This commit is contained in:
cora32 2016-05-03 02:11:20 +03:00
parent 5cee601c87
commit 35f1675622
5 changed files with 46 additions and 9 deletions

View File

@ -241,7 +241,7 @@ int pConnect(const char* ip, const int port, std::string *buffer,
if (res == 6) return -2;
else if (res != 13 &&
res != 67 &&
res != 52 &&
res != CURLE_GOT_NOTHING &&
res != 56 &&
res != 35 &&
res != 19 &&

View File

@ -45,9 +45,12 @@ lopaStr FTPA::FTPBrute(const char *ip, const int port, PathStr *ps) {
return lps;
}
else if (res != -1) {
if (buffer.find("syslog") != -1 || buffer.find("CFG-PAGE") != -1) {
if (buffer.find("syslog") != -1 || buffer.find("CFG-PAGE") != -1
|| buffer.find("L3_default") != -1
|| buffer.find("avpport") != -1
) {
if (gNegDebugMode) {
stt->doEmitionDebugFoundData("Ignoring " + QString(ip) + " (syslog or CFG-PAGE)");
stt->doEmitionDebugFoundData("Ignoring " + QString(ip) + " (syslog or CFG-PAGE or L3_default or avpport)");
}
return lps;
}

View File

@ -3,6 +3,31 @@
#include "BruteUtils.h"
#include "FileUpdater.h"
#include <iomanip>
#include <sstream>
std::string urlEncode(const string &value) {
ostringstream escaped;
escaped.fill('0');
escaped << hex;
for (string::const_iterator i = value.begin(), n = value.end(); i != n; ++i) {
string::value_type c = (*i);
// Keep alphanumeric and other accepted characters intact
if (isalnum(c) || c == '-' || c == '_' || c == '.' || c == '~') {
escaped << c;
continue;
}
// Any other characters are percent-encoded
escaped << uppercase;
escaped << '%' << setw(2) << int((unsigned char)c);
escaped << nouppercase;
}
return escaped.str();
}
lopaStr IPC::IPCBrute(const char *ip, int port, char *SPEC, const std::string *cookie)
{
lopaStr lps = {"UNKNOWN", "", ""};
@ -195,8 +220,10 @@ lopaStr IPC::IPCBrute(const char *ip, int port, char *SPEC, const std::string *c
}
else if (strcmp(SPEC, "JUAN") == 0)
{
std::string &encodedLogin = urlEncode(std::string(login));
std::string &encodedPass = urlEncode(std::string(pass));
sprintf(request, "%s/cgi-bin/gw.cgi?xml=%%3Cjuan%%20ver=%%22%%22%%20squ=%%22%%22%%20dir=%%22%%22%%3E%%3Cenvload%%20type=%%220%%22%%20usr=%%22%s%%22%%20pwd=%%22%s%%22/%%3E%%3C/juan%%3E&_=1450923182693",
ip, login, pass);
ip, encodedLogin.c_str(), encodedPass.c_str());
}
else if (strcmp(SPEC, "ACTi") == 0)
{

View File

@ -482,8 +482,8 @@ int sharedDetector(const char * ip, int port, const std::string *buffcpy, const
&& Utils::ustrstr(buffcpy, "login.html?pg=index.html") != -1) return 1; //https NAS (https://90.224.187.151/)
if(((Utils::ustrstr(buffcpy, "220") != -1) && (port == 21)) ||
(Utils::ustrstr(buffcpy, "220 diskStation ftp server ready") != -1) ||
(Utils::ustrstr(buffcpy, "220 ftp server ready") != -1)
Utils::ustrstr(buffcpy, "220 diskStation ftp server ready") != -1 ||
Utils::ustrstr(buffcpy, "220 ftp server ready") != -1
|| Utils::ustrstr(buffcpy, "500 'get': command not understood") != -1
) return 3; // 3 - FTP
@ -2754,6 +2754,10 @@ std::string equivRedirectHandler(std::string *buff, char* ip, int port, Lexems *
buff->assign(buffcpy);
}
if (location.size() > 0 && location.at(0) != '/') {
location.insert(0, "/");
}
return location;
}
std::string getScriptField(std::string *buff) {
@ -2893,6 +2897,9 @@ std::string getHeader(const std::string *buffcpy, const int flag) {
if (STRSTR(buffcpy, "<frame name=\"mainframe\" src=\"main.html\"") != -1) {
return "[IPCam]";
}
else if (STRSTR(buffcpy, "CgiTagMenu?page=Top") != -1) {
return "[Panasonic IPCam]";
}
else if (STRSTR(buffcpy, "MOBOTIX AG") != -1) {
return "[Mobotic IPCam]";
}

View File

@ -1 +1 @@
272A0-7FA
272F7-6