diff --git a/ActivityDrawerTh_HorNet.cpp b/ActivityDrawerTh_HorNet.cpp index 36dd7d9..eb24e3b 100644 --- a/ActivityDrawerTh_HorNet.cpp +++ b/ActivityDrawerTh_HorNet.cpp @@ -1,5 +1,4 @@ #include "ActivityDrawerTh_HorNet.h" -#include "STh.h" void ActivityDrawerTh_HorNet::doEmitDrawActivityLine(QString data) { diff --git a/ActivityDrawerTh_HorNet.h b/ActivityDrawerTh_HorNet.h index 53ccc43..3e36599 100644 --- a/ActivityDrawerTh_HorNet.h +++ b/ActivityDrawerTh_HorNet.h @@ -2,7 +2,7 @@ #define ACTIVITYDRAWERTH_HORNET_H #pragma once -#include "nesca_3.h" +#include "STh.h" class ActivityDrawerTh_HorNet : public QThread { diff --git a/CheckKey_Th.h b/CheckKey_Th.h index 7c31e8f..d150d4a 100644 --- a/CheckKey_Th.h +++ b/CheckKey_Th.h @@ -2,8 +2,7 @@ #define CHECKKEY_TH_H #pragma once -#include "nesca_3.h" -#include "resource.h" +#include "STh.h" extern int emitIfOK; class CheckKey_Th : public QThread { diff --git a/DrawerTh_GridQoSScanner.cpp b/DrawerTh_GridQoSScanner.cpp index 1b813fa..c2d7b45 100644 --- a/DrawerTh_GridQoSScanner.cpp +++ b/DrawerTh_GridQoSScanner.cpp @@ -1,5 +1,4 @@ #include "DrawerTh_GridQoSScanner.h" -#include "STh.h" void DrawerTh_GridQoSScanner::doEmitAddLine() { diff --git a/DrawerTh_GridQoSScanner.h b/DrawerTh_GridQoSScanner.h index e544a0a..87d1290 100644 --- a/DrawerTh_GridQoSScanner.h +++ b/DrawerTh_GridQoSScanner.h @@ -2,8 +2,7 @@ #define DRAWERTH_GRIDQOSSCANNER_H #pragma once -#include "nesca_3.h" -#include "resource.h" +#include "STh.h" class DrawerTh_GridQoSScanner : public QThread { diff --git a/DrawerTh_ME2Scanner.h b/DrawerTh_ME2Scanner.h index fe1f0cd..0e1eda0 100644 --- a/DrawerTh_ME2Scanner.h +++ b/DrawerTh_ME2Scanner.h @@ -2,8 +2,7 @@ #define DRAWERTH_ME2SCANNER_H #pragma once -#include "nesca_3.h" -#include "resource.h" +#include "STh.h" class DrawerTh_ME2Scanner : public QThread { diff --git a/connector.cpp b/connector.cpp index 5f33a6e..8cf6568 100644 --- a/connector.cpp +++ b/connector.cpp @@ -50,7 +50,7 @@ void SSHConInc() }; void SSHConDec() { - while(SSHConnLocked == true) Sleep(8); + while(SSHConnLocked == true) Sleep(6); SSHConnLocked = true; if(BrutingThrds > 0) --BrutingThrds; @@ -143,21 +143,6 @@ string toLowerStr(const char *str) }; return ""; }; -SSL_CTX* InitCTX(void) -{ - const SSL_METHOD *method; - SSL_CTX *ctx; - - method = SSLv3_client_method(); /* Create new client-method instance */ - ctx = SSL_CTX_new(method); /* Create new context */ - SSL_CTX_set_timeout(ctx, gTimeOut); - if ( ctx == NULL ) - { - stt->doEmitionRedFoundData("SSL(InitCTX)."); - return NULL; - } - return ctx; -} int OpenConnection(SOCKET *sock, const char *hostname, int port) { struct hostent *host; @@ -176,23 +161,6 @@ int OpenConnection(SOCKET *sock, const char *hostname, int port) if ( (host = gethostbyname(hostname)) == NULL ) { ++offlines; - if(mode != 1) - { - char temp[256] = {0}; - strcpy(temp, "[Bad address ("); - - strcat(temp, hostname); - strcat(temp, ":"); - strcat(temp, std::to_string((long double)port).c_str()); - strcat(temp, "):"); - strcat(temp, std::to_string((long double)WSAGetLastError()).c_str()); - strcat(temp, "]"); - -#pragma region QTGUI_Area - stt->doEmitionRedFoundData("[SSL]: " + QString(temp)); -#pragma endregion - - }; if(gNegDebugMode) stt->doEmitionDebugFoundData("[" + QString(hostname) + ":" + QString::number(port) + "" + "] Rejecting in _connection: Bad IP."); return -1; }; @@ -213,7 +181,9 @@ int OpenConnection(SOCKET *sock, const char *hostname, int port) void _baSSLWorker(char *ip, char *request, char *rvBuff) { SSL_CTX *ctx = NULL; - ctx = InitCTX(); + const SSL_METHOD *method = SSLv3_client_method(); /* Create new client-method instance */ + ctx = SSL_CTX_new(method); /* Create new context */ + SSL_CTX_set_timeout(ctx, gTimeOut); SOCKET sock; if(ctx != NULL) { @@ -225,7 +195,6 @@ void _baSSLWorker(char *ip, char *request, char *rvBuff) if(ssl != NULL) { SSL_set_fd(ssl, sock); /* attach the socket descriptor */ - if(SSL_connect(ssl)) { SSL_write(ssl, request, strlen(request)); @@ -258,6 +227,10 @@ void _baSSLWorker(char *ip, char *request, char *rvBuff) }; closesocket(sock); /* close socket */ SSL_CTX_free(ctx); /* release context */ + } + else + { + stt->doEmitionRedFoundData("SSL(InitCTX)."); }; }; char *_getAttributeValue(char *str, char *val, char *ip, int port) @@ -270,6 +243,7 @@ char *_getAttributeValue(char *str, char *val, char *ip, int port) ptrStart = strstri(str, val); if(ptrStart != NULL) { + if(strstri(ptrStart, "qop=auth") != NULL) return "auth"; ptrS1End = _findFirstOcc(ptrStart, "\""); if(ptrS1End != NULL) { @@ -285,19 +259,19 @@ char *_getAttributeValue(char *str, char *val, char *ip, int port) } else { - stt->doEmitionRedFoundData("[_getAttributeValue] Error while retrieving value: \"" + QString(val) + "\" IP:" + QString(ip) + ":" + QString::number(port) + ""); + stt->doEmitionRedFoundData("[_getAttributeValue] Error retrieving value: \"" + QString(val) + "\" IP:" + QString(ip) + ":" + QString::number(port) + ""); return ""; }; } else { - stt->doEmitionRedFoundData("[_getAttributeValue] Error while retrieving value: \"" + QString(val) + "\" IP:" + QString(ip) + ":" + QString::number(port) + ""); + stt->doEmitionRedFoundData("[_getAttributeValue] Error retrieving value: \"" + QString(val) + "\" IP:" + QString(ip) + ":" + QString::number(port) + ""); return ""; }; } else { - stt->doEmitionRedFoundData("[_getAttributeValue] Error while retrieving value: \"" + QString(val) + "\" IP:" + QString(ip) + ":" + QString::number(port) + ""); + stt->doEmitionRedFoundData("[_getAttributeValue] Error retrieving value: \"" + QString(val) + "\" IP:" + QString(ip) + ":" + QString::number(port) + ""); return ""; }; }; @@ -388,7 +362,6 @@ char *_makeDigestResponse( CvtHex(response, responseMD5); return (char*)responseMD5; }; -volatile bool baSSLLocked = false; lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method) { if(strcmp(method, "[DIGEST]") != 0 && strcmp(method, "[NORMAL]") != 0) stt->doEmitionRedFoundData("[-] Unknown method IP: " + QString(ip) + ":" + QString::number(port) + + ""); @@ -403,8 +376,8 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method) int bTO; bool goon = false; - char hRqst[1024] = {0}; - char headerMsg[1024] = {0}; + char hRqst[REQUEST_MAX_SIZE] = {0}; + char headerMsg[REQUEST_MAX_SIZE] = {0}; char hMsgR[512] = {0}; strcpy(hRqst, "GET "); @@ -416,18 +389,18 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method) strcat(hRqst, "\r\nCookie: "); strcat(hRqst, cookie); }; - strcat(hRqst, "\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: en-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\n\r\n"); + strcat(hRqst, "\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: en-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nAuthorization: Basic bG9sa2E6bG9sa2F=\r\n\r\n"); sockaddr_in sockAddr; SOCKET sock; #pragma region VerifyBASSL if(port == 443) { - ZeroMemory(headerMsg, sizeof(headerMsg)); - while(baSSLLocked) Sleep(200); - baSSLLocked = true; + ZeroMemory(headerMsg, REQUEST_MAX_SIZE); +// while(baSSLLocked) Sleep(200); +// baSSLLocked = true; _baSSLWorker(ip, hRqst, headerMsg); - baSSLLocked = false; +// baSSLLocked = false; } #pragma endregion else @@ -441,18 +414,18 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method) else if(host=gethostbyname (ip)) ((unsigned long*) &sockAddr.sin_addr)[0] = ((unsigned long**)host->h_addr_list)[0][0]; else { -#pragma region QTGUI_Area - stt->doEmitionRedFoundData("[BA] Bad address! [" + QString(ip) + "]"); -#pragma endregion + OnLiner = 0; + strcpy(lps.login, "UNKNOWN"); + return lps; }; #else if(inet_addr(ip) != INADDR_NONE) sockAddr.sin_addr.s_addr = inet_addr(ip); else if(host=gethostbyname (ip)) ((unsigned long*) &sockAddr.sin_addr)[0] = ((unsigned long**)host->h_addr_list)[0][0]; else { -#pragma region QTGUI_Area - stt->doEmitionRedFoundData("[BA] Bad address! [" + QString(ip) + "]"); -#pragma endregion + OnLiner = 0; + strcpy(lps.login, "UNKNOWN"); + return lps; }; #endif SOCKET sock = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP ); @@ -460,7 +433,7 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method) send(sock, hRqst, strlen(hRqst), 0); if(MapWidgetOpened) stt->doEmitionAddOutData(QString(ip), QString(hRqst)); - ZeroMemory(headerMsg, sizeof(headerMsg)); + ZeroMemory(headerMsg, REQUEST_MAX_SIZE); int x = 1; int xx = 0; while(xx < 512) @@ -481,7 +454,12 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method) strcpy(lps.login, "UNKNOWN"); return lps; }; - if(strstr(headerMsg, "401 ") == NULL && strstr(headerMsg, ".1 401") == NULL && strstr(headerMsg, ".0 401") == NULL) + if(strstr(headerMsg, "401 ") == NULL + && strstr(headerMsg, ".1 401") == NULL + && strstr(headerMsg, ".0 401") == NULL + && strstr(headerMsg, "401") == NULL + && strstr(headerMsg, "Unauthorized") == NULL + ) { if(strstri(headerMsg, "400 Bad") != NULL) { @@ -492,7 +470,11 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method) OnLiner = 0; return lps; } - else if(strstri(headerMsg, "404 Not") != NULL || strstr(headerMsg, "404 ") != NULL || strstr(headerMsg, ".1 404") != NULL || strstr(headerMsg, ".0 404") != NULL) + else if(strstri(headerMsg, "404 Not") != NULL + || strstr(headerMsg, "404 ") != NULL + || strstr(headerMsg, ".1 404") != NULL + || strstr(headerMsg, ".0 404") != NULL + ) { if(strstr(path, "/axis-cgi/com/ptz.cgi?") != NULL) { @@ -511,6 +493,15 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method) return lps; }; } + else if( // + (strstr(headerMsg, ".1 403") != NULL // + || strstr(headerMsg, ".0 403") != NULL //Hikkvision2 + ) // + && strstr(headerMsg, "badAuthorization") != NULL // + ) + { + goon = true; + } else if(strlen(headerMsg) < 16) { goon = true; @@ -541,8 +532,7 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method) int cErrCode; int x = 1; int dataSz = 0; - int maxSize = 1024; - char request[4096] = {0}; + char request[REQUEST_MAX_SIZE] = {0}; char recvBuff[4096] = {0}; char recvBuff2[512] = {0}; char pass[256] = {0}; @@ -565,21 +555,21 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method) Sleep(80); if(globalScanFlag == false) break; - ZeroMemory(request, 4096); - ZeroMemory(curLogin, 256); - ZeroMemory(curPass, 256); + ZeroMemory(request, REQUEST_MAX_SIZE); + ZeroMemory(curLogin, sizeof(curLogin)); + ZeroMemory(curPass, sizeof(curPass)); strcpy(curLogin, loginLst[i]); strcpy(curPass, passLst[j]); if(strcmp(method, "[DIGEST]") == 0 && strstr(localBuff, "nonce=") != NULL) { - ZeroMemory(attribute, 2048); + ZeroMemory(attribute, sizeof(attribute)); strcpy(attribute, _getAttribute(localBuff, "WWW-Authenticate:")); - ZeroMemory(nonce, 512); + ZeroMemory(nonce, sizeof(nonce)); strcpy(nonce, _getAttributeValue(attribute, "nonce=", ip, port)); - ZeroMemory(realm, 512); + ZeroMemory(realm, sizeof(realm)); strcpy(realm, _getAttributeValue(attribute, "realm=", ip, port)); - ZeroMemory(qop, 64); + ZeroMemory(qop, sizeof(qop)); if(strstri(attribute, "qop") != NULL) { strcpy(qop, _getAttributeValue(attribute, "qop=", ip, port)); @@ -594,6 +584,7 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method) strcat(request, "\r\nCookie: "); strcat(request, cookie); }; + strcat(request, "\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: en-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nAuthorization: Digest username=\""); strcat(request, curLogin); strcat(request, "\", realm=\""); @@ -606,23 +597,21 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method) strcat(request, _makeDigestResponse(curLogin, realm, curPass, path, nonce, "10000001", "9d531d56796e0dc9", qop)); if(strstri(attribute, "opaque") != NULL) { - ZeroMemory(opaque, 