mirror of
https://github.com/ChronosX88/nesca.git
synced 2024-12-26 09:21:47 +00:00
Minor refactorings
This commit is contained in:
parent
39d2724812
commit
33cd0b4b7d
@ -29,7 +29,7 @@ bool BA::checkOutput(const string *buffer, const char *ip, const int port) {
|
||||
return false;
|
||||
}
|
||||
|
||||
lopaStr BA::_BABrute(const char *ip, const int port) {
|
||||
lopaStr BA::BABrute(const char *ip, const int port) {
|
||||
string buffer;
|
||||
string lpString;
|
||||
lopaStr lps;
|
||||
@ -65,11 +65,11 @@ lopaStr BA::_BABrute(const char *ip, const int port) {
|
||||
return lps;
|
||||
}
|
||||
|
||||
lopaStr BA::_BALobby(const char *ip, const int port) {
|
||||
lopaStr BA::BALobby(const char *ip, const int port) {
|
||||
while(BrutingThrds >= gMaxBrutingThreads) Sleep(1000);
|
||||
|
||||
BruteUtils::BConInc();
|
||||
const lopaStr &lps = _BABrute(ip, port);
|
||||
const lopaStr &lps = BABrute(ip, port);
|
||||
BruteUtils::BConDec();
|
||||
|
||||
return lps;
|
||||
|
@ -10,10 +10,10 @@
|
||||
class BA {
|
||||
private:
|
||||
static bool checkOutput(const string *buffer, const char *ip, const int port);
|
||||
static lopaStr _BABrute(const char *ip, const int port);
|
||||
static lopaStr BABrute(const char *ip, const int port);
|
||||
|
||||
public:
|
||||
static lopaStr _BALobby(const char *ip, const int port);
|
||||
static lopaStr BALobby(const char *ip, const int port);
|
||||
};
|
||||
|
||||
#endif // BASICAUTH_H
|
||||
|
143
Connector.cpp
143
Connector.cpp
@ -85,142 +85,6 @@ int _pingMyTarget(const char *ip)
|
||||
}
|
||||
#endif
|
||||
|
||||
int _sshConnect(char *user, char *pass, const char *host, int port)
|
||||
{
|
||||
char hostStr[128] = {0};
|
||||
ZeroMemory(hostStr, sizeof(hostStr));
|
||||
strcpy(hostStr, user);
|
||||
strcat(hostStr, "@");
|
||||
strcat(hostStr, host);
|
||||
|
||||
ssh_session my_ssh_session = ssh_new();
|
||||
if (my_ssh_session == NULL)
|
||||
{
|
||||
ssh_free(my_ssh_session);
|
||||
return -1;
|
||||
};
|
||||
|
||||
ssh_options_set(my_ssh_session, SSH_OPTIONS_HOST, hostStr);
|
||||
ssh_options_set(my_ssh_session, SSH_OPTIONS_PORT, &port);
|
||||
//ssh_options_set(my_ssh_session, SSH_OPTIONS_LOG_VERBOSITY, &verbosity);
|
||||
//ssh_options_set(my_ssh_session, SSH_OPTIONS_LOG_VERBOSITY_STR, &verbosity);
|
||||
//ssh_options_set(my_ssh_session, SSH_OPTIONS_STRICTHOSTKEYCHECK, 0);
|
||||
int sshTimeout = gTimeOut + 1;
|
||||
ssh_options_set(my_ssh_session, SSH_OPTIONS_TIMEOUT, &sshTimeout);
|
||||
|
||||
int rc = ssh_connect(my_ssh_session);
|
||||
|
||||
if (rc != SSH_OK)
|
||||
{
|
||||
ssh_disconnect(my_ssh_session);
|
||||
ssh_free(my_ssh_session);
|
||||
++offlines;
|
||||
return -2;
|
||||
}
|
||||
else
|
||||
{
|
||||
rc = ssh_userauth_password(my_ssh_session, NULL, pass);
|
||||
if (rc != SSH_AUTH_SUCCESS)
|
||||
{
|
||||
ssh_disconnect(my_ssh_session);
|
||||
ssh_free(my_ssh_session);
|
||||
return -1;
|
||||
};
|
||||
};
|
||||
ssh_disconnect(my_ssh_session);
|
||||
