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClicked() ) );
connect ( ui->ipmPortLine, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClicked() ) );
connect ( ui->lineEditStartIPDNS, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClickedDNS() ) );
connect ( ui->lineILVL, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClickedDNS() ) );
connect ( ui->lineEditPort, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClickedDNS() ) );
connect ( ui->dnsPortLine, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClickedDNS() ) );
connect ( ui->lineEditThread, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClickedDNS() ) );
connect ( ui->logoLabel, SIGNAL( clicked() ), this, SLOT( logoLabelClicked() ) );
connect ( ui->me2ScanBut, SIGNAL( clicked() ), this, SLOT( activateME2ScanScene() ) );
@ -2505,22 +2495,22 @@ void RestoreSession()
PortString.replace("\n", "");
if(PortString.length() > 0) {
ui->lineEditPort->setText(PortString);
ui->portLine->setText(PortString);
ui->importPorts->setText(PortString);
ui->ipmPortLine->setText(PortString);
ui->dnsPortLine->setText(PortString);
ui->importPortLine->setText(PortString);
} else {
ui->lineEditPort->setText(PORTSET);
ui->portLine->setText(PORTSET);
ui->importPorts->setText(PORTSET);
ui->ipmPortLine->setText(PORTSET);
ui->dnsPortLine->setText(PORTSET);
ui->importPortLine->setText(PORTSET);
}
delete []fPorts;
}
else
{
ui->lineEditPort->setText(PORTSET);
ui->portLine->setText(PORTSET);
ui->importPorts->setText(PORTSET);
ui->ipmPortLine->setText(PORTSET);
ui->dnsPortLine->setText(PORTSET);
ui->importPortLine->setText(PORTSET);
};
};

10
nesca_3.ui
View File

@ -171,7 +171,7 @@
<string>000.000.000.000-255.255.255.255</string>
</property>
</widget>
<widget class="QLineEdit" name="portLine">
<widget class="QLineEdit" name="ipmPortLine">
<property name="geometry">
<rect>
<x>110</x>
@ -482,7 +482,7 @@
<string>.mobi</string>
</property>
</widget>
<widget class="QLineEdit" name="lineEditPort">
<widget class="QLineEdit" name="dnsPortLine">
<property name="geometry">
<rect>
<x>110</x>
@ -789,7 +789,7 @@ color: rgb(214, 214, 0);</string>
<string>100</string>
</property>
</widget>
<widget class="QLineEdit" name="importPorts">
<widget class="QLineEdit" name="importPortLine">
<property name="geometry">
<rect>
<x>110</x>
@ -3318,11 +3318,11 @@ background-color: #000000;</string>
<layoutdefault spacing="6" margin="11"/>
<tabstops>
<tabstop>ipLine</tabstop>
<tabstop>portLine</tabstop>
<tabstop>ipmPortLine</tabstop>
<tabstop>threadLine</tabstop>
<tabstop>lineEditStartIPDNS</tabstop>
<tabstop>lineILVL</tabstop>
<tabstop>lineEditPort</tabstop>
<tabstop>dnsPortLine</tabstop>
<tabstop>lineEditThread</tabstop>
<tabstop>lineTrackerSrv</tabstop>
<tabstop>lineTrackerScr</tabstop>

2
version
View File

@ -1 +1 @@
24B93-2E
24B93-9B