512); + ZeroMemory(opaque, sizeof(opaque)); strcpy(opaque, _getAttributeValue(attribute, "opaque=", ip, port)); strcat(request, "\", opaque=\""); strcat(request, opaque); }; - //strcat(request, "\""); strcat(request, "\", nc=10000001, cnonce=\"9d531d56796e0dc9\""); strcat(request, "\r\nConnection: close\r\n\r\n"); } else { - ZeroMemory(tPass, 256); + ZeroMemory(tPass, sizeof(tPass)); strncpy(tPass, curLogin, strlen(curLogin)); strcat(tPass, ":"); strncat(tPass, curPass, strlen(curPass)); encoded = base64_encode((const unsigned char *)tPass, strlen(tPass)); - strcpy(tPass, base64_decode(encoded).c_str()); strcpy(request, "GET "); strcat(request, path); strcat(request, " HTTP/1.1\r\nHost: "); @@ -632,6 +621,7 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method) strcat(request, "\r\nCookie: "); strcat(request, cookie); }; + strcat(request, "\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: en-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nAuthorization: Basic "); strcat(request, encoded.c_str()); strcat(request, "\r\nConnection: close\r\n\r\n"); @@ -640,12 +630,13 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method) #pragma region BABSEQ-HTTPS if(port == 443) { - ZeroMemory(recvBuff, 4096); - while(baSSLLocked) Sleep(100); - baSSLLocked = true; + ZeroMemory(recvBuff, sizeof(recvBuff)); +// while(baSSLLocked) Sleep(100); +// baSSLLocked = true; if(BALogSwitched) stt->doEmitionBAData("Probing SSL:BA " + QString(ip) + ":" + QString::number(port) + "; login/pass: "+ QString(tPass) + ";"); _baSSLWorker(ip, request, recvBuff); - baSSLLocked = false; + dataSz = strlen(recvBuff); +// baSSLLocked = false; } #pragma endregion else @@ -673,17 +664,15 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method) { if(MapWidgetOpened) stt->doEmitionAddOutData(QString(ip), QString(request)); dataSz = 0; - maxSize = 1024; - ZeroMemory(recvBuff2, 512); - ZeroMemory(recvBuff, 4096); + ZeroMemory(recvBuff2, sizeof(recvBuff2)); + ZeroMemory(recvBuff, sizeof(recvBuff)); while (x > 0 && dataSz < 3384) { - ZeroMemory(recvBuff2, 512); - x = recvWT(sock, recvBuff2, 512, gTimeOut + 5, &bTO); + ZeroMemory(recvBuff2, sizeof(recvBuff2)); + x = recvWT(sock, recvBuff2, sizeof(recvBuff2), gTimeOut + 5, &bTO); dataSz += x; Activity += x; - strncat(recvBuff, recvBuff2, x); }; if(BALogSwitched) stt->doEmitionBAData("Checked BA: " + QString(ip) + ":" + QString::number(port) + "; login/pass: " + QString(curLogin) + ":" + QString(curPass) + "; - Progress: (" + QString::number((passCounter++/(double)(MaxPass*MaxLogin)) * 100).mid(0, 4) + "%)"); @@ -721,7 +710,6 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method) }; #pragma endregion - if(globalScanFlag == false) break; if(MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString(recvBuff)); if(dataSz == 0) @@ -730,16 +718,14 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method) --j; continue; }; - if(strcmp(method, "[DIGEST]") == 0) { - ZeroMemory(localBuff, 4096); + ZeroMemory(localBuff, sizeof(localBuff)); strcpy(localBuff, recvBuff); }; if(strstri(recvBuff, "http/1.1 401") == NULL || strstri(recvBuff, "http/1.0 401") == NULL - //|| (strstri(recvBuff, "401") != NULL && strstri(recvBuff, "unauthorized") != NULL) ) { ///dummy/// @@ -776,14 +762,11 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method) } else if( (strstri(recvBuff, "200 ok") != NULL || strstri(recvBuff, "http/1.0 200") != NULL - ) - //&& strstri(recvBuff, "access forbidden") == NULL - //&& strstri(recvBuff, "authentication required") == NULL - //&& strstri(recvBuff, "authentication failed") == NULL + ) && strstri(recvBuff, "http/1.1 401 ") == NULL && strstri(recvBuff, "http/1.0 401 ") == NULL - //&& strstri(recvBuff, "401 unauthorized") == NULL - //&& strstri(recvBuff, "401 authorization") == NULL + && strstr(headerMsg, "401") == NULL + && strstr(headerMsg, "Unauthorized") == NULL && dataSz > 13 ) { @@ -793,7 +776,7 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method) && strstri(recvBuff, "access forbidden") == NULL ) { - ZeroMemory(pass, 256); + ZeroMemory(pass, sizeof(pass)); strcpy(pass, ip); strcat(pass, " - Password found: "); strcat(pass, tPass); @@ -801,13 +784,12 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method) stt->doEmition_BAGreenData("[+] " + QString(pass)); strcpy(lps.login, curLogin); strcpy(lps.pass, curPass); - return lps; }; } else { - ZeroMemory(pass, 256); + ZeroMemory(pass, sizeof(pass)); strcpy(pass, ip); strcat(pass, " - Password found: "); strcat(pass, tPass); @@ -825,26 +807,19 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method) if(strcmp(tempHeaderCode, "302") == 0 && strcmp(tempHeaderCode, "200") == 0) stt->doEmitionYellowFoundData("[+] No/unexpected HTTP header detected (" + QString(tempHeaderCode) + ") IP: " + QString(ip) + ":" + QString::number(port) + ""); strcpy(lps.login, curLogin); strcpy(lps.pass, curPass); - - return lps; - } - else - { - stt->doEmitionYellowFoundData("[+] No/unexpected HTTP header detected (?) IP: " + QString(ip) + ":" + QString::number(port) + ""); - strcpy(lps.login, curLogin); - strcpy(lps.pass, curPass); - return lps; }; - } - else - { - stt->doEmitionYellowFoundData("[+] No/unexpected HTTP header detected (?) IP: " + QString(ip) + ":" + QString::number(port) + ""); - strcpy(lps.login, curLogin); - strcpy(lps.pass, curPass); - - return lps; }; + stt->doEmitionYellowFoundData("[+] No/unexpected HTTP header detected (?) IP: " + QString(ip) + ":" + QString::number(port) + ""); + strcpy(lps.login, curLogin); + strcpy(lps.pass, curPass); + return lps; + }; + if(strstr(recvBuff, "Set-Cookie:") != NULL) + { + ZeroMemory(cookie, COOKIE_MAX_SIZE); + strncpy(cookie, _getAttribute(recvBuff, "Set-Cookie:"), COOKIE_MAX_SIZE); + cookieLen = strlen(cookie); }; }; }; @@ -883,19 +858,17 @@ lopaStr _FTPBrute(char *ip, int port, PathStr *ps) if(inet_addr(ip) != INADDR_NONE) sockAddr.sin_addr.S_un.S_addr = inet_addr(ip); else if(host=gethostbyname (ip)) ((unsigned long*) &sockAddr.sin_addr)[0] = ((unsigned long**)host->h_addr_list)[0][0]; else - { -#pragma region QTGUI_Area - stt->doEmitionRedFoundData(QString("Bad address! (") + QString(ip) + ")"); -#pragma endregion + { + strcpy(lps.login, "UNKNOWN"); + return lps; }; #else if(inet_addr(ip) != INADDR_NONE) sockAddr.sin_addr.s_addr = inet_addr(ip); else if(host=gethostbyname (ip)) ((unsigned long*) &sockAddr.sin_addr)[0] = ((unsigned long**)host->h_addr_list)[0][0]; else { -#pragma region QTGUI_Area - stt->doEmitionRedFoundData("Bad address! [" + QString(ip) + "]"); -#pragma endregion + strcpy(lps.login, "UNKNOWN"); + return lps; }; #endif @@ -940,7 +913,7 @@ lopaStr _FTPBrute(char *ip, int port, PathStr *ps) { Sleep(100); if(globalScanFlag == false) break; - ZeroMemory(recvBuff, 1024); + ZeroMemory(recvBuff, sizeof(recvBuff)); x = recvWT(sockFTP, recvBuff, 1024, gTimeOut + 5, &bTO); if(x <= 0) break; if(MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString(recvBuff)); @@ -1009,7 +982,7 @@ lopaStr _FTPBrute(char *ip, int port, PathStr *ps) shutdown(sockFTP, SD_BOTH); closesocket(sockFTP); closedSocket = 1; - ZeroMemory(recvBuff, 1024); + ZeroMemory(recvBuff, sizeof(recvBuff)); break; }; @@ -1018,7 +991,7 @@ lopaStr _FTPBrute(char *ip, int port, PathStr *ps) shutdown(sockFTP, SD_BOTH); closesocket(sockFTP); closedSocket = 1; - ZeroMemory(recvBuff, 1024); + ZeroMemory(recvBuff, sizeof(recvBuff)); break; }; @@ -1028,7 +1001,7 @@ lopaStr _FTPBrute(char *ip, int port, PathStr *ps) shutdown(sockFTP, SD_BOTH); closesocket(sockFTP); closedSocket = 1; - ZeroMemory(recvBuff, 1024); + ZeroMemory(recvBuff, sizeof(recvBuff)); break; }; @@ -1046,7 +1019,7 @@ lopaStr _FTPBrute(char *ip, int port, PathStr *ps) closesocket(sockFTP); closedSocket = 1; if(j > 0) --j; - ZeroMemory(recvBuff, 1024); + ZeroMemory(recvBuff, sizeof(recvBuff)); Sleep(30000); break; } @@ -1057,7 +1030,7 @@ lopaStr _FTPBrute(char *ip, int port, PathStr *ps) else { loginFailedFlag = 1; - ZeroMemory(recvBuff, 1024); + ZeroMemory(recvBuff, sizeof(recvBuff)); break; }; strcat(request, "\r\n"); @@ -1066,7 +1039,7 @@ lopaStr _FTPBrute(char *ip, int port, PathStr *ps) if(MapWidgetOpened) stt->doEmitionAddOutData(QString(ip), QString(request)); Activity += strlen(request); - ZeroMemory(request, 64); + ZeroMemory(request, sizeof(request)); } else { @@ -1079,7 +1052,7 @@ lopaStr _FTPBrute(char *ip, int port, PathStr *ps) ) { loginFailedFlag = 1; - ZeroMemory(recvBuff, 1024); + ZeroMemory(recvBuff, sizeof(recvBuff)); break; } else if(strstr(recvBuff, "331") != NULL) @@ -1104,7 +1077,7 @@ lopaStr _FTPBrute(char *ip, int port, PathStr *ps) else { loginFailedFlag = 1; - ZeroMemory(recvBuff, 1024); + ZeroMemory(recvBuff, sizeof(recvBuff)); break; }; strcat(request, "\r\n"); @@ -1113,7 +1086,7 @@ lopaStr _FTPBrute(char *ip, int port, PathStr *ps) if(MapWidgetOpened) stt->doEmitionAddOutData(QString(ip), QString(request)); Activity += strlen(request); - ZeroMemory(request, 64); + ZeroMemory(request, sizeof(request)); if(BALogSwitched) stt->doEmitionBAData("Probing FTP: " + QString(ip) + ":" + QString::number(port) + "; login/pass: " + QString(loginLst[i]) + ":" + QString(passLst[j]) + "; - Progress: (" + QString::number((passCounter++/(double)(MaxPass*MaxLogin)) * 100).mid(0, 4) + "%)"); } @@ -1145,8 +1118,8 @@ lopaStr _FTPBrute(char *ip, int port, PathStr *ps) int x = 1, xx = 0; while(x != 0) { - ZeroMemory(recvBuff, 1024); - x = recvWT(sockFTP, recvBuff, 512, gTimeOut + 5, &bTO); + ZeroMemory(recvBuff, sizeof(recvBuff)); + x = recvWT(sockFTP, recvBuff, sizeof(recvBuff), gTimeOut + 5, &bTO); xx += x; if(xx < 1536) strncat(recvBuff2, recvBuff, x); else break; @@ -1270,7 +1243,7 @@ lopaStr _FTPBrute(char *ip, int port, PathStr *ps) shutdown(sockFTP, SD_BOTH); closesocket(sockFTP); closedSocket = 1; - ZeroMemory(recvBuff, 1024); + ZeroMemory(recvBuff, sizeof(recvBuff)); } else { @@ -1337,7 +1310,10 @@ int _sslConnectTo(char *iph, int porth, char *requesth, conSTR *CSTR) int resCode = 0; SOCKET sock; - SSL_CTX *ctx = InitCTX(); + SSL_CTX *ctx = NULL; + const SSL_METHOD *method = SSLv3_client_method(); /* Create new client-method instance */ + ctx = SSL_CTX_new(method); /* Create new context */ + SSL_CTX_set_timeout(ctx, gTimeOut); if(ctx != NULL) { resCode = OpenConnection(&sock, iph, porth); @@ -1353,8 +1329,8 @@ int _sslConnectTo(char *iph, int porth, char *requesth, conSTR *CSTR) int x = 256; char recvBuff[8192] = {0}; - recvBuff2 = new char[RECV_MAX_LENGTH]; - ZeroMemory(recvBuff2, RECV_MAX_LENGTH); + recvBuff2 = new char[RECV_MAX_SIZE]; + ZeroMemory(recvBuff2, RECV_MAX_SIZE); while (x > 0) { @@ -1365,7 +1341,7 @@ int _sslConnectTo(char *iph, int porth, char *requesth, conSTR *CSTR) bytes += x; Activity += x; - if( bytes > RECV_MAX_LENGTH ) + if( bytes > RECV_MAX_SIZE ) { if(strstri(recvBuff2, "http/1.") == NULL) { @@ -1459,6 +1435,7 @@ int _sslConnectTo(char *iph, int porth, char *requesth, conSTR *CSTR) }; }; }; + stt->doEmitionRedFoundData("SSL(InitCTX)."); return -1; }; int Connector::_EstablishSSLConnection(char *iph, int porth, char *requesth, conSTR *CSTR) @@ -1479,12 +1456,12 @@ int Connector::_EstablishConnection(char *ip, int port, char *requesth, conSTR * CSTR->lowerBuff = NULL; if(strlen(ip) == 0) { - if(gNegDebugMode) stt->doEmitionDebugFoundData("[" + QString(ip) + ":" + QString::number(port) + "" + "] Rejecting in _connection: Bad IP."); + stt->doEmitionDebugFoundData("[" + QString(ip) + ":" + QString::number(port) + "" + "] Rejecting in _connection: Bad IP."); return -1; }; if(port < 0 || port > 65535) { - if(gNegDebugMode) stt->doEmitionDebugFoundData("[" + QString(ip) + ":" + QString::number(port) + "" + "] Rejecting