ssh_free(my_ssh_session);
|
||||
++ssh;
|
||||
return 0;
|
||||
}
|
||||
|
||||
char _get_ssh_banner(const char *ip, int port)
|
||||
{
|
||||
char recvBuff[256] = {0};
|
||||
std::string buffer;
|
||||
Connector::nConnect(ip, port, &buffer);
|
||||
|
||||
int sz = buffer.size();
|
||||
|
||||
if(sz != 0)
|
||||
{
|
||||
strncpy(recvBuff, buffer.c_str(), sz < 256 ? sz : 256);
|
||||
};
|
||||
|
||||
return *recvBuff;
|
||||
}
|
||||
|
||||
int check_ssh_pass(char *user, char *pass, char *userPass, const char *host, int port, std::string *buffer, const char *banner)
|
||||
{
|
||||
int res = -1;
|
||||
if(BALogSwitched) stt->doEmitionBAData("Probing SSH: " + QString(user) + ":" + QString(pass) + "@" + QString(host) + ":" + QString::number(port));
|
||||
res = _sshConnect(user, pass, host, port);
|
||||
if(res == 0)
|
||||
{
|
||||
stt->doEmition_BAGreenData("[+] SSH: " + QString(user) + ":" + QString(pass) + "@" + QString(host));
|
||||
buffer->append(userPass);
|
||||
buffer->append("@");
|
||||
buffer->append(host);
|
||||
buffer->append("|+|");
|
||||
buffer->append(banner);
|
||||
return 0;
|
||||
};
|
||||
return res;
|
||||
}
|
||||
|
||||
int _EstablishSSHConnection(const char* host, int port, std::string *buffer, const char *banner)
|
||||
{
|
||||
char login[32] = {0};
|
||||
char pass[32] = {0};
|
||||
char temp[64] = {0};
|
||||
BruteUtils::BConInc();
|
||||
int sz = 0;
|
||||
char *ptr1 = 0;
|
||||
int res = -1;
|
||||
|
||||
for(int i = 0; i < MaxSSHPass; ++i)
|
||||
{
|
||||
if(!globalScanFlag) break;
|
||||
strcpy(temp, sshlpLst[i]);
|
||||
ptr1 = strstr(temp, ":");
|
||||
sz = ptr1 - temp;
|
||||
strncpy(login, temp, sz);
|
||||
strcpy(pass, ptr1 + 1);
|
||||
res = check_ssh_pass(login, pass, temp, host, port, buffer, banner);
|
||||
ZeroMemory(login, sizeof(login));
|
||||
ZeroMemory(pass, sizeof(pass));
|
||||
ZeroMemory(temp, sizeof(temp));
|
||||
|
||||
if(res == 0)
|
||||
{
|
||||
if(i == 0) return -2; //Failhit
|
||||
BruteUtils::BConDec();
|
||||
return 1;
|
||||
}
|
||||
else if(res == -2)
|
||||
{
|
||||
BruteUtils::BConDec();
|
||||
return -2;
|
||||
};
|
||||
|
||||
Sleep(500);
|
||||
};
|
||||
BruteUtils::BConDec();
|
||||
return -1;
|
||||
}
|
||||
|
||||
QString strIP;
|
||||
QString strPort;
|
||||
int Connector::_SSHLobby(std::string ip, int port, std::string *buffer)
|
||||
{
|
||||
const char &banner = _get_ssh_banner(ip.c_str(), port);
|
||||
if(strlen(&banner) > 0)
|
||||
{
|
||||
return _EstablishSSHConnection(ip.c_str(), port, buffer, &banner);
|
||||
};
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
struct data {
|
||||
char trace_ascii; /* 1 or 0 */
|
||||
};
|
||||
@ -299,8 +163,9 @@ int Connector::nConnect(const char* ip, const int port, std::string *buffer,
|
||||
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, chunk);
|
||||
}
|
||||
|
||||
if (lpString != NULL) {
|
||||
curl_easy_setopt(curl, CURLOPT_HTTPAUTH, (long)CURLAUTH_ANY);
|
||||
if (lpString != NULL) {
|
||||