in _connection: Bad port."); + stt->doEmitionDebugFoundData("[" + QString(ip) + ":" + QString::number(port) + "" + "] Rejecting in _connection: Bad port."); return -1; }; @@ -1503,55 +1480,15 @@ int Connector::_EstablishConnection(char *ip, int port, char *requesth, conSTR * else { ++offlines; - if(mode != 1) - { - char temp[256] = {0}; - strcpy(temp, "[Bad address ("); - - strcat(temp, ip); - strcat(temp, ":"); - strcat(temp, std::to_string((long double)port).c_str()); - strcat(temp, "):"); - strcat(temp, std::to_string((long double)WSAGetLastError()).c_str()); - strcat(temp, "]"); - -#pragma region QTGUI_Area - stt->doEmitionRedFoundData(QString(temp)); -#pragma endregion - - }; return -1; - }; #else if(inet_addr(ip) != INADDR_NONE) sockAddr.sin_addr.s_addr = inet_addr(ip); else if(host=gethostbyname (ip)) ((unsigned long*) &sockAddr.sin_addr)[0] = ((unsigned long**)host->h_addr_list)[0][0]; else { - if(mode != 1) - { - ++offlines; - char temp[256] = {0}; - strcpy(temp, "[Bad address ("); - - strcat(temp, ip); - strcat(temp, ":"); - strcat(temp, std::to_string((long double)port).c_str()); - strcat(temp, "):"); - strcat(temp, std::to_string((long double)WSAGetLastError()).c_str()); - strcat(temp, "]"); - -#pragma region QTGUI_Area - stt->doEmitionRedFoundData(QString(temp)); -#pragma endregion - - return -1; - } - else - { - ++offlines; - return -1; - }; + ++offlines; + return -1; }; #endif @@ -1590,7 +1527,6 @@ int Connector::_EstablishConnection(char *ip, int port, char *requesth, conSTR * u_long FAR cmd = 1; if( ioctlsocket( sock , FIONBIO, &cmd ) != 0 ) #else - u_long cmd = 1; if( fcntl( sock , F_SETFL, O_NDELAY ) == -1 ) #endif { @@ -1610,16 +1546,13 @@ int Connector::_EstablishConnection(char *ip, int port, char *requesth, conSTR * closesocket(sock); } - int on = 1; - int status = setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (const char *) &on, sizeof(on)); - linger.l_onoff = 1; linger.l_linger = 30; - status = setsockopt(sock, SOL_SOCKET, SO_LINGER, (const char *) &linger, sizeof(linger)); + setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (const char *) &on, sizeof(on)); + setsockopt(sock, SOL_SOCKET, SO_LINGER, (const char *) &linger, sizeof(linger)); int iError, iResult = connect(sock, (sockaddr*)&sockAddr, sizeof(sockAddr)); - if(iResult == SOCKET_ERROR) { iError = WSAGetLastError(); @@ -1640,10 +1573,8 @@ int Connector::_EstablishConnection(char *ip, int port, char *requesth, conSTR * FD_SET(sock, &read_fs); timeval tv = { gTimeOut, 0 }; - int res2 = select(sock + 1, NULL, &read_fs, 0, &tv); - + iResult = select(sock + 1, NULL, &read_fs, 0, &tv); int cErrCode = WSAGetLastError(); - while(cErrCode == 10038) { if(gDebugMode) stt->doEmitionDebugFoundData("[ConnectTo] 10038 occured -- [" + QString(ip) + ":" + QString::number(port) + "]"); @@ -1653,14 +1584,14 @@ int Connector::_EstablishConnection(char *ip, int port, char *requesth, conSTR * FD_CLR(sock, &read_fs); sock = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP ); connect(sock, (sockaddr*)&sockAddr, sizeof(sockAddr)); - res2 = WSAGetLastError(); - if(res2 == 10038) continue; + iResult = WSAGetLastError(); + if(iResult == 10038) continue; FD_SET(sock, &read_fs); - res2 = select(sock + 1, NULL, &read_fs, 0, &tv); + iResult = select(sock + 1, NULL, &read_fs, 0, &tv); cErrCode = WSAGetLastError(); }; - if (res2 == SOCKET_ERROR) + if (iResult == SOCKET_ERROR) { ++offlines; char temp[128] = {0}; @@ -1674,86 +1605,46 @@ int Connector::_EstablishConnection(char *ip, int port, char *requesth, conSTR * #pragma region QTGUI_Area stt->doEmitionRedFoundData(QString(temp)); #pragma endregion - ZeroMemory(temp, strlen(temp)); + ZeroMemory(temp, sizeof(temp)); } else { - if (!res2) - { - ++offlines; - } + if (!iResult) ++offlines; else { if(send(sock, request, strlen(request), 0) != SOCKET_ERROR) { if(MapWidgetOpened) stt->doEmitionAddOutData(QString(ip), QString(request)); Activity += strlen(request); - cmd = 0; - Lexems fd; int x = 256; char recvBuff[4096] = {0}; - recvBuff2 = new char[RECV_MAX_LENGTH]; - ZeroMemory(recvBuff2, RECV_MAX_LENGTH); + recvBuff2 = new char[RECV_MAX_SIZE]; + ZeroMemory(recvBuff2, RECV_MAX_SIZE); int bTO; while (x > 0) { - ZeroMemory(recvBuff, 4096); - x = recvWT(sock, recvBuff, 4096, gTimeOut, &bTO); + ZeroMemory(recvBuff, sizeof(recvBuff)); + x = recvWT(sock, recvBuff, sizeof(recvBuff), gTimeOut, &bTO); if(x <= 0) break; - Activity += x; recvBuffSize += x; - - if( recvBuffSize > RECV_MAX_LENGTH ) + if( recvBuffSize > RECV_MAX_SIZE ) { - //if(strstri(recvBuff2, "http/1.") == NULL) - //{ - delete[] recvBuff2; - recvBuff2 = NULL; + delete[] recvBuff2; + recvBuff2 = NULL; - FD_CLR(sock, &read_fs); - shutdown(sock, SD_BOTH); - closesocket(sock); - ++Overl; + FD_CLR(sock, &read_fs); + shutdown(sock, SD_BOTH); + closesocket(sock); + ++Overl; - CSTR->lowerBuff = new char[11]; - strcpy(CSTR->lowerBuff, "[OVERFLOW]"); - CSTR->size = 10; - return 0; - //} - //else break; - }; - if(globalScanFlag == true || force) - { - if(x > 0) - { - memset((void*)(recvBuff + x), '\0', 1); - - strncat(recvBuff2, recvBuff, x); - if((strstr(recvBuff, "220") || strstr(recvBuff, "500 'GET':")) && port == 21) - { - break; - }; - - if(strstri(recvBuff, "220 FTP server ready") != NULL - || strstri(recvBuff, "220 DiskStation FTP server ready") != NULL - || strstri(recvBuff, "500 'GET': command not understood") != NULL - ) - { - delete[] recvBuff2; - recvBuff2 = NULL; - FD_CLR(sock, &read_fs); - shutdown(sock, SD_BOTH); - closesocket(sock); - - CSTR->lowerBuff = new char[recvBuffSize + 1]; - strcpy(CSTR->lowerBuff, recvBuff); - CSTR->size = recvBuffSize; - return 0; - }; - }; + CSTR->lowerBuff = new char[11]; + strcpy(CSTR->lowerBuff, "[OVERFLOW]"); + CSTR->size = 10; + return 0; }; + strncat(recvBuff2, recvBuff, x); }; } else @@ -1770,7 +1661,7 @@ int Connector::_EstablishConnection(char *ip, int port, char *requesth, conSTR * #pragma region QTGUI_Area stt->doEmitionRedFoundData(QString(temp)); #pragma endregion - ZeroMemory(temp, strlen(temp)); + ZeroMemory(temp, sizeof(temp)); }; }; }; @@ -1787,12 +1678,9 @@ int Connector::_EstablishConnection(char *ip, int port, char *requesth, conSTR * if(err == 10055) { strcpy(temp, "-Connection pool depleted- "); - #pragma region QTGUI_Area stt->doEmitionRedFoundData("[SOCKERR 10055] " + QString(temp) + QString(ip) + ":" + QString::number(port)); #pragma endregion - ZeroMemory(temp, strlen(temp)); - shutdown(sock, SD_BOTH); closesocket(sock); Sleep(60000); @@ -1806,13 +1694,9 @@ int Connector::_EstablishConnection(char *ip, int port, char *requesth, conSTR * strcat(temp, " - "); strcat(temp, std::to_string((long double)err).c_str()); strcat(temp, "]"); - #pragma region QTGUI_Area stt->doEmitionRedFoundData(QString(temp)); #pragma endregion - - ZeroMemory(temp, strlen(temp)); - shutdown(sock, SD_BOTH); closesocket(sock); } @@ -1830,9 +1714,6 @@ int Connector::_EstablishConnection(char *ip, int port, char *requesth, conSTR * #pragma region QTGUI_Area stt->doEmitionRedFoundData(QString(temp)); #pragma endregion - - ZeroMemory(temp, strlen(temp)); - shutdown(sock, SD_BOTH); closesocket(sock); }; @@ -1852,27 +1733,23 @@ int Connector::_EstablishConnection(char *ip, int port, char *requesth, conSTR * #pragma region QTGUI_Area stt->doEmitionRedFoundData(QString(temp)); #pragma endregion - ZeroMemory(temp, strlen(temp)); }; if( globalScanFlag == false && force == 0) { if(recvBuff2 != NULL) delete []recvBuff2; recvBuff2 = NULL; - return -1; }; if(recvBuff2 != NULL && recvBuffSize > 0) { if(MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString(recvBuff2)); - std::string res2 = ""; - if(strlen(recvBuff2) > recvBuffSize) recvBuffSize = strlen(recvBuff2); CSTR->lowerBuff = new char[recvBuffSize + 1]; - ZeroMemory(CSTR->lowerBuff, sizeof(CSTR->lowerBuff)); + ZeroMemory(CSTR->lowerBuff, recvBuffSize + 1); CSTR->size = recvBuffSize; strncpy(CSTR->lowerBuff, recvBuff2, recvBuffSize); - memset(CSTR->lowerBuff + (recvBuffSize), '\0', 1); + memset(CSTR->lowerBuff + recvBuffSize, '\0', 1); delete []recvBuff2; recvBuff2 = NULL; @@ -1911,8 +1788,10 @@ lopaStr _WFBrut(char *cookie, char *ip, int port, char *methodVal, char *actionV int passCounter = 1; for(int i = 0; i < MaxWFLogin; ++i) { + if(globalScanFlag == false) break; for(int j = firstCycle; j < MaxWFPass; ++j) { + if(globalScanFlag == false) break; CSTR.lowerBuff = NULL; CSTR.size = 0; cRes = 0; @@ -1985,7 +1864,7 @@ lopaStr _WFBrut(char *cookie, char *ip, int port, char *methodVal, char *actionV { if(i == 0) { - ZeroMemory(request, 2048); + ZeroMemory(request, sizeof(request)); OnLiner = 0; @@ -1994,7 +1873,7 @@ lopaStr _WFBrut(char *cookie, char *ip, int port, char *methodVal, char *actionV }; char pass[256] = {0}; - ZeroMemory(pass, 256); + ZeroMemory(pass, sizeof(pass)); strcpy(pass, ip); strcat(pass, " - Web Form password found: "); strcat(pass, wfLoginLst[i]); @@ -2011,7 +1890,7 @@ lopaStr _WFBrut(char *cookie, char *ip, int port, char *methodVal, char *actionV } else { - ZeroMemory(request, 2048); + ZeroMemory(request, sizeof(request)); OnLiner = 0; @@ -2020,7 +1899,7 @@ lopaStr _WFBrut(char *cookie, char *ip, int port, char *methodVal, char *actionV }; if(i == 0) ++i; - ZeroMemory(request, 2048); + ZeroMemory(request, sizeof(request)); }; firstCycle = 1; }; @@ -2031,8 +1910,10 @@ lopaStr _WFBrut(char *cookie, char *ip, int port, char *methodVal, char *actionV int firstCycle = 0; for(int i = 0; i < MaxWFLogin; ++i) { + if(globalScanFlag == false) break; for(int j = firstCycle; j < MaxWFPass; ++j) { + if(globalScanFlag == false) break; CSTR.lowerBuff = NULL; CSTR.size = 0; cRes = 0; @@ -2067,7 +1948,6 @@ lopaStr _WFBrut(char *cookie, char *ip, int port, char *methodVal, char *actionV if(port == 443) cRes = con._EstablishSSLConnection(ip, port, request, &CSTR); else cRes = con._EstablishConnection(ip, port, request, &CSTR); - if(CSTR.lowerBuff != NULL) { if(strstri(CSTR.lowerBuff, "501 not implemented") != NULL) @@ -2108,8 +1988,8 @@ lopaStr _WFBrut(char *cookie, char *ip, int port, char *methodVal, char *actionV { if(i == 0) { - ZeroMemory(request, 2048); - ZeroMemory(argData, 256); + ZeroMemory(request, sizeof(request)); + ZeroMemory(argData, sizeof(argData)); OnLiner = 0; @@ -2118,7 +1998,7 @@ lopaStr _WFBrut(char *cookie, char *ip, int port, char *methodVal, char *actionV }; char pass[256] = {0}; - ZeroMemory(pass, 256); + ZeroMemory(pass, sizeof(pass)); strcpy(pass, ip); strcat(pass, " - Web Form password found: "); strcat(pass, wfLoginLst[i]); @@ -2135,8 +2015,8 @@ lopaStr _WFBrut(char *cookie, char *ip, int port, char *methodVal, char *actionV } else { - ZeroMemory(request, 2048); - ZeroMemory(argData, 256); + ZeroMemory(request, sizeof(request)); + ZeroMemory(argData, sizeof(argData)); OnLiner = 0; @@ -2144,8 +2024,8 @@ lopaStr _WFBrut(char *cookie, char *ip, int port, char *methodVal, char *actionV return lps; }; if(i == 0) ++i; - ZeroMemory(request, 2048); - ZeroMemory(argData, 256); + ZeroMemory(request, sizeof(request)); + ZeroMemory(argData, sizeof(argData)); }; firstCycle = 1; }; @@ -2155,8 +2035,8 @@ lopaStr _WFBrut(char *cookie, char *ip, int port, char *methodVal, char *actionV stt->doEmitionFoundData("" + QString(ip) + ":" + QString::number(port) + " - [WF]: Unknown method."); }; - ZeroMemory(request, 2048); - ZeroMemory(argData, 256); + ZeroMemory(request, sizeof(request)); + ZeroMemory(argData, sizeof(argData)); OnLiner = 0; @@ -2176,13 +2056,11 @@ lopaStr Connector::_WFLobby(char *cookie, char *ip, int port, char *methodVal, c return res; }; #pragma endregion - #pragma region SSH - -int _sshConnect(char *user, char *pass, char *host) +int _sshConnect(char *user, char *pass, char *host, int port) { char hostStr[128] = {0}; - ZeroMemory(hostStr, 128); + ZeroMemory(hostStr, sizeof(hostStr)); strcpy(hostStr, user); strcat(hostStr, "@"); strcat(hostStr, host); @@ -2195,6 +2073,7 @@ int _sshConnect(char *user, char *pass, char *host) }; ssh_options_set(my_ssh_session, SSH_OPTIONS_HOST, hostStr); + ssh_options_set(my_ssh_session, SSH_OPTIONS_PORT, &port); //ssh_options_set(my_ssh_session, SSH_OPTIONS_LOG_VERBOSITY, &verbosity); //ssh_options_set(my_ssh_session, SSH_OPTIONS_LOG_VERBOSITY_STR, &verbosity); //ssh_options_set(my_ssh_session, SSH_OPTIONS_STRICTHOSTKEYCHECK, 0); @@ -2225,12 +2104,12 @@ int _sshConnect(char *user, char *pass, char *host) ++ssh; return 0; }; -char *_get_ssh_banner(char *ip) +char *_get_ssh_banner(char *ip, int port) { Connector con; conSTR CSTR; char recvBuff[256] = {0}; - con._EstablishConnection(ip, 22, "", &CSTR); + con._EstablishConnection(ip, port, "", &CSTR); if(CSTR.lowerBuff != NULL && CSTR.size != 0) { strncpy(recvBuff, CSTR.lowerBuff, CSTR.size < 256 ? CSTR.size : 256); @@ -2242,11 +2121,11 @@ char *_get_ssh_banner(char *ip) }; return recvBuff; }; -int check_ssh_pass(char *user, char *pass, char *userPass, char *host, conSTR *CSTR, char *banner) +int check_ssh_pass(char *user, char *pass, char *userPass, char *host, int port, conSTR *CSTR, char *banner) { int res = -1; - if(BALogSwitched) stt->doEmitionBAData("Probing SSH: " + QString(user) + ":" + QString(pass) + "@" + QString(host)); - res = _sshConnect(user, pass, host); + if(BALogSwitched) stt->doEmitionBAData("Probing SSH: " + QString(user) + ":" + QString(pass) + "@" + QString(host) + ":" + QString::number(port)); + res = _sshConnect(user, pass, host, port); if(res == 0) { stt->doEmition_BAGreenData("[+] SSH: " + QString(user) + ":" + QString(pass) + "@" + QString(host)); @@ -2266,7 +2145,7 @@ int check_ssh_pass(char *user, char *pass, char *userPass, char *host, conSTR *C }; return res; }; -int _EstablishSSHConnection(char *host, conSTR *CSTR, char *banner) +int _EstablishSSHConnection(char *host, int port, conSTR *CSTR, char *banner) { CSTR->lowerBuff = NULL; CSTR->size = 0; @@ -2286,28 +2165,22 @@ int _EstablishSSHConnection(char *host, conSTR *CSTR, char *banner) sz = ptr1 - temp; strncpy(login, temp, sz); strcpy(pass, ptr1 + 1); - res = check_ssh_pass(login, pass, temp, host, CSTR, banner); + res = check_ssh_pass(login, pass, temp, host, port, CSTR, banner); + ZeroMemory(login, sizeof(login)); + ZeroMemory(pass, sizeof(pass)); + ZeroMemory(temp, sizeof(temp)); if(res == 0) { - ZeroMemory(login, 32); - ZeroMemory(pass, 32); - ZeroMemory(temp, 64); SSHConDec(); OnLiner = 0; return 0; } else if(res == -2) { - ZeroMemory(login, 32); - ZeroMemory(pass, 32); - ZeroMemory(temp, 64); SSHConDec(); OnLiner = 0; return -2; }; - ZeroMemory(login, 32); - ZeroMemory(pass, 32); - ZeroMemory(temp, 64); Sleep(500); }; SSHConDec(); @@ -2315,7 +2188,6 @@ int _EstablishSSHConnection(char *host, conSTR *CSTR, char *banner) return -1; }; #pragma endregion - #pragma region IPCAMWeb int _webLoginSeq(char *request, char *login, char *pass, char *ip, int port, int passCounter, char *type, std::vector negVector) { @@ -2333,18 +2205,14 @@ int _webLoginSeq(char *request, char *login, char *pass, char *ip, int port, int else if(host=gethostbyname (ip)) ((unsigned long*) &sockAddr.sin_addr)[0] = ((unsigned long**)host->h_addr_list)[0][0]; else { -#pragma region QTGUI_Area - stt->doEmitionRedFoundData("[" + QString(type) + "] Bad address! [" + QString(ip) + "]"); -#pragma endregion + return -1; }; #else if(inet_addr(ip) != INADDR_NONE) sockAddr.sin_addr.s_addr = inet_addr(ip); else if(host=gethostbyname (ip)) ((unsigned long*) &sockAddr.sin_addr)[0] = ((unsigned long**)host->h_addr_list)[0][0]; else { -#pragma region QTGUI_Area - stt->doEmitionRedFoundData("[" + QString(type) + "] Bad address! [" + QString(ip) + "]"); -#pragma endregion + return -1; }; #endif sock = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP ); @@ -2470,17 +2338,17 @@ lopaStr _IPCameraBrute(char *ip, int port, char *SPEC) { if(globalScanFlag == false) break; if(strcmp(loginLst[i], " ") == 0) continue; - ZeroMemory(login, 128); + ZeroMemory(login, sizeof(login)); strcpy(login, loginLst[i]); for(int j = 0; j < MaxPass; j++) { if(globalScanFlag == false) break; if(strcmp(passLst[j], " ") == 0) continue; - ZeroMemory(pass, 128); + ZeroMemory(pass, sizeof(pass)); strcpy(pass, passLst[j]); - ZeroMemory(request, 1024); + ZeroMemory(request, sizeof(request)); if(strcmp(SPEC, "IPC") == 0) { strcpy(request, "GET /login.xml?user="); @@ -2494,14 +2362,6 @@ lopaStr _IPCameraBrute(char *ip, int port, char *SPEC) strcat(request, " HTTP/1.1\r\nHost: "); strcat(request, ip); strcat(request, "\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: en-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nConnection: close\r\n\r\n"); - - if(_webLoginSeq(request, login, pass, ip, port, passCounter, SPEC, negVector) == 1) - { - OnLiner = 0; - strcpy(lps.login, loginLst[i]); - strcpy(lps.pass, passLst[j]); - return lps; - }; } else if(strcmp(SPEC, "GEO") == 0) { @@ -2512,14 +2372,6 @@ lopaStr _IPCameraBrute(char *ip, int port, char *SPEC) strcat(request, " HTTP/1.1\r\nHost: "); strcat(request, ip); strcat(request, "\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: en-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nConnection: close\r\n\r\n"); - - if(_webLoginSeq(request, login, pass, ip, port, passCounter, SPEC, negVector) == 1) - { - OnLiner = 0; - strcpy(lps.login, loginLst[i]); - strcpy(lps.pass, passLst[j]); - return lps; - }; } else if(strcmp(SPEC, "EasyCam") == 0) { @@ -2534,14 +2386,6 @@ lopaStr _IPCameraBrute(char *ip, int port, char *SPEC) strcat(request, " HTTP/1.1\r\nHost: "); strcat(request, ip); strcat(request, "\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: en-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nConnection: close\r\n\r\n"); - - if(_webLoginSeq(request, login, pass, ip, port, passCounter, SPEC, negVector) == 1) - { - OnLiner = 0; - strcpy(lps.login, login); - strcpy(lps.pass, pass); - return lps; - }; } else if(strcmp(SPEC, "Foscam") == 0) { @@ -2556,14 +2400,6 @@ lopaStr _IPCameraBrute(char *ip, int port, char *SPEC) strcat(request, " HTTP/1.1\r\nHost: "); strcat(request, ip); strcat(request, "\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: en-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nConnection: close\r\n\r\n"); - - if(_webLoginSeq(request, login, pass, ip, port, passCounter, SPEC, negVector) == 1) - { - OnLiner = 0; - strcpy(lps.login, login); - strcpy(lps.pass, pass); - return lps; - }; } else if(strcmp(SPEC, "AVIOSYS") == 0) { @@ -2574,14 +2410,22 @@ lopaStr _IPCameraBrute(char *ip, int port, char *SPEC) strcat(request, " HTTP/1.1\r\nHost: "); strcat(request, ip); strcat(request, "\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: en-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nConnection: close\r\n\r\n"); + }; - if(_webLoginSeq(request, login, pass, ip, port, passCounter, SPEC, negVector) == 1) - { - OnLiner = 0; - strcpy(lps.login, loginLst[i]); - strcpy(lps.pass, passLst[j]); - return lps; - }; + int res = _webLoginSeq(request, login, pass, ip, port, passCounter, SPEC, negVector); + + if(res == 1) + { + OnLiner = 0; + strcpy(lps.login, loginLst[i]); + strcpy(lps.pass, passLst[j]); + return lps; + } + else if(res == -1) + { + OnLiner = 0; + strcpy(lps.login, "UNKNOWN"); + return lps; }; ++passCounter; }; @@ -2592,7 +2436,7 @@ lopaStr _IPCameraBrute(char *ip, int port, char *SPEC) }; lopaStr Connector::_IPCameraBLobby(char *ip, int port, char *SPEC) { - while(BrutingThrds >= gMaxBrutingThreads) Sleep(700); + while(BrutingThrds >= gMaxBrutingThreads) Sleep(1000); BConInc(); lopaStr res = _IPCameraBrute(ip, port, SPEC); @@ -2601,7 +2445,6 @@ lopaStr Connector::_IPCameraBLobby(char *ip, int port, char *SPEC) return res; }; #pragma endregion - int _pingMyTarget(char *ip) { HANDLE hIcmpFile; @@ -2662,12 +2505,20 @@ int _pingMyTarget(char *ip) return 0; }; }; - QString strIP; QString strPort; const char *buff1 = "GET / HTTP/1.1\r\nHost: "; const char *buff2 = "\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: us-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nConnection: close\r\n\r\n"; -void Connector::_ConnectToPort(char *ip, const char *portC, char *hl) +int _SSHLobby(char *ip, int port, conSTR *CSTR) +{ + char banner[256] = {0}; + strncpy(banner, _get_ssh_banner(ip, port), 256); + if(strlen(banner) > 0) + { + return _EstablishSSHConnection(ip, port, CSTR, banner); + }; +}; +void Connector::_ConnectToPort(char *ip, const char *portC, char *hl) { if(gPingNScan) { @@ -2676,48 +2527,40 @@ void Connector::_ConnectToPort(char *ip, const char *portC, char *hl) return; }; }; - - char mes[512] = {0}; - conSTR CSTR; + + char mes[512] = {0}; + conSTR CSTR; + CSTR.lowerBuff = NULL; + CSTR.size = 0; + + int strFlag = 0; + strcpy(mes, buff1); + strcat(mes, ip); + strcat(mes, buff2); + int port = atoi(portC); + int cRes; + + if(port == 443) cRes = _EstablishSSLConnection(ip, port, mes, &CSTR); + else if(port == 22) cRes = _SSHLobby(ip, port, &CSTR); + else cRes = _EstablishConnection(ip, port, mes, &CSTR); + int size = CSTR.size; + + if(size > 0 && cRes != -1) + { + ++Alive; + ++found; + stt->doEmitionChangeParsed(QString::number(saved) + "/" + QString::number(found)); + + Lexems lx; + lx._filler(port, CSTR.lowerBuff, ip, size, &lx, hl); + delete []CSTR.lowerBuff; CSTR.lowerBuff = NULL; - CSTR.size = 0; + }; - int strFlag = 0; - strcpy(mes, buff1); - strcat(mes, ip); - strcat(mes, buff2); - int port = atoi(portC); - int cRes; - - if(port == 443) cRes = _EstablishSSLConnection(ip, port, mes, &CSTR); - else if(port == 22) - { - char banner[256] = {0}; - strncpy(banner, _get_ssh_banner(ip), 256); - if(strlen(banner) > 0) - { - cRes = _EstablishSSHConnection(ip, &CSTR, banner); - }; - } - else cRes = _EstablishConnection(ip, port, mes, &CSTR); - int size = CSTR.size; - - if(size > 0 && cRes != -1) - { - ++Alive; - ++found; - stt->doEmitionChangeParsed(QString::number(saved) + "/" + QString::number(found)); - - Lexems lx; - lx._filler(port, CSTR.lowerBuff, ip, size, &lx, hl); - delete []CSTR.lowerBuff; - CSTR.lowerBuff = NULL; - }; - - if(CSTR.lowerBuff != NULL) - { - delete []CSTR.lowerBuff; - CSTR.lowerBuff = NULL; - }; - strFlag = 1; + if(CSTR.lowerBuff != NULL) + { + delete []CSTR.lowerBuff; + CSTR.lowerBuff = NULL; + }; + strFlag = 1; }; diff --git a/finder.cpp b/finder.cpp index 34fff6c..67f97b2 100644 --- a/finder.cpp +++ b/finder.cpp @@ -28,7 +28,6 @@ char *_findFirstOcc(char *str, char *delim) }; }; - //return str; return NULL; }; char *FindLastOcc(char *str, char *delim) @@ -169,11 +168,6 @@ char *GetCodePage(char *str) int Lexems::globalSearchNeg(const char *buffcpy, char *ip, int port) { if(strlen(buffcpy) == 0) return -1; - -// char buffcpy[RECV_MAX_LENGTH] = {0}; - //std::string rr = toLowerStr(xcode(buffcp, CP_UTF8, CP_ACP).c_str()); - - //memcpy((void*)buffcpy, rr.c_str(), rr.size()); char negWord[256] = {0}; for(int i = 0; i < GlobalNegativeSize; i++) @@ -181,7 +175,7 @@ int Lexems::globalSearchNeg(const char *buffcpy, char *ip, int port) if(globalScanFlag) { strcpy(negWord, GlobalNegatives[i]); - if(strstr(buffcpy, negWord) != NULL && (strcmp(negWord, "") != 0 || strlen(negWord) >= 2)) + if(strstr(buffcpy, negWord) != NULL) { if(gNegDebugMode) { @@ -237,7 +231,9 @@ int _mainFinderFirst(char *buffcpy, int f, int port, char *ip) if((strstr(buffcpy, "401 authorization") != NULL || strstr(buffcpy, "401 unauthorized") != NULL || (strstr(buffcpy, "www-authenticate") != NULL && strstr(buffcpy, "401 ") != NULL ) || strstr(buffcpy, "401 unauthorized access denied") != NULL || strstr(buffcpy, "401 unauthorised") != NULL || (strstr(buffcpy, "www-authenticate") != NULL && strstr(buffcpy, " 401\r\n") != NULL) ) - && strstr(buffcpy, "digest realm") != NULL) return 101; + && strstr(buffcpy, "digest realm") != NULL + && strstr(buffcpy, "basic realm") == NULL + ) return 101; if(strstr(buffcpy, "401 authorization") != NULL || strstr(buffcpy, "401 unauthorized") != NULL || (strstr(buffcpy, "www-authenticate") != NULL && strstr(buffcpy, "401 ") != NULL ) || strstr(buffcpy, "401 unauthorized access denied") != NULL || strstr(buffcpy, "401 unauthorised") != NULL || (strstr(buffcpy, "www-authenticate") != NULL && strstr(buffcpy, " 401\r\n") != NULL) ) return 1; @@ -265,9 +261,8 @@ int _mainFinderFirst(char *buffcpy, int f, int port, char *ip) if(strstr(buffcpy, "ip camera") != NULL && strstr(buffcpy, "check_user.cgi") != NULL) return 31; //ip cams if(strstr(buffcpy, "ws(\"user\");") != NULL && strstr(buffcpy, "src=\"/tool.js") != NULL && strstr(buffcpy, "") != NULL) return 32; //IPC web ip cam if(strstr(buffcpy, "geovision") != NULL && (strstr(buffcpy, "ip camera") != NULL || strstr(buffcpy, "ssi.cgi/login.htm") != NULL)) return 33; //GEO web ip cam - if(strstr(buffcpy, "hikvision-webs") != NULL || (strstr(buffcpy, "hikvision digital") != NULL && strstr(buffcpy, "dvrdvs-webs") != NULL) - || (strstr(buffcpy, "lapassword") != NULL && strstr(buffcpy, "lausername") != NULL && strstr(buffcpy, "dologin()") != NULL)) return 34; //hikvision cam - if(strstr(buffcpy, "easy cam") != NULL && strstr(buffcpy, "easy life") != NULL) return 35; //EasyCam + if((strstr(buffcpy, "easy cam") != NULL && strstr(buffcpy, "easy life") != NULL) + || strstr(buffcpy, "ipcamera") != NULL && strstr(buffcpy, "/tool.js") != NULL) return 35; //EasyCam if(strstr(buffcpy, "/config/cam_portal.cgi") != NULL || strstr(buffcpy, "/config/easy_index.cgi") != NULL) return 36; //Panasonic Cam if(strstr(buffcpy, "panasonic") != NULL && strstr(buffcpy, "/view/getuid.cgi") != NULL) return 37; //Panasonic Cam WJ-HD180 if(strstr(buffcpy, "ipcam client") != NULL && strstr(buffcpy, "plugins.xpi") != NULL && strstr(buffcpy, "js/upfile.js") != NULL) return 38; //Foscam @@ -276,7 +271,13 @@ int _mainFinderFirst(char *buffcpy, int f, int port, char *ip) if(strstr(buffcpy, "sq-webcam") != NULL && strstr(buffcpy, "liveview.html") != NULL) return 41; //AVIOSYS-camera if(strstr(buffcpy, "nw_camera") != NULL && strstr(buffcpy, "/cgi-bin/getuid") != NULL) return 42; //NW_camera if(strstr(buffcpy, "micros") != NULL && strstr(buffcpy, "/gui/gui_outer_frame.shtml") != NULL) return 43; //NW_camera - + if(strstr(buffcpy, "lapassword") != NULL + && strstr(buffcpy, "lausername") != NULL + && strstr(buffcpy, "g_ologin.dologin()") != NULL + ) return 44; //hikvision cam 2 + if(strstr(buffcpy, "hikvision-webs") != NULL || (strstr(buffcpy, "hikvision digital") != NULL && strstr(buffcpy, "dvrdvs-webs") != NULL) + || (strstr(buffcpy, "lapassword") != NULL && strstr(buffcpy, "lausername") != NULL && strstr(buffcpy, "dologin()") != NULL)) return 34; //hikvision cam + if(((strstr(buffcpy, "220") != NULL) && (port == 21)) || (strstri(buffcpy, "220 diskStation ftp server ready") != NULL) || (strstri(buffcpy, "220 ftp server ready") != NULL) @@ -304,7 +305,9 @@ int _mainFinderSecond(char *buffcpy, int port, char *ip) if((strstr(buffcpy, "401 authorization") != NULL || strstr(buffcpy, "401 unauthorized") != NULL || (strstr(buffcpy, "www-authenticate") != NULL && strstr(buffcpy, "401 ") != NULL ) || strstr(buffcpy, "401 unauthorized access denied") != NULL || strstr(buffcpy, "401 unauthorised") != NULL || (strstr(buffcpy, "www-authenticate") != NULL && strstr(buffcpy, " 401\r\n") != NULL) ) - && strstr(buffcpy, "digest realm") != NULL) return 101; + && strstr(buffcpy, "digest realm") != NULL + && strstr(buffcpy, "basic realm") == NULL + ) return 101; if(strstr(buffcpy, "401 authorization") != NULL || strstr(buffcpy, "401 unauthorized") != NULL || (strstr(buffcpy, "www-authenticate") != NULL && strstr(buffcpy, "401 ") != NULL ) || strstr(buffcpy, "401 unauthorized access denied") != NULL || strstr(buffcpy, "401 unauthorised") != NULL || (strstr(buffcpy, "www-authenticate") != NULL && strstr(buffcpy, " 401\r\n") != NULL) ) return 1; @@ -332,9 +335,8 @@ int _mainFinderSecond(char *buffcpy, int port, char *ip) if(strstr(buffcpy, "ip camera") != NULL && strstr(buffcpy, "check_user.cgi") != NULL) return 31; //axis cameras if(strstr(buffcpy, "ws(\"user\");") != NULL && strstr(buffcpy, "src=\"/tool.js") != NULL && strstr(buffcpy, "") != NULL) return 32; //web ip cam if(strstr(buffcpy, "geovision") != NULL && (strstr(buffcpy, "ip camera") != NULL || strstr(buffcpy, "ssi.cgi/login.htm") != NULL)) return 33; //GEO web ip cam - if(strstr(buffcpy, "hikvision-webs") != NULL || (strstr(buffcpy, "hikvision digital") != NULL && strstr(buffcpy, "dvrdvs-webs") != NULL) - || (strstr(buffcpy, "lapassword") != NULL && strstr(buffcpy, "lausername") != NULL && strstr(buffcpy, "dologin()") != NULL)) return 34; //hikvision cam - if(strstr(buffcpy, "easy cam") != NULL && strstr(buffcpy, "easy life") != NULL) return 35; //EasyCam + if((strstr(buffcpy, "easy cam") != NULL && strstr(buffcpy, "easy life") != NULL) + || strstr(buffcpy, "ipcamera") != NULL && strstr(buffcpy, "/tool.js") != NULL) return 35; //EasyCam if(strstr(buffcpy, "/config/cam_portal.cgi") != NULL || strstr(buffcpy, "/config/easy_index.cgi") != NULL) return 36; //Panasonic Cam if(strstr(buffcpy, "panasonic") != NULL && strstr(buffcpy, "/view/getuid.cgi") != NULL) return 37; //Panasonic Cam WJ-HD180 if(strstr(buffcpy, "ipcam client") != NULL && strstr(buffcpy, "plugins.xpi") != NULL && strstr(buffcpy, "js/upfile.js") != NULL) return 38; //Foscam @@ -343,7 +345,13 @@ int _mainFinderSecond(char *buffcpy, int port, char *ip) if(strstr(buffcpy, "sq-webcam") != NULL && strstr(buffcpy, "liveview.html") != NULL) return 41; //AVIOSYS-camera if(strstr(buffcpy, "nw_camera") != NULL && strstr(buffcpy, "/cgi-bin/getuid") != NULL) return 42; //NW_camera if(strstr(buffcpy, "micros") != NULL && strstr(buffcpy, "/gui/gui_outer_frame.shtml") != NULL) return 43; //NW_camera - + if(strstr(buffcpy, "lapassword") != NULL + && strstr(buffcpy, "lausername") != NULL + && strstr(buffcpy, "g_ologin.dologin()") != NULL + ) return 44; //hikvision cam 2 + if(strstr(buffcpy, "hikvision-webs") != NULL || (strstr(buffcpy, "hikvision digital") != NULL && strstr(buffcpy, "dvrdvs-webs") != NULL) + || (strstr(buffcpy, "lapassword") != NULL && strstr(buffcpy, "lausername") != NULL && strstr(buffcpy, "dologin()") != NULL)) return 34; //hikvision cam + if(((strstr(buffcpy, "220") != NULL) && (port == 21)) || (strstr(buffcpy, "220 diskStation ftp server ready") != NULL) || (strstr(buffcpy, "220 ftp server ready") != NULL) @@ -979,7 +987,7 @@ void _getFormVal(char *data, char *result, char *key, char *path = NULL) static const std::string arrUser[] = {"user", "usr", "username", "login", "lgn", "account", "acc", "param1", "param3", "id", "A1", "uname", "mail", "name"}; vector vecUser (arrUser, arrUser + sizeof(arrUser) / sizeof(arrUser[0]) ); -static const std::string arrPass[] = {"pass", "pw", "password", "code", "param2", "param4", "secret", "login_p", "A2", "admin_pw", "pws"}; +static const std::string arrPass[] = {"pass", "pw", "password", "code", "param2", "param4", "secret", "login_p", "A2", "admin_pw", "pws", "secretkey"}; vector vecPass (arrPass, arrPass + sizeof(arrPass) / sizeof(arrPass[0]) ); char *_getAttribute(char *str, char *attrib) @@ -1006,19 +1014,19 @@ char *_getAttribute(char *str, char *attrib) void _getInputVal(std::vector inputVec, char *buff, char *key) { char *pos = NULL; - char field[128] = {0}; + char field[256] = {0}; if(strcmp(key, "USER") == 0) { for(int i = 0; i < inputVec.size(); ++i) { - ZeroMemory(field, 128); + ZeroMemory(field, 256); _getFormVal((char*)inputVec[i].data(), field, "name="); for(int j = 0; j < vecUser.size(); ++j) { pos = strstri(field, vecUser[j].data()); if(pos != NULL) { - strncpy(buff, field, 128); + strncpy(buff, field, 256); return; }; }; @@ -1028,14 +1036,14 @@ void _getInputVal(std::vector inputVec, char *buff, char *key) { for(int i = 0; i < inputVec.size(); ++i) { - ZeroMemory(field, 128); + ZeroMemory(field, 256); _getFormVal((char*)inputVec[i].data(), field, "name="); for(int j = 0; j < vecPass.size(); ++j) { pos = strstri(field, vecPass[j].data()); if(pos != NULL) { - strncpy(buff, field, 128); + strncpy(buff, field, 256); return; }; }; @@ -1103,14 +1111,15 @@ void _specWFBrute(char *ip, int port, char *hl, char *buff, int flag, char *path char *inptPtr1 = strstri(frmBlock, ""); if(inptPtrEnd != NULL) { + ZeroMemory(tempInptStr, 256); insz = inptPtrEnd - inptPtr1 + 1; - strncpy(tempInptStr, inptPtr1, (insz < 128 ? insz : 128)); + strncpy(tempInptStr, inptPtr1, (insz < 256 ? insz : 256)); inputVec.push_back(std::string(tempInptStr)); inptPtr1 = strstri(inptPtrEnd, "doEmitionFoundData("" + QString(ip) + ":" + QString::number(port) + " - [WF]: No text/password fields found."); - fillGlobalLogData(ip, hl, tport, std::to_string((long double)recd).c_str(), title, "NULL", "NULL", comment, cp, tclass); - putInFile(flag, ip, tport, recd, title, hl, cp); + if(gNegDebugMode) stt->doEmitionFoundData("" + QString(ip) + ":" + QString::number(port) + " - [WF]: No text/password fields found."); + ///fillGlobalLogData(ip, hl, tport, std::to_string((long double)recd).c_str(), title, "NULL", "NULL", comment, cp, tclass); + ///putInFile(flag, ip, tport, recd, title, hl, cp); }; } else @@ -1206,9 +1215,9 @@ void _specWFBrute(char *ip, int port, char *hl, char *buff, int flag, char *path } else { - stt->doEmitionFoundData("" + QString(ip) + ":" + QString::number(port) + " - [WF]: Cannot find user/pass field."); - fillGlobalLogData(ip, hl, tport, std::to_string((long double)recd).c_str(), title, "", "", "UnknownWebform", cp, tclass); - putInFile(flag, ip, tport, recd, title, hl, cp); + if(gNegDebugMode) stt->doEmitionFoundData("" + QString(ip) + ":" + QString::number(port) + " - [WF]: Cannot find user/pass field."); + ///fillGlobalLogData(ip, hl, tport, std::to_string((long double)recd).c_str(), title, "", "", "UnknownWebform", cp, tclass); + ///putInFile(flag, ip, tport, recd, title, hl, cp); }; }; OnLiner = 0; @@ -1257,7 +1266,7 @@ void _specBrute(char *cookie, char *ip, int port, char *hl, char *finalstr, int fillGlobalLogData(ip, hl, tport, std::to_string((long double)recd).c_str(), finalstr, lps.login, lps.pass, comment, cp, "Basic Authorization"); }; - ZeroMemory(temp, strlen(temp)); + ZeroMemory(temp, sizeof(temp)); }; const char *GetTitle(char* str) { @@ -1373,52 +1382,82 @@ const char *GetTitle(char* str) return finalstr; }; -int Lexems::_filler(int p, char* buffcpy, char* ip, int recd, Lexems *lx, char *hl) +void _saveSSH(char *ip, int port, int recd, char *buffcpy) { - char b[16] = {0}; - - if( strstr(buffcpy, "[IGNR_ADDR]") != NULL ) return -1; - if(p == 22) + if(buffcpy != NULL) { - flag = -22; + char b[16] = {0}; char log[2048] = {0}; char logEmit[2048] = {0}; char goodStr[256] = {0}; char banner[256] = {0}; char *ptr1 = strstr(buffcpy, "|+|"); - int gsz = ptr1 - buffcpy; - strncpy(goodStr, buffcpy, gsz); - if(strlen(ptr1 + 3) > 0) strcpy(banner, ptr1 + 3); - strcpy(logEmit, "[SSH] "); - strcpy(log, "[SSH] "); - strcat(log, goodStr); - strcat(log, ""); - strcat(log, "; Banner: "); - strcat(log, banner); - strcat(log, ""); + if(ptr1 != NULL) + { + int