curl_easy_setopt(curl, CURLOPT_HTTPAUTH, (long)CURLAUTH_ANY);
|
||||
curl_easy_setopt(curl, CURLOPT_UNRESTRICTED_AUTH, 1L);
|
||||
curl_easy_setopt(curl, CURLOPT_FTPLISTONLY, 1L);
|
||||
curl_easy_setopt(curl, CURLOPT_USERPWD, lpString->c_str());
|
||||
};
|
||||
@ -375,7 +240,7 @@ int Connector::_ConnectToPort(string ip, int port, char *hl)
|
||||
std::string buffer;
|
||||
int size = 0;
|
||||
|
||||
if (port == 22) size = _SSHLobby(ip.c_str(), port, &buffer);
|
||||
if (port == 22) size = SSHAuth::SSHLobby(ip.c_str(), port, &buffer);
|
||||
else size = nConnect(ip.c_str(), port, &buffer);
|
||||
|
||||
if(size > 0)
|
||||
|
@ -4,6 +4,7 @@
|
||||
#include "externData.h"
|
||||
#include "Utils.h"
|
||||
#include "BruteUtils.h"
|
||||
#include "SSHAuth.h"
|
||||
#include "STh.h"
|
||||
|
||||
#if defined(WIN32) || defined(_WIN32) || defined(__WIN32) && !defined(__CYGWIN__)
|
||||
|
@ -9,7 +9,7 @@ bool FTPA::checkOutput(const string *buffer) {
|
||||
return false;
|
||||
}
|
||||
|
||||
lopaStr FTPA::_FTPBrute(const char *ip, const int port, PathStr *ps) {
|
||||
lopaStr FTPA::FTPBrute(const char *ip, const int port, PathStr *ps) {
|
||||
string buffer;
|
||||
string lpString;
|
||||
lopaStr lps;
|
||||
@ -54,11 +54,11 @@ lopaStr FTPA::_FTPBrute(const char *ip, const int port, PathStr *ps) {
|
||||
return lps;
|
||||
}
|
||||
|
||||
lopaStr FTPA::_FTPLobby(const char *ip, const int port, PathStr *ps) {
|
||||
lopaStr FTPA::FTPLobby(const char *ip, const int port, PathStr *ps) {
|
||||
while(BrutingThrds >= gMaxBrutingThreads) Sleep(1000);
|
||||
|
||||
BruteUtils::BConInc();
|
||||
const lopaStr &lps = _FTPBrute(ip, port, ps);
|
||||
const lopaStr &lps = FTPBrute(ip, port, ps);
|
||||
BruteUtils::BConDec();
|
||||
|
||||
return lps;
|
||||
|
@ -10,10 +10,10 @@
|
||||
class FTPA {
|
||||
private:
|
||||
static bool checkOutput(const string *buffer);
|
||||
static lopaStr _FTPBrute(const char *ip, const int port, PathStr *ps);
|
||||
static lopaStr FTPBrute(const char *ip, const int port, PathStr *ps);
|
||||
|
||||
public:
|
||||
static lopaStr _FTPLobby(const char *ip, const int port, PathStr *ps);
|
||||
static lopaStr FTPLobby(const char *ip, const int port, PathStr *ps);
|
||||
};
|
||||
|
||||
#endif // FTPAUTH_H
|
||||
|
133
SSHAuth.cpp
Normal file
133
SSHAuth.cpp
Normal file
@ -0,0 +1,133 @@
|
||||
#include "SSHAuth.h"
|
||||
|
||||
int _sshConnect(char *user, char *pass, const char *host, int port)
|
||||
{
|
||||
char hostStr[128] = {0};
|
||||
ZeroMemory(hostStr, sizeof(hostStr));
|
||||
strcpy(hostStr, user);
|
||||
strcat(hostStr, "@");
|
||||
strcat(hostStr, host);
|
||||
|
||||
ssh_session my_ssh_session = ssh_new();
|
||||
if (my_ssh_session == NULL)
|
||||
{
|
||||
ssh_free(my_ssh_session);
|
||||
return -1;
|
||||
};
|
||||
|
||||
ssh_options_set(my_ssh_session, SSH_OPTIONS_HOST, hostStr);
|
||||
ssh_options_set(my_ssh_session, SSH_OPTIONS_PORT, &port);
|
||||
int sshTimeout = gTimeOut + 1;
|
||||
ssh_options_set(my_ssh_session, SSH_OPTIONS_TIMEOUT, &sshTimeout);
|
||||
|
||||
int rc = ssh_connect(my_ssh_session);
|
||||
|
||||
if (rc != SSH_OK)
|
||||
{
|
||||
ssh_disconnect(my_ssh_session);
|
||||
ssh_free(my_ssh_session);
|
||||
++offlines;
|
||||
return -2;
|
||||
}
|
||||
else
|
||||
{
|
||||
rc = ssh_userauth_password(my_ssh_session, NULL, pass);
|
||||
if (rc != SSH_AUTH_SUCCESS)
|
||||
{
|
||||
ssh_disconnect(my_ssh_session);
|
||||
ssh_free(my_ssh_session);
|
||||
return -1;
|
||||
};
|
||||
};
|
||||
ssh_disconnect(my_ssh_session);
|
||||
ssh_free(my_ssh_session);
|
||||
++ssh;
|
||||
return 0;
|
||||
}
|
||||
|
||||
char _get_ssh_banner(const char *ip, int port)
|
||||
{
|
||||
char recvBuff[256] = {0};
|
||||
std::string buffer;
|
||||
Connector::nConnect(ip, port, &buffer);
|
||||
|
||||
int sz = buffer.size();
|
||||
|
||||
if(sz != 0)
|
||||
{
|
||||
strncpy(recvBuff, buffer.c_str(), sz < 256 ? sz : 256);
|
||||
};
|
||||
|
||||
return *recvBuff;
|
||||
}
|
||||
|
||||
int check_ssh_pass(char *user, char *pass, char *userPass, const char *host, int port, std::string *buffer, const char *banner)
|
||||
{
|
||||
int res = -1;
|
||||
if(BALogSwitched) stt->doEmitionBAData("Probing SSH: " + QString(user) + ":" + QString(pass) + "@" + QString(host) + ":" + QString::number(port));
|
||||
res = _sshConnect(user, pass, host, port);
|
||||
if(res == 0)
|
||||
{
|
||||
stt->doEmition_BAGreenData("[+] SSH: " + QString(user) + ":" + QString(pass) + "@" + QString(host));
|
||||
buffer->append(userPass);
|
||||
buffer->append("@");
|
||||
buffer->append(host);
|
||||
buffer->append("|+|");
|
||||
buffer->append(banner);
|
||||
return 0;
|
||||
};
|
||||
return res;
|
||||
}
|
||||
|
||||
int SSHBrute(const char* host, int port, std::string *buffer, const char *banner)
|
||||
{
|
||||
char login[32] = {0};
|
||||
char pass[32] = {0};
|
||||
char temp[64] = {0};
|
||||
BruteUtils::BConInc();
|
||||
int sz = 0;
|
||||
char *ptr1 = 0;
|
||||
int res = -1;
|
||||
|
||||
for(int i = 0; i < MaxSSHPass; ++i)
|
||||
{
|
||||
if(!globalScanFlag) break;
|
||||
strcpy(temp, sshlpLst[i]);
|
||||
ptr1 = strstr(temp, ":");
|
||||
sz = ptr1 - temp;
|
||||
strncpy(login, temp, sz);
|
||||
strcpy(pass, ptr1 + 1);
|
||||
res = check_ssh_pass(login, pass, temp, host, port, buffer, banner);
|
||||
ZeroMemory(login, sizeof(login));
|
||||
ZeroMemory(pass, sizeof(pass));
|
||||
ZeroMemory(temp, sizeof(temp));
|
||||
|
||||
if(res == 0)
|
||||
{
|
||||
if(i == 0) return -2; //Failhit
|
||||
BruteUtils::BConDec();
|
||||
return 1;
|
||||
}
|
||||
else if(res == -2)
|
||||
{
|
||||
BruteUtils::BConDec();
|
||||
return -2;
|
||||
};
|
||||
|
||||
Sleep(500);
|
||||
};
|
||||
BruteUtils::BConDec();
|
||||
return -1;
|
||||
}
|
||||
|
||||
QString strIP;
|
||||
QString strPort;
|
||||
int SSHAuth::SSHLobby(const char *ip, int port, std::string *buffer)
|
||||
{
|
||||
const char &banner = _get_ssh_banner(ip, port);
|
||||
if(strlen(&banner) > 0)
|
||||
{
|