gsz = ptr1 - buffcpy; + strncpy(goodStr, buffcpy, gsz); + if(strlen(ptr1 + 3) > 0) strcpy(banner, ptr1 + 3); + strcpy(logEmit, "[SSH] "); + strcpy(log, "[SSH] "); + strcat(log, goodStr); + strcat(log, ":"); + strcat(log, itoa(port, b, 10)); + strcat(log, ""); + strcat(log, "; Banner: "); + strcat(log, banner); + strcat(log, ""); - ++PieSSH; + ++PieSSH; + strcat(logEmit, ""); + strcat(logEmit, goodStr); + strcat(logEmit, ":"); + strcat(logEmit, itoa(port, b, 10)); + strcat(logEmit, ""); - strcat(logEmit, ""); - strcat(logEmit, goodStr); - strcat(logEmit, ""); - - fputsf (ip, itoa(p, b, 10), log, flag, "SSH"); - - char loginSSH[128] = {0}; - char passSSH[128] = {0}; - char *ptrl1 = strstr(buffcpy, ":"); - int lpsz = ptrl1 - buffcpy; - strncpy(loginSSH, buffcpy, lpsz); - char *ptrl2 = strstr(buffcpy, "@"); - lpsz = ptrl2 - ptrl1; - strncpy(passSSH, ptrl1 + 1, lpsz); - fillGlobalLogData(ip, hl, itoa(p, b, 10), std::to_string((long double)recd).c_str(), "[SSH service]", loginSSH, passSSH, "NULL", "UTF-8", "SSH"); - -#pragma region QTGUI_Area - stt->doEmitionFoundData(QString::fromLocal8Bit(logEmit)); -#pragma endregion + fputsf (ip, itoa(port, b, 10), log, -22, "SSH"); + char loginSSH[128] = {0}; + char passSSH[128] = {0}; + char *ptrl1 = strstr(buffcpy, ":"); + int lpsz = ptrl1 - buffcpy; + strncpy(loginSSH, buffcpy, lpsz); + char *ptrl2 = strstr(buffcpy, "@"); + lpsz = ptrl2 - ptrl1; + strncpy(passSSH, ptrl1 + 1, lpsz); + fillGlobalLogData(ip, "", itoa(port, b, 10), std::to_string((long double)recd).c_str(), "[SSH service]", loginSSH, passSSH, "NULL", "UTF-8", "SSH"); + stt->doEmitionFoundData(QString::fromLocal8Bit(logEmit)); + } + else + { + stt->doEmitionRedFoundData("[_saveSSH] Wrong format! [" + QString(ip) + ":" + QString::number(port) + "]"); + }; + } + else + { + stt->doEmitionRedFoundData("[_saveSSH] Empty buffer! [" + QString(ip) + ":" + QString::number(port) + "]"); + }; +}; +int Lexems::_filler(int p, char* buffcpy, char* ip, int recd, Lexems *lx, char *hl) +{ + char b[16] = {0}; + + if( strstr(buffcpy, "[IGNR_ADDR]") != NULL ) return -1; + if( strstr(buffcpy, "SSH-2.0-OpenSSH") != NULL ) + { + conSTR CSTR; + CSTR.lowerBuff = NULL; + CSTR.size = 0; + int res = _SSHLobby(ip, p, &CSTR); + if(res != -1 && res != -2) + { + _saveSSH(ip, p, recd, CSTR.lowerBuff); + }; + return -1; + }; + + if(p == 22) + { + _saveSSH(ip, p, recd, buffcpy); return -1; }; @@ -1433,7 +1472,7 @@ int Lexems::_filler(int p, char* buffcpy, char* ip, int recd, Lexems *lx, char * ZeroMemory(ps.headr, sizeof(ps.headr)); ZeroMemory(ps.path, sizeof(ps.path)); - char finalstr[TITLE_MAX_LENGTH] = {0}; + char finalstr[TITLE_MAX_SIZE] = {0}; char port[32] = {0}; int flag = 0; char cp[32] = {0}; @@ -1451,7 +1490,6 @@ int Lexems::_filler(int p, char* buffcpy, char* ip, int recd, Lexems *lx, char * std::vector redirStrLst; char rBuff[65536] = {0}; strncpy(rBuff, buffcpy, 65535); - char cookie[1024] = {0}; if(flag == 0 || flag == 3 || flag == 7 ) { int rh = _header(ip, p, buffcpy, lx, &ps, &redirStrLst, rBuff); @@ -1462,11 +1500,14 @@ int Lexems::_filler(int p, char* buffcpy, char* ip, int recd, Lexems *lx, char * strcat(finalstr, ps.headr); p = ps.port; strcpy(ip, ps.ip); - strcpy(cookie, ps.cookie); }; int sz = strlen(ps.path); strncpy(pps, ps.path, (sz < 256 ? sz : 256)); + } + else + { + if(strstr(buffcpy, "Set-Cookie:") != NULL) strncpy(ps.cookie, _getAttribute(buffcpy, "Set-Cookie:"), COOKIE_MAX_SIZE); }; strcpy(port, itoa(p, b, 10)); @@ -1475,9 +1516,7 @@ int Lexems::_filler(int p, char* buffcpy, char* ip, int recd, Lexems *lx, char * if(flag == -1 || flag == 6 || strstr(finalstr, "[IGNR_ADDR]") != NULL) return -1; fillerFlag = 1; - #pragma region Fillers - if(flag == 16) { Connector con; @@ -1577,8 +1616,6 @@ int Lexems::_filler(int p, char* buffcpy, char* ip, int recd, Lexems *lx, char * fputsf(ip, port, log, flag, "FTP"); fillGlobalLogData(ip, hl, port, std::to_string((long double)recd).c_str(), "[FTP service]", lps.login, lps.pass, "NULL", cp, "FTP"); - - #pragma region QTGUI_Area stt->doEmitionFoundData(QString::fromLocal8Bit(logEmit)); #pragma endregion @@ -1685,6 +1722,10 @@ int Lexems::_filler(int p, char* buffcpy, char* ip, int recd, Lexems *lx, char * { _specBrute(ps.cookie, ip, p, hl, "[Micros] IP Camera", flag, "/gui/rem_display.shtml", "[Micros] IP Camera", "Basic Authorization", cp, recd, ""); } + else if(flag == 44) //Hikvision ip cam 2 + { + _specBrute(ps.cookie, ip, p, hl, "[Hikvision] IP Camera", flag, "/ISAPI/Security/userCheck", "[Hikvision] IP Camera", "Basic Authorization", cp, recd, ""); + } else if(flag == 20) //AXIS Camera { _specBrute(ps.cookie, ip, p, hl, "AXIS Camera", flag, "/axis-cgi/com/ptz.cgi?", "AXIS Camera", "Basic Authorization", cp, recd, ""); @@ -1746,7 +1787,7 @@ int Lexems::_filler(int p, char* buffcpy, char* ip, int recd, Lexems *lx, char * fillGlobalLogData(ip, hl, port, std::to_string((long double)recd).c_str(), finalstr, lps.login, lps.pass, "HFS-FTP", cp, "Basic Authorization"); fputsf (ip, port, log , flag, "HFS"); stt->doEmitionFoundData(QString::fromLocal8Bit(log)); - ZeroMemory(temp, strlen(temp)); + ZeroMemory(temp, sizeof(temp)); } else if(flag == 1) { @@ -1797,7 +1838,6 @@ int redirectReconnect(char *cookie, char *ip, int port, char *str, Lexems *ls, P if(strstri(str, "https://") != NULL) { tempPort = 443; - char *ptr1 = strstri(str, "https://"); char *ptr2 = _findFirstOcc(str + 8, ":/"); if(ptr2 != NULL) @@ -2288,6 +2328,26 @@ void _getLinkFromJSLocation(char *dataBuff, char *str, char *tag, char *ip, int else strncpy(dataBuff, ptrQuote1 + 1, lsz); }; }; + } + else + { + ptrQuote1 = strstr(ptr2, "="); + if(ptrQuote1 != NULL) + { + char *ptrQuote2 = _findFirstOcc(ptr2, ";\n"); + if(ptrQuote2 != NULL) + { + int sz = ptrQuote2 - ptr2 - 1; + char link1[512] = {0}; + strncpy(link1, ptr2 + 1, sz); + char *ptrQuote3 = strstr(link1, "/"); + if(ptrQuote3 != NULL) + { + char link[512] = {0}; + strcpy(dataBuff, ptrQuote3); + }; + }; + }; }; }; } @@ -2321,7 +2381,7 @@ void _getJSCookie(char *dataBuff, char *str, char *ip, int port) int Lexems::_header(char *ip, int port, char str[], Lexems *l, PathStr *ps, std::vector *redirStrLst, char *rBuff) { std::string redirectStr = ""; - if(strstr(str, "Set-Cookie:") != NULL) strncpy(ps->cookie, _getAttribute(str, "Set-Cookie:"), 1024); + if(strstr(str, "Set-Cookie:") != NULL) strncpy(ps->cookie, _getAttribute(str, "Set-Cookie:"), COOKIE_MAX_SIZE); #pragma region Prechecks if(strstr(str, "[IGNR_ADDR]") != NULL) @@ -2387,6 +2447,7 @@ int Lexems::_header(char *ip, int port, char str[], Lexems *l, PathStr *ps, std: #pragma region 302 Redirects if( strstri(str, "http/1.0 301") != NULL || strstri(str, "http/1.1 301") != NULL || strstri(str, "http/1.0 302") != NULL || strstri(str, "http/1.1 302") != NULL + || strstri(str, "http/1.0 307") != NULL || strstri(str, "http/1.1 307") != NULL || strstri(str, "303 see other") != NULL ) { @@ -2545,7 +2606,6 @@ int Lexems::_header(char *ip, int port, char str[], Lexems *l, PathStr *ps, std: memset(scriptContainer + sz, '\0', 1); if(strstri(scriptContainer, "location.href") != NULL) _getLinkFromJSLocation(linkPtr, scriptContainer, "location.href", ip, port); - else if(strstri(scriptContainer, "window.location") != NULL) _getLinkFromJSLocation(linkPtr, scriptContainer, "window.location", ip, port); else if(strstri(scriptContainer, "location.replace") != NULL) _getLinkFromJSLocation(linkPtr, scriptContainer, "location.replace", ip, port); else if(strstri(scriptContainer, "location.reload") != NULL) strcpy(linkPtr, "/"); else if(strstri(scriptContainer, "location") != NULL) _getLinkFromJSLocation(linkPtr, scriptContainer, "location", ip, port); @@ -2560,7 +2620,11 @@ int Lexems::_header(char *ip, int port, char str[], Lexems *l, PathStr *ps, std: }; }; delete []scriptContainer; - if(ps->flag == 1) return -2; + if(ps->flag >= 17 || ps->flag == 11 || ps->flag == 12 + || ps->flag == 13 || ps->flag == 14 || ps->flag == 1 + || ps->flag == 10 + ) + return -2; } else { @@ -2571,6 +2635,46 @@ int Lexems::_header(char *ip, int port, char str[], Lexems *l, PathStr *ps, std: ptr1 = strstri(ptr2, ""); + if(ptr2 != NULL) + { + int sz = ptr2 - ptr1; + if(sz < 512) + { + char linkPtr[512] = {0}; + ZeroMemory(linkPtr, 512); + strncpy(linkPtr, ptr1, sz); + char *scriptContainer = new char[sz + 1]; + ZeroMemory(scriptContainer, sz + 1); + strncpy(scriptContainer, ptr1, sz); + memset(scriptContainer + sz, '\0', 1); + + if(strstri(scriptContainer, "location.href") != NULL) _getLinkFromJSLocation(linkPtr, scriptContainer, "location.href", ip, port); + else if(strstri(scriptContainer, "location.replace") != NULL) _getLinkFromJSLocation(linkPtr, scriptContainer, "location.replace", ip, port); + else if(strstri(scriptContainer, "location.reload") != NULL) strcpy(linkPtr, "/"); + else if(strstri(scriptContainer, "location") != NULL) _getLinkFromJSLocation(linkPtr, scriptContainer, "location", ip, port); + + if(strlen(linkPtr) != 0) + { + redirectStr = std::string(linkPtr); + if(std::find(redirStrLst->begin(), redirStrLst->end(), redirectStr) == redirStrLst->end()) + { + redirStrLst->push_back(redirectStr); + redirectReconnect(ps->cookie, ip, port, linkPtr, l, ps, redirStrLst, rBuff); + }; + }; + delete []scriptContainer; + if(ps->flag >= 17 || ps->flag == 11 || ps->flag == 12 + || ps->flag == 13 || ps->flag == 14 || ps->flag == 1 + || ps->flag == 10 + ) + return -2; + }; + }; }; #pragma endregion diff --git a/negatives.txt b/negatives.txt index fb6ed46..320e4c6 100644 --- a/negatives.txt +++ b/negatives.txt @@ -3,6 +3,11 @@ liveinternet #[Dlink] session_login.php?reload=1 atwiki +studio +McMyAdmin +Aviso de Bloqueio +Servico nao disponivel +Content-Encoding: gzip no connections allowed pocket-solution trustclick @@ -17,9 +22,14 @@ service unavailable is still available php framework BlueBean +Herzlich +Web-Based Configurator +Willkommen! 403 forbidden 404 not found +document not found 504 gateway timeout +Defaultpage 500 internal server error 500 - internal server error 502 bad gateway @@ -37,11 +47,11 @@ failed to open stream 500 OOPS Comming Soon is sample html -google_ad_client /js/thickbox.js google_ad_slot plone openmail +You don't have permission institute google-analytics.com googlesyndication @@ -57,15 +67,9 @@ MELOOK /cart/view /catalog/search.php /cgi-bin/welcome.cgi -/citrix/ -/citrixaccess -/contact /welcome/ application/x-shockwave-flash -/contactus -/contact-us /customer -/client /esi.cgi?page=status-index.xml /guarantee /html/index.asp @@ -84,8 +88,7 @@ application/x-shockwave-flash /servlet/wap/login site introuvable shop -/buy -/sell +sell /company /brand /signin @@ -128,7 +131,6 @@ access the sharecenter actiontec_bottom adsense afrekenen -agent web client ahcom tecnologia alfresco app service @@ -136,8 +138,7 @@ apache_pb.gif airties aktualizacji amicaweb -Alan Adı Al -Alan Adı Sat +Alan Adı and supervision tool annex b apache http server test @@ -167,8 +168,7 @@ blog/about/ blog/comments/ bubba|2 buffalo inc -buy or sell -buy ticket +buy cable modem cafe call us @@ -189,8 +189,7 @@ cheditor chiliproject check availability citrix/xenapp -cliente -clientes +client cloud cmside.htm company. @@ -202,29 +201,12 @@ configuration file does not confixx construcci consulta -contact info -contact our webmaster -contact support -contact to us -contact us -contact webmaster -contact. -contact_us. -contactanos -contactar -contact-info -contacto -contacts. -contact-us -contactus. -contate +contac come back later -contato -contatt +contat control de inventarios control de solicitudes controles de acceso -cookiechecker currently unavailable cooking coltd @@ -241,8 +223,11 @@ currently unreachable cs3 dreamweaver FrontPage TESTPAGE +Too many connections BB-HGW OS X Lion +Inspire DVR +DVR Components Download Homepage Builder dashboard.css dating @@ -273,7 +258,7 @@ domain has been registered domain name registration domain registered domainapps.com -domains for sale +sale domeny domeingeregistreerd down for maint @@ -286,7 +271,6 @@ dsnextgen.com dsparking.com DATA LAN DISK TEST SITE -dxclient eap web interface echolife ediciones tierrazul @@ -316,7 +300,6 @@ Fireworks MX fast35xx facebook football -for sale forex forgot password free delivery @@ -351,7 +334,6 @@ help desk hotspot login htmlanvview: icecast2 -ids_web_login ie-plugin iis7 iis8 @@ -365,7 +347,6 @@ information services 8 ingrese usuario inicio initservicecookie -initwebclient inloggen insurance intelligent digital security system @@ -467,7 +448,6 @@ oma domain on varattu opening soon openwebmail -page=contact page=about pagerrorimg pagos @@ -495,7 +475,6 @@ por internet portada portal de postinfo.html -pre-sale price prikol privacy policies @@ -541,7 +520,6 @@ roundcube s.r.l. sakura internet sabnzbd -sale only samsung digital sapphire journal sbuilder.ru @@ -554,10 +532,8 @@ secure login page securepaynet sedoparking.com selectkind.html -seller server application error server default page -service client servicio shared ip sign in now @@ -663,7 +639,6 @@ try again later tutorial twitter Tlf. -Web Client Pro mailto: WJND300 Home Page @@ -694,20 +669,17 @@ varaa itsellesi w@de wade web applications -web client for edvs web console web device manager web frontend web hosting web remote access -web remote client web server setup guide web site creator webage unavailable website does not exist web-based configurator webcamx -webclient.js webconfig webcontrol webguard login diff --git a/nesca_3.cpp b/nesca_3.cpp index aa03941..62bb50f 100644 --- a/nesca_3.cpp +++ b/nesca_3.cpp @@ -110,6 +110,7 @@ QGraphicsScene *sceneActivityGrid; QGraphicsScene *sceneTextPlacer; QGraphicsScene *sceneVoice; QGraphicsScene *pbScene; +QGraphicsScene *jobRangeVisualScene; QString importFileName = ""; @@ -194,6 +195,7 @@ void setSceneArea() sceneTextPlacer = new QGraphicsScene(); sceneVoice = new QGraphicsScene(); pbScene = new QGraphicsScene(); + jobRangeVisualScene = new QGraphicsScene(); ui->graphicLog->setScene(sceneGrid); ui->graphicLog_2->setScene(sceneGraph); @@ -204,7 +206,9 @@ void setSceneArea() ui->graphicTextPlacer->setScene(sceneTextPlacer); ui->graphicsVoice->setScene(sceneVoice); ui->pbgv->setScene(pbScene); + ui->jobRangeVisual->setScene(jobRangeVisualScene); + ui->graphicLog->setSceneRect(0, 0, ui->graphicLog->width(), ui->graphicLog->height()); ui->graphicLog_2->setSceneRect(0, 0, ui->graphicLog_2->width(), ui->graphicLog_2->height()); ui->graphicDelim->setSceneRect(0, 0, ui->graphicDelim->width(), ui->graphicDelim->height()); @@ -213,9 +217,9 @@ void setSceneArea() ui->graphicActivityGrid->setSceneRect(0, 0, ui->graphicActivityGrid->width(), ui->graphicActivityGrid->height()); ui->graphicTextPlacer->setSceneRect(0, 0, ui->graphicTextPlacer->width(), ui->graphicTextPlacer->height()); ui->graphicsVoice->setSceneRect(0, 0, ui->graphicsVoice->width(), ui->graphicsVoice->height()); - ui->pbgv->setSceneRect(0, 0, ui->pbgv->width(), ui->pbgv->height()); + ui->pbgv->setSceneRect(0, 0, ui->pbgv->width(), ui->pbgv->height()); + ui->jobRangeVisual->setSceneRect(0, 0, ui->jobRangeVisual->width(), ui->jobRangeVisual->height()); }; - void setButtonStyleArea() { ui->checkKeyBut->setStyleSheet( @@ -301,8 +305,8 @@ void setButtonStyleArea() ); }; void setSomeStyleArea() -{qApp->setStyleSheet( - +{ + qApp->setStyleSheet( "QMenu{" "color:rgb(216, 216, 216);background-color: rgb(26, 26, 26); border: 1px solid white;" "}" @@ -343,17 +347,12 @@ void setSomeStyleArea() "width: 13px;" "height: 13px;" "}" - + " #widget {" "border: 1px solid #525252;" "border-radius: 0px;" "}" - - " #widgetIRC {" - "border: 1px solid #525252;" - "border-radius: 0px;" - "}" - + " #exitButton {" "color: #525252;" "border: 0px solid black;" @@ -1295,10 +1294,13 @@ void nesca_3::ChangeDispalyMode() { if(widgetIsHidden == false && tray->isVisible() == false) { + ui->IRCModeChangerBut->setVisible(true); blinkFlag = false; widgetIsHidden = true; ui->newMessageLabel->setStyleSheet("color:rgba(255, 0, 0, 0);background-color: rgba(2, 2, 2, 0);"); - ui->IRCModeBut->setStyleSheet("color: rgb(216, 216, 216);background-color: rgba(2, 2, 2, 0);border: 1px solid rgba(255, 255, 255, 40);"); + ui->JobModeBut->setStyleSheet("color: rgb(216, 216, 216);background-color: rgba(2, 2, 2, 0);border: 1px solid rgba(255, 255, 255, 40);"); + ui->IRCModeBut->setStyleSheet("background-color: rgba(2, 2, 2, 0);border: 1px solid rgba(0, 214, 0, 40);color: rgb(0, 214, 0);"); + ui->widgetJOB->setGeometry(QRect(500, 44, 500, 730)); ui->widgetIRC->setGeometry(QRect(1, 44, 498, 730)); ui->shoutBox->setFocus(); QWidget::activateWindow(); @@ -1306,6 +1308,8 @@ void nesca_3::ChangeDispalyMode() } else { + ui->IRCModeBut->setStyleSheet("color: rgb(216, 216, 216);background-color: rgba(2, 2, 2, 0);border: 1px solid rgba(255, 255, 255, 40);"); + ui->IRCModeChangerBut->setVisible(false); disableBlink = false; blinkFlag = true; widgetIsHidden = false; @@ -1313,6 +1317,23 @@ void nesca_3::ChangeDispalyMode() ui->widgetIRC->setGeometry(QRect(500, 44, 500, 730)); }; }; +void nesca_3::switchToJobMode() +{ + if(ui->widgetJOB->geometry().x() == 500) + { + ui->widgetIRC->setGeometry(QRect(500, 44, 500, 730)); + ui->IRCModeChangerBut->setVisible(false); + widgetIsHidden = false; + ui->widgetJOB->setGeometry(QRect(1, 44, 498, 730)); + ui->JobModeBut->setStyleSheet("background-color: rgba(2, 2, 2, 0);border: 1px solid rgba(0, 214, 0, 40);color: rgb(0, 214, 0);"); + ui->IRCModeBut->setStyleSheet("color: rgb(216, 216, 216);background-color: rgba(2, 2, 2, 0);border: 1px solid rgba(255, 255, 255, 40);"); + } + else + { + ui->widgetJOB->setGeometry(QRect(500, 44, 500, 730)); + ui->JobModeBut->setStyleSheet("color: rgb(216, 216, 216);background-color: rgba(2, 2, 2, 0);border: 1px solid rgba(255, 255, 255, 40);"); + }; +}; void nesca_3::CheckProxy() { saveOptions(); @@ -2020,6 +2041,7 @@ void nesca_3::slotShowDataflow() if(MapWidgetOpened == false) { MapWidgetOpened = true; + ui->DataflowModeBut->setStyleSheet("background-color: rgba(2, 2, 2, 0);border: 1px solid rgba(0, 214, 0, 40);color: rgb(0, 214, 0);"); qwm = new QWidget(); qwm->setWindowFlags(Qt::FramelessWindowHint|Qt::SubWindow); qwm->setStyleSheet( @@ -2046,13 +2068,13 @@ void nesca_3::slotShowDataflow() } else { + ui->DataflowModeBut->setStyleSheet("color: rgb(216, 216, 216);background-color: rgba(2, 2, 2, 0);border: 1px solid rgba(255, 255, 255, 40);"); delete []SendData; delete []RecvData; delete []qwm; qwm = NULL; RecvData = NULL; SendData = NULL; - MapWidgetOpened = false; }; }; @@ -2790,11 +2812,10 @@ void nesca_3::ConnectEvrthng() connect ( ui->serverPortBox, SIGNAL( returnPressed() ), this, SLOT( ConnectToIRCServer() ) ); connect ( ui->checkKeyBut, SIGNAL( clicked() ), this, SLOT( CheckPersKey() ) ); connect ( ui->DataflowModeBut, SIGNAL( clicked() ), this, SLOT( slotShowDataflow() ) ); - connect ( ui->DataflowModeBut_2, SIGNAL( clicked() ), this, SLOT( slotShowDataflow() ) ); connect ( ui->IRCConnectBut, SIGNAL( clicked() ), this, SLOT( ConnectToIRCServer() ) ); connect ( ui->IRCModeChangerBut, SIGNAL( clicked() ), this, SLOT( ChangeIRCRawLog() ) ); + connect ( ui->JobModeBut, SIGNAL( clicked() ), this, SLOT( switchToJobMode() ) ); connect ( ui->IRCModeBut, SIGNAL( clicked() ), this, SLOT( ChangeDispalyMode() ) ); - connect ( ui->IRCModeBut_2, SIGNAL( clicked() ), this, SLOT( ChangeDispalyMode() ) ); connect ( ui->clearLogBut, SIGNAL( clicked() ), this, SLOT( slotClearLogs() ) ); connect ( ui->IRCUTFMode, SIGNAL( clicked() ), this, SLOT( slotChangeCPModeToUTF() ) ); connect ( ui->IRCCP1251Mode, SIGNAL( clicked() ), this, SLOT( slotChangeCPModeTo1251() ) ); @@ -3262,6 +3283,7 @@ void _startMsgCheck() ui->widgetIRC->installEventFilter(this); ui->shoutBox->installEventFilter(this); setSomeStyleArea(); + ui->IRCModeChangerBut->setVisible(false); ui->dataText->setOpenExternalLinks(true); ui->dataText->setOpenLinks(false); ui->rVerLabel->hide(); @@ -3321,6 +3343,22 @@ void _startMsgCheck() _startVerCheck(); _startMsgCheck(); + + //for(int i = 0; i < 480; ++i+=) + float step = 0; + QPen iprvPenRegular(QColor(51, 51, 51, 100)); + QPen iprvPen(QColor(51, 51, 51, 100)); + while(step < 480) + { + jobRangeVisualScene->addLine(step, 0, step, 41, iprvPenRegular); + step += 30; + }; + QPen iprvPenComplete(QColor(51, 51, 51, 100)); + while(step < 480) + { + jobRangeVisualScene->addLine(step, 0, step, 41, iprvPen); + step += 30; + }; }; void nesca_3::playFcknSound() { @@ -3473,7 +3511,7 @@ void nesca_3::STTTerminate() globalScanFlag = false; stt->terminate(); - + while(__savingBackUpFile) Sleep(100); if(loginLst != NULL) { for(int i = 0; i < MaxLogin; i++) delete []loginLst[i]; @@ -3510,7 +3548,24 @@ void nesca_3::STTTerminate() delete []sshlpLst; sshlpLst = NULL; }; - + if(ipsstartfl != NULL) + { + for(int i = 0; i < importFileSize; ++i) delete []ipsstartfl[i]; + delete []ipsstartfl; + ipsstartfl = NULL; + }; + if(ipsendfl != NULL) + { + for(int i = 0; i < importFileSize; ++i) delete []ipsendfl[i]; + delete []ipsendfl; + ipsendfl = NULL; + }; + if(starterIP != NULL) + { + for(int i = 0; i < importFileSize; ++i) delete []starterIP[i]; + delete []starterIP; + starterIP = NULL; + }; ui->tabMainWidget->setTabEnabled(0, true); ui->tabMainWidget->setTabEnabled(1, true); ui->tabMainWidget->setTabEnabled(2, true); diff --git a/nesca_3.h b/nesca_3.h index 5c429fc..4375fc6 100644 --- a/nesca_3.h +++ b/nesca_3.h @@ -93,6 +93,7 @@ protected: void setNickBox(QString str); void SaySmthng(); void ChangeIRCRawLog(); + void switchToJobMode(); void ConnectToIRCServer(); void CheckProxy(); void ChangeDispalyMode(); diff --git a/nesca_3.ui b/nesca_3.ui index d215c94..f82fef6 100644 --- a/nesca_3.ui +++ b/nesca_3.ui @@ -251,7 +251,7 @@ Qt::NoFocus - background-color:qlineargradient(spread:pad, x1:0.541, y1:0.500364, x2:0.54, y2:0, stop:0 rgba(16, 16, 16, 255), stop:1 rgba(0, 0, 0, 255)) + background-color:qlineargradient(spread:pad, x1:0.541, y1:0.500364, x2:0.54, y2:0, stop:0 rgba(16, 16, 16, 255), stop:1 rgba(0, 0, 0, 255)); @@ -2629,33 +2629,6 @@ background-color: #000000; < - - - - 390 - 50 - 48 - 16 - - - - - Eurostile - - - - Netstalker IRC Messenger - - - Netstalker IRC Messenger - - - color: rgb(216, 216, 216);background-color: rgba(2, 2, 2, 0);border: 1px solid rgba(255, 255, 255, 40); - - - :NS-IRC - - @@ -2843,33 +2816,6 @@ background-color: #000000; X - - - - 440 - 50 - 48 - 16 - - - - - Eurostile - - - - Online datastream - - - Online datastream - - - color: rgb(216, 216, 216);background-color: rgba(2, 2, 2, 0);border: 1px solid rgba(255, 255, 255, 40); - - - :Dataflow - - @@ -3001,7 +2947,7 @@ background-color: #000000; - 300 + 265 53 70 10 @@ -3223,14 +3169,12 @@ background-color: #000000; labelBadAddr labelOffline_Value switcherBut - IRCModeBut labelTracker graphicActivityGrid graphicActivity VoiceScanBut graphicsVoice clearLogBut - DataflowModeBut secretMessageBut_1 secretMessageBut_2 secretMessageBut_3 @@ -3252,34 +3196,13 @@ background-color: #000000; 500 44 - 500 + 498 730 - background-color:qlineargradient(spread:pad, x1:0.541, y1:0.500364, x2:0.54, y2:0, stop:0 rgba(16, 16, 16, 255), stop:1 rgba(0, 0, 0, 255));border: none; + background-color:qlineargradient(spread:pad, x1:0.541, y1:0.500364, x2:0.54, y2:0, stop:0 rgba(16, 16, 16, 255), stop:1 