||||
return SSHBrute(ip, port, buffer, &banner);
|
||||
};
|
||||
return -1;
|
||||
}
|
16
SSHAuth.h
Normal file
16
SSHAuth.h
Normal file
@ -0,0 +1,16 @@
|
||||
#ifndef SSHAUTH_H
|
||||
#define SSHAUTH_H
|
||||
|
||||
#include "Connector.h"
|
||||
#include "BruteUtils.h"
|
||||
#include "Utils.h"
|
||||
#include "externData.h"
|
||||
#include "mainResources.h"
|
||||
|
||||
class SSHAuth {
|
||||
public:
|
||||
static int SSHLobby(const char *ip,
|
||||
const int port,
|
||||
std::string *buffer);
|
||||
};
|
||||
#endif // SSHAUTH_H
|
@ -9,27 +9,9 @@
|
||||
#include "Utils.h"
|
||||
#include "BruteUtils.h"
|
||||
|
||||
#if defined(WIN32) || defined(_WIN32) || defined(__WIN32) && !defined(__CYGWIN__)
|
||||
#include <iphlpapi.h>
|
||||
#include <icmpapi.h>
|
||||
#pragma comment(lib, "iphlpapi.lib")
|
||||
#endif
|
||||
int gMaxBrutingThreads = 200;
|
||||
fd_set write_fs;
|
||||
|
||||
|
||||
int _countFTPDirectories(char *recvBuff){
|
||||
if(strcmp(recvBuff, "dummy\r\n") == 0) return 0;
|
||||
int dirCounter = 0;
|
||||
if(recvBuff[strlen(recvBuff) - 1] != '\n') strcat(recvBuff, "\n");
|
||||
char *dirPtr = strstr(recvBuff, "\n");
|
||||
while(dirPtr != NULL){
|
||||
++dirCounter;
|
||||
dirPtr = strstr(dirPtr + 1, "\n");
|
||||
};
|
||||
return dirCounter;
|
||||
}
|
||||
|
||||
bool debugWriteWait = false;
|
||||
void _DebugWriteHTMLToFile(char *request, char *buff)
|
||||
{
|
||||
@ -110,230 +92,6 @@ std::string toLowerStr(const char *str)
|
||||
} else return "";
|
||||
}
|
||||
|
||||
int OpenConnection(SOCKET *sock, const char *hostname, int port)
|
||||
{
|
||||
struct hostent *host;
|
||||
struct sockaddr_in addr;
|
||||
if(strlen(hostname) == 0)
|
||||
{
|
||||
return -1;
|
||||
};
|
||||
if(port < 0 || port > 65535)
|
||||
{
|
||||
return -1;
|
||||
};
|
||||
|
||||
if ( (host = gethostbyname(hostname)) == NULL )
|
||||
{
|
||||
++offlines;
|
||||
if(gNegDebugMode) stt->doEmitionDebugFoundData("[<a href=\"http://" + QString(hostname) + ":" + QString::number(port) + "/\"><font color=\"#0084ff\">" + QString(hostname) + ":" + QString::number(port) + "</font></a>" + "] Rejecting in _connection: Bad IP.");
|
||||
return -1;
|
||||
};
|
||||
*sock = socket(PF_INET, SOCK_STREAM, 0);
|
||||
ZeroMemory(&addr, sizeof(addr));
|
||||
addr.sin_family = AF_INET;
|
||||
addr.sin_port = htons(port);
|
||||
addr.sin_addr.s_addr = *(long*)(host->h_addr);
|
||||
if ( connect(*sock, (struct sockaddr*)&addr, sizeof(addr)) == SOCKET_ERROR )
|
||||
{
|
||||
++offlines;
|
||||
CSSOCKET(*sock);
|
||||
return -1;
|
||||
};
|
||||
return 0;
|
||||
}
|
||||
|
||||
//void _baSSLWorker(char *ip, char *request, char *rvBuff)
|
||||
//{
|
||||
// const SSL_METHOD *method = SSLv3_client_method(); /* Create new client-method instance */
|
||||
// SSL_CTX *ctx = SSL_CTX_new(method); /* Create new context */
|
||||
|
||||
// if(ctx != NULL)
|
||||
// {
|
||||
// SOCKET sock;
|
||||
// SSL_CTX_set_timeout(ctx, gTimeOut);
|
||||
// int result = OpenConnection(&sock, ip, 443);
|
||||
// if(result >= 0)
|
||||
// {
|
||||
// SSL *ssl = NULL;
|
||||
// ssl = SSL_new(ctx); /* create new SSL connection state */
|
||||
// if(ssl != NULL)
|
||||
// {
|
||||
// SSL_set_fd(ssl, sock); /* attach the socket descriptor */
|
||||
// if(SSL_connect(ssl))
|
||||
// {
|
||||
// SSL_write(ssl, request, strlen(request));
|
||||
// if(MapWidgetOpened) stt->doEmitionAddOutData(QString(request));
|
||||
|
||||
// char tempBuff[128] = {0};
|
||||
// int x = 1;
|
||||
// int xx = 0;
|
||||
|
||||
// ZeroMemory(rvBuff, sizeof(*rvBuff));
|
||||
// while(xx < 512)
|
||||
// {
|
||||
// x = SSL_read(ssl, tempBuff, sizeof(tempBuff));
|
||||
// if(x <= 0) break;
|
||||
// Activity += x;
|
||||
// xx += x;
|
||||
// strncat(rvBuff, tempBuff, x);
|
||||
// ZeroMemory(tempBuff, sizeof(tempBuff));
|
||||
// };
|
||||
|
||||
// if(MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString(rvBuff));
|
||||
// if(HTMLDebugMode) _DebugWriteHTMLToFile(request, rvBuff);
|
||||
// };
|
||||
// SSL_shutdown(ssl);
|
||||
// SSL_free(ssl);
|
||||
// CSSOCKET(sock);
|
||||
// SSL_CTX_free(ctx); /* release context */
|
||||
// return;
|
||||
// };
|
||||
// };
|
||||
// CSSOCKET(sock);
|
||||
// SSL_CTX_free(ctx); /* release context */
|
||||
// }
|
||||
// else
|
||||
// {
|
||||
// char buff1[512] = {0};
|
||||
// char buff2[512] = {0};
|
||||
|
||||
// ERR_error_string(ERR_peek_error(), buff1);
|
||||
// ERR_error_string(ERR_peek_last_error(), buff2);
|
||||
// stt->doEmitionRedFoundData(QString(ip) + " SSL(InitCTX) 1:" + QString(buff1) + " 2:" + QString(buff2));
|
||||
// };
|
||||
//}
|
||||
|
||||
char *_getAttributeValue(char *str, char *val, char *ip, int port)
|
||||
{
|
||||
char res[1024] = {0};
|
||||
char *ptrStart = NULL;
|
||||
char *ptrS1End = NULL;
|
||||
char *ptrS2End = NULL;
|
||||
|
||||
ptrStart = strstri(str, val);
|
||||
if(ptrStart != NULL)
|
||||
{
|
||||
if(strstri(ptrStart, "qop=auth") != NULL) return "auth";
|
||||
ptrS1End = _findFirst(ptrStart, "\"");
|
||||
if(ptrS1End != NULL)
|
||||
{
|
||||
ptrS2End = _findFirst(ptrS1End + 1, "\"");
|
||||
if(ptrS2End != NULL)
|
||||
{
|
||||
int sz = ptrS2End - ptrS1End - 1;
|
||||
|
||||
if(sz != 0 && sz < 1024) strncpy(res, ptrS1End + 1, sz);
|
||||
else return "";
|
||||
|
||||
return res;
|
||||
}
|
||||
else
|
||||
{
|
||||
stt->doEmitionRedFoundData("[_getAttributeValue] Error retrieving value: \"" + QString(val) + "\" IP:<a style=\"color:#819121;\" href=\"http://" + QString(ip) + ":" + QString::number(port) + "/\">" + QString(ip) + ":" + QString::number(port) + "</a>");
|
||||
return "";
|
||||
};
|
||||
}
|
||||
else
|
||||
{
|
||||
stt->doEmitionRedFoundData("[_getAttributeValue] Error retrieving value: \"" + QString(val) + "\" IP:<a style=\"color:#919121;\" href=\"http://" + QString(ip) + ":" + QString::number(port) + "/\">" + QString(ip) + ":" + QString::number(port) + "</a>");
|
||||
return "";
|
||||
};
|
||||
}
|
||||
else
|