rgba(0, 0, 0, 255)); - - - - 390 - 6 - 48 - 16 - - - - - Eurostile - - - - color: rgb(216, 216, 216);background-color: rgba(2, 2, 2, 0);border: 1px solid rgba(255, 255, 255, 40); - - - :NS-Scan - - @@ -3560,27 +3483,6 @@ p, li { white-space: pre-wrap; } Check proxy - - - - 340 - 6 - 48 - 16 - - - - - Eurostile - - - - color: rgb(216, 216, 216);background-color: rgba(2, 2, 2, 0);border: 1px solid rgba(255, 255, 255, 40); - - - :IRC raw - - @@ -3636,33 +3538,6 @@ p, li { white-space: pre-wrap; } false - - - - 440 - 6 - 48 - 16 - - - - - Eurostile - - - - Anomaly map - - - Online datastream - - - color: rgb(216, 216, 216);background-color: rgba(2, 2, 2, 0);border: 1px solid rgba(255, 255, 255, 40); - - - :Dataflow - - @@ -3899,7 +3774,6 @@ color: rgb(71, 71, 71); nickList ircRaw - IRCModeBut_2 ircServerBox shoutBox serverPortBox @@ -3909,8 +3783,6 @@ color: rgb(71, 71, 71); ircProxy ircProxyPort IRCCheckProxyBut - IRCModeChangerBut - DataflowModeBut_2 nickShowBut topicLine IRCUTFMode @@ -3920,6 +3792,166 @@ color: rgb(71, 71, 71); labelIPRange_4 labelIPRange_5 + + + + 500 + 44 + 498 + 730 + + + + background-color:qlineargradient(spread:pad, x1:0.541, y1:0.500364, x2:0.54, y2:0, stop:0 rgba(16, 16, 16, 255), stop:1 rgba(0, 0, 0, 255)); + + + + + 10 + 30 + 480 + 41 + + + + Qt::ScrollBarAlwaysOff + + + Qt::ScrollBarAlwaysOff + + + + + + 10 + 105 + 480 + 296 + + + + + + + 10 + 425 + 480 + 296 + + + + + + + + 440 + 50 + 48 + 16 + + + + + Eurostile + + + + Online datastream + + + Online datastream + + + color: rgb(216, 216, 216);background-color: rgba(2, 2, 2, 0);border: 1px solid rgba(255, 255, 255, 40); + + + :Dataflow + + + + + + 340 + 50 + 48 + 16 + + + + + Eurostile + + + + Darknet IRC + + + Darknet IRC + + + color: rgb(216, 216, 216);background-color: rgba(2, 2, 2, 0);border: 1px solid rgba(255, 255, 255, 40); + + + :IRC + + + + + + 390 + 50 + 48 + 16 + + + + + Eurostile + + + + IP range distribution + + + IP range distribution + + + color: rgb(216, 216, 216);background-color: rgba(2, 2, 2, 0);border: 1px solid rgba(255, 255, 255, 40); + + + :Jobs + + + + + true + + + + 290 + 50 + 48 + 16 + + + + + Eurostile + + + + Raw or normal log view + + + Raw or normal log view + + + color: rgb(216, 216, 216);background-color: rgba(2, 2, 2, 0);border: 1px solid rgba(255, 255, 255, 40); + + + :IRC raw + + diff --git a/nesca_startModule.cpp b/nesca_startModule.cpp index f93b6e1..5442cdf 100644 --- a/nesca_startModule.cpp +++ b/nesca_startModule.cpp @@ -2,6 +2,7 @@ #include "STh.h" #include "resource.h" +bool __savingBackUpFile = false; bool horLineFlag = false; QJsonArray *jsonArr = new QJsonArray(); static int portArr[65536] = {0}; @@ -21,7 +22,8 @@ int OnLiner = 0; int MaxPass = 0, MaxLogin = 0, MaxTags = 0, MaxWFLogin = 0, MaxWFPass = 0, MaxSSHPass = 0; int ipsstart[4], ipsend[4], startNum, endNum, overallPorts, flCounter, octet[4]; -unsigned char ipsstartfl[8192][4], ipsendfl[8192][4], starterIP[8192][4]; +unsigned char **ipsstartfl = NULL, **ipsendfl = NULL, **starterIP = NULL; +unsigned int importFileSize = 0; int gPingTimeout = 2000; double ips = 0; char top_level_domain[128] = {0}; @@ -31,7 +33,6 @@ char **GlobalNegatives = 0; char **loginLst, **passLst; char **wfLoginLst, **wfPassLst; char **sshlpLst; -//char des1[64] = {0}, res[32]= {0}; char saveStartIP[128] = {0}; char saveEndIP[128] = {0}; char gRange[128] = {0}; @@ -222,33 +223,33 @@ void _SaveBackupToFile() if(flCounter > 0) { - FILE *savingFile = fopen("tempIPLst.bk", "w"); - if (savingFile != NULL) - { - for(int tCounter = gC; tCounter < flCounter; ++tCounter) + FILE *savingFile = fopen("tempIPLst.bk", "w"); + if (savingFile != NULL) { - for(int i = 0; i < 4; ++i) + for(int tCounter = gC; tCounter < flCounter; ++tCounter) { - strcat(curIpStart, std::to_string((long double)ipsstartfl[tCounter][i]).c_str()); - if ( i != 3) strcat(curIpStart, "."); - strcat(curIpEnd, std::to_string((long double)ipsendfl[tCounter][i]).c_str()); - if ( i != 3) strcat(curIpEnd, "."); + for(int i = 0; i < 4; ++i) + { + strcat(curIpStart, std::to_string((long double)ipsstartfl[tCounter][i]).c_str()); + if ( i != 3) strcat(curIpStart, "."); + strcat(curIpEnd, std::to_string((long double)ipsendfl[tCounter][i]).c_str()); + if ( i != 3) strcat(curIpEnd, "."); + }; + + strcpy(ipRange, curIpStart); + strcat(ipRange, "-"); + strcat(ipRange, curIpEnd); + strcat(ipRange, "\n"); + + fputs(ipRange, savingFile); + + ZeroMemory(ipRange, sizeof(ipRange)); + ZeroMemory(curIpStart, sizeof(curIpStart)); + ZeroMemory(curIpEnd, sizeof(curIpEnd)); }; - - strcpy(ipRange, curIpStart); - strcat(ipRange, "-"); - strcat(ipRange, curIpEnd); - strcat(ipRange, "\n"); - - fputs(ipRange, savingFile); - - ZeroMemory(ipRange, sizeof(ipRange)); - ZeroMemory(curIpStart, sizeof(curIpStart)); - ZeroMemory(curIpEnd, sizeof(curIpEnd)); - }; - fclose(savingFile); - } - else stt->doEmitionRedFoundData("[_saver] Cannot open file."); + fclose(savingFile); + } + else stt->doEmitionRedFoundData("[_saver] Cannot open file."); }; strcpy(saveStr, "[SESSION]:"); @@ -380,8 +381,9 @@ void _saver() { while(globalScanFlag) { + __savingBackUpFile = true; _SaveBackupToFile(); - + __savingBackUpFile = false; Sleep(10000); }; }; @@ -865,31 +867,27 @@ unsigned long int numOfIps(int ipsstart[], int ipsend[]) // return res; //}; +Connector con; #if defined(WIN32) void _connect(void* ss) #else void *_connect(void* ss) #endif { - if(globalScanFlag) + ++ipCounter; + char ip[MAX_ADDR_LEN] = {0}; + strcpy(ip, ((sockstruct*)ss)->argv); + //char hostLog[256] = {0}; + //strcpy(hostLog, GetHost(ip)); + delete []ss; + + for(int i = 0; i <= overallPorts; ++i) { - char ip[MAX_ADDR_LEN] = {0}; - strcpy(ip, ((sockstruct*)ss)->argv); - delete []ss; - //char hostLog[256] = {0}; - //strcpy(hostLog, GetHost(ip)); - - Connector con; - ++ipCounter; - - for(int i = 0; i <= overallPorts; ++i) - { - if(globalScanFlag == false) break; - con._ConnectToPort( ip, std::to_string((long double)portArr[i]).c_str(), "" ); - }; - - ConDec(); + if(globalScanFlag == false) break; + con._ConnectToPort( ip, std::to_string((long double)portArr[i]).c_str(), "" ); }; + + ConDec(); }; void targetAndIPWriter(unsigned long int target, char *buff) { @@ -1522,13 +1520,11 @@ int fInit(int InitMode, char *gR) ipsend[1] = ipsendfl[flCounter][1]; ipsend[2] = ipsendfl[flCounter][2]; ipsend[3] = ipsendfl[flCounter][3]; - } else { int x; char des1[64] = {0}; - //memcpy(res, "\0", sizeof(res)); for(int i = 0; i < 3; i++) //Filling the range-starting ip mass. { @@ -1539,10 +1535,8 @@ int fInit(int InitMode, char *gR) ZeroMemory(des1, sizeof(des1)); if(ipsstart[i] > 255) { -#pragma region QTGUI_Area stt->doEmitionRedFoundData("[Error] Incorrect range."); stt->doEmitionKillSttThread(); -#pragma endregion return -1; }; }; @@ -1550,10 +1544,8 @@ int fInit(int InitMode, char *gR) x = strcspn(gR, "-"); if(strstr(gR, "-") == NULL) { -#pragma region QTGUI_Area stt->doEmitionRedFoundData("[Error] Incorrect range."); stt->doEmitionKillSttThread(); -#pragma endregion return -1; }; @@ -1563,10 +1555,8 @@ int fInit(int InitMode, char *gR) if(strstr(gR, ".") == NULL) { -#pragma region QTGUI_Area stt->doEmitionRedFoundData("[Error] Incorrect range."); stt->doEmitionKillSttThread(); -#pragma endregion return -1; }; @@ -1579,10 +1569,8 @@ int fInit(int InitMode, char *gR) if(ipsend[i] > 255) { -#pragma region QTGUI_Area stt->doEmitionRedFoundData("[Error] Incorrect range."); stt->doEmitionKillSttThread(); -#pragma endregion return -1; }; }; @@ -1601,10 +1589,8 @@ int fInit(int InitMode, char *gR) ) ) { -#pragma region QTGUI_Area stt->doEmitionRedFoundData("[Error] Incorrect range."); stt->doEmitionKillSttThread(); -#pragma endregion return -1; }; @@ -1625,178 +1611,222 @@ void FileLoader(char *str) FILE *fl = fopen(str, "r"); if(fl != NULL) { + while(fgets((char*)curIP, sizeof(curIP), fl) != NULL) + { + if(curIP[0] != '#' && curIP[0] != ' ' && curIP[0] != '\n' && curIP[0] != '\r' && strcmp(curIP, "") != 0 && + ((curIP[0] == '/' && curIP[1] == '/') == false) && ((curIP[0] == '\t' && curIP[1] == '\t' && curIP[2] == '\t' && (curIP[3] == 13 || curIP[3] == 10 || curIP[3] == '#')) == false) + && (curIP[0] == '\t' && curIP[1] == '\t' && curIP[2] == '\t' && (curIP[3] == '/' && curIP[4] == '/')) == false) + { + ++importFileSize; + }; + ZeroMemory(curIP, sizeof(curIP)); + }; + + ipsstartfl = new unsigned char*[importFileSize + 2]; + ipsendfl = new unsigned char*[importFileSize + 2]; + starterIP = new unsigned char*[importFileSize + 2]; + ZeroMemory(ipsstartfl, importFileSize); + ZeroMemory(ipsendfl, importFileSize); + ZeroMemory(starterIP, importFileSize); + for(int i = 0; i < importFileSize; ++i) + { + ipsstartfl[i] = new unsigned char[4]; + ipsendfl[i] = new unsigned char[4]; + starterIP[i] = new unsigned char[4]; + + ZeroMemory(ipsstartfl[i], 4); + ZeroMemory(ipsendfl[i], 4); + ZeroMemory(starterIP[i], 4); + }; + + rewind(fl); + while(fgets(curIP, 64, fl) != NULL) { - strcpy(curIPCopy, curIP); - char *ptr1 = strstr(curIP, " "); - if(ptr1 != NULL) curIP[(int)(ptr1 - curIP)] = '\0'; - ptr1 = strstr(curIP, " "); - if(ptr1 != NULL) curIP[(int)(ptr1 - curIP) - 1] = '\0'; - ptr1 = strstr(curIP, "#"); - if(ptr1 != NULL) curIP[(int)(ptr1 - curIP) - 1] = '\0'; - if(strcmp(curIP, "") == 0 || strcmp(curIP, " ") == 0 || strcmp(curIP, "\r\n") == 0 || strcmp(curIP, "\n") == 0 || curIP[0] == ' ' || curIP[0] == '#') + if(curIP[0] != '#' && curIP[0] != ' ' && curIP[0] != '\n' && curIP[0] != '\r' && strcmp(curIP, "") != 0 && + ((curIP[0] == '/' && curIP[1] == '/') == false) && ((curIP[0] == '\t' && curIP[1] == '\t' && curIP[2] == '\t' && (curIP[3] == 13 || curIP[3] == 10 || curIP[3] == '#')) == false) + && (curIP[0] == '\t' && curIP[1] == '\t' && curIP[2] == '\t' && (curIP[3] == '/' && curIP[4] == '/')) == false) { - ZeroMemory(curIPCopy, sizeof(curIPCopy)); - ZeroMemory(curIP, sizeof(curIP)); - continue; - }; - - if(strstr(curIP, "-") != NULL) - { - bool firstPart = true; - int offset = 0; - int curNIndex = 0; - char curS; - char curN[32] = {0}; - for(int i = 0; i < strlen(curIP); ++i) + strcpy(curIPCopy, curIP); + char *ptr1 = strstr(curIP, " "); + if(ptr1 != NULL) curIP[(int)(ptr1 - curIP)] = '\0'; + ptr1 = strstr(curIP, " "); + if(ptr1 != NULL) curIP[(int)(ptr1 - curIP) - 1] = '\0'; + ptr1 = strstr(curIP, "#"); + if(ptr1 != NULL) curIP[(int)(ptr1 - curIP) - 1] = '\0'; + if(strcmp(curIP, "") == 0 || strcmp(curIP, " ") == 0 || strcmp(curIP, "\r\n") == 0 || strcmp(curIP, "\n") == 0 || curIP[0] == ' ' || curIP[0] == '#') { - curS = curIP[i]; - if(curS == '.') - { - if(firstPart) - { - starterIP[flCounter][offset] = atoi(curN); - ipsstartfl[flCounter][offset] = atoi(curN); - } - else ipsendfl[flCounter][offset] = atoi(curN); - ++offset; - curNIndex = 0; - ZeroMemory(curN, 32); - continue; - }; - if(curS == '-') - { - if(firstPart) - { - starterIP[flCounter][offset] = atoi(curN); - ipsstartfl[flCounter][offset] = atoi(curN); - } - else ipsendfl[flCounter][offset] = atoi(curN); - offset = 0; - firstPart = false; - curNIndex = 0; - ZeroMemory(curN, 32); - continue; - }; - curN[curNIndex++] = curS; - if(i == strlen(curIP) - 1) - { - ipsendfl[flCounter][offset] = atoi(curN); - }; + ZeroMemory(curIPCopy, sizeof(curIPCopy)); + ZeroMemory(curIP, sizeof(curIP)); + continue; }; - if(ipsstartfl[flCounter][0] > ipsendfl[flCounter][0] - || ipsstartfl[flCounter][1] > ipsendfl[flCounter][1] - || ipsstartfl[flCounter][2] > ipsendfl[flCounter][2] - || ipsstartfl[flCounter][3] > ipsendfl[flCounter][3]) + if(strstr(curIP, "-") != NULL) { - char tempMsg[64] = {0}; - strcpy(tempMsg, "[IP Loader]Error in IP list. Line-> ["); - strcat(tempMsg, std::to_