||||
{
|
||||
stt->doEmitionRedFoundData("[_getAttributeValue] Error retrieving value: \"" + QString(val) + "\" IP:<a style=\"color:#819121;\" href=\"http://" + QString(ip) + ":" + QString::number(port) + "/\">" + QString(ip) + ":" + QString::number(port) + "</a>");
|
||||
return "";
|
||||
};
|
||||
}
|
||||
|
||||
#define HASHLEN 16
|
||||
typedef char HASH[HASHLEN];
|
||||
#define HASHHEXLEN 32
|
||||
typedef char HASHHEX[HASHHEXLEN+1];
|
||||
#define IN
|
||||
#define OUT
|
||||
void CvtHex(
|
||||
IN HASH Bin,
|
||||
OUT HASHHEX Hex
|
||||
)
|
||||
{
|
||||
unsigned short i;
|
||||
unsigned char j;
|
||||
|
||||
for (i = 0; i < HASHLEN; i++) {
|
||||
j = (Bin[i] >> 4) & 0xf;
|
||||
if (j <= 9)
|
||||
Hex[i*2] = (j + '0');
|
||||
else
|
||||
Hex[i*2] = (j + 'a' - 10);
|
||||
j = Bin[i] & 0xf;
|
||||
if (j <= 9)
|
||||
Hex[i*2+1] = (j + '0');
|
||||
else
|
||||
Hex[i*2+1] = (j + 'a' - 10);
|
||||
};
|
||||
Hex[HASHHEXLEN] = '\0';
|
||||
};
|
||||
char *_makeDigestResponse(
|
||||
char *login,
|
||||
char *realm,
|
||||
char *pass,
|
||||
char *path,
|
||||
char *nonce,
|
||||
char *pszNonceCount,
|
||||
char *pszCNonce,
|
||||
char *pszQop
|
||||
)
|
||||
{
|
||||
char HA1[MD5_DIGEST_LENGTH];
|
||||
char HA2[MD5_DIGEST_LENGTH];
|
||||
char HA1Data[512] = {0};
|
||||
char HA2Data[512] = {0};
|
||||
|
||||
strcpy(HA1Data, login);
|
||||
strcat(HA1Data, ":");
|
||||
strcat(HA1Data, realm);
|
||||
strcat(HA1Data, ":");
|
||||
strcat(HA1Data, pass);
|
||||
|
||||
strcpy(HA2Data, "GET:");
|
||||
strcat(HA2Data, path);
|
||||
|
||||
MD5((unsigned char*) HA1Data, strlen(HA1Data), (unsigned char*)HA1);
|
||||
MD5((unsigned char*) HA2Data, strlen(HA2Data), (unsigned char*)HA2);
|
||||
|
||||
char responseData[512] = {0};
|
||||
char *HA1MD5 = new char[64];
|
||||
char *HA2MD5 = new char[64];
|
||||
ZeroMemory(HA1MD5, 64);
|
||||
ZeroMemory(HA2MD5, 64);
|
||||
|
||||
CvtHex(HA1, HA1MD5);
|
||||
strcpy(responseData, HA1MD5);
|
||||
strcat(responseData, ":");
|
||||
strcat(responseData, nonce);
|
||||
strcat(responseData, ":");
|
||||
if (*pszQop != NULL) {
|
||||
strcat(responseData, pszNonceCount);
|
||||
strcat(responseData, ":");
|
||||
strcat(responseData, pszCNonce);
|
||||
strcat(responseData, ":");
|
||||
strcat(responseData, pszQop);
|
||||
strcat(responseData, ":");
|
||||
};
|
||||
CvtHex(HA2, HA2MD5);
|
||||
strcat(responseData, HA2MD5);
|
||||
delete []HA1MD5;
|
||||
delete []HA2MD5;
|
||||
|
||||
char response[MD5_DIGEST_LENGTH];
|
||||
MD5((unsigned char*) responseData, strlen(responseData), (unsigned char*)response);
|
||||
char responseMD5[64] = {0};
|
||||
CvtHex(response, responseMD5);
|
||||
return (char*)responseMD5;
|
||||
}
|
||||
|
||||
int _webLoginSeq(char *request, char *login, char *pass, const char *ip, int port, int passCounter, char *type, std::vector<char*> negVector)
|
||||
{
|
||||
char recvBuff[256] = {0};
|
||||
|
17
finder.cpp
17
finder.cpp
@ -6,6 +6,7 @@
|
||||
#include "Connector.h"
|
||||
#include "BasicAuth.h"
|
||||
#include "FTPAuth.h"
|
||||
#include "SSHAuth.h"
|
||||
#include <memory>
|
||||
|
||||
char* strstri(const char *_Str, const char *_SubStr)
|
||||
@ -1185,7 +1186,7 @@ void _specBrute(const char *ip, int port,
|
||||
char tport[32] = {0};
|
||||
sprintf(tport, ":%d", port);
|
||||
|
||||
const lopaStr &lps = BA::_BALobby((string(ip) + string(path)).c_str(), port);
|
||||
const lopaStr &lps = BA::BALobby((string(ip) + string(path)).c_str(), port);
|
||||
|
||||
if(strstr(lps.login, "UNKNOWN") == NULL && strlen(lps.other) == 0)
|
||||
{
|
||||
@ -1360,14 +1361,12 @@ void _saveSSH(const char *ip, int port, int recd, const char *buffcpy)
|
||||
|
||||
int Lexems::_filler(int p, const char* buffcpy, char* ip, int recd, Lexems *lx, char *hl)
|
||||
{
|
||||
if( strstr(buffcpy, "SSH-2.0-OpenSSH") != NULL || strstr(buffcpy, "SSH-2.0-mod_sftp") != NULL)
|
||||
if( strstr(buffcpy, "SSH-2.0-OpenSSH") != NULL ||
|
||||
strstr(buffcpy, "SSH-2.0-mod_sftp") != NULL)
|
||||
{
|
||||
std::string sshBuff;
|
||||
int res = Connector::_SSHLobby(ip, p, &sshBuff);
|
||||
if(res != -1 && res != -2)
|
||||
{
|
||||
_saveSSH(ip, p, recd, (char*)sshBuff.c_str());
|
||||
};
|
||||
int res = SSHAuth::SSHLobby(ip, p, &sshBuff);
|
||||
if(res != -1 && res != -2) _saveSSH(ip, p, recd, (char*)sshBuff.c_str());
|
||||
return -1;
|
||||
};
|
||||
|
||||
@ -1430,7 +1429,7 @@ int Lexems::_filler(int p, const char* buffcpy, char* ip, int recd, Lexems *lx,
|
||||
char log[2048] = {0};
|
||||
char logEmit[2048] = {0};
|
||||
|
||||
const lopaStr &lps = FTPA::_FTPLobby(ip, p, &ps);
|
||||
const lopaStr &lps = FTPA::FTPLobby(ip, p, &ps);
|
||||
|
||||
if(strstr(lps.other, "ROUTER") != NULL)
|
||||
{
|
||||
@ -1630,7 +1629,7 @@ int Lexems::_filler(int p, const char* buffcpy, char* ip, int recd, Lexems *lx,
|
||||
char log[512] = {0};
|
||||
++AnomC1;
|
||||
|
||||
const lopaStr &lps = BA::_BALobby((string(ip) + "/~login").c_str(), p);
|
||||
const lopaStr &lps = BA::BALobby((string(ip) + "/~login").c_str(), p);
|
||||
sprintf(log, "[HFS]:<font color=\"#ff6600\">%s :: </font><a href=\"http://%s:%s/\"><span style=\"color: #a1a1a1;\">%s:%s</span></a><font color=\"#0084ff\"> T: </font><font color=\"#ff9600\">%s Pass: %s:%s</font>",
|
||||
hl, ip, port, ip, port, finalstr, lps.login, lps.pass);
|
||||
|
||||
|
@ -40,7 +40,8 @@ SOURCES +=\
|
||||
BruteUtils.cpp \
|
||||
BasicAuth.cpp \
|
||||
FTPAuth.cpp \
|
||||
Threader.cpp
|
||||
Threader.cpp \
|
||||
SSHAuth.cpp
|
||||
|
||||
|
||||
HEADERS += ActivityDrawerTh_HorNet.h \
|
||||
@ -67,7 +68,8 @@ HEADERS += ActivityDrawerTh_HorNet.h \
|
||||
BasicAuth.h \
|
||||
BruteUtils.h \
|
||||
FTPAuth.h \
|
||||
Threader.h
|
||||
Threader.h \
|
||||
SSHAuth.h
|
||||
|
||||
FORMS += nesca_3.ui
|
||||
|
||||
|
@ -22,4 +22,5 @@ admin:123123
|
||||
admin:654321
|
||||
root:password
|
||||
admin:pasword
|
||||
test:test
|
||||
test:test
|
||||
root:1qazXSW@
|
||||
|
Loading…
Reference in New Issue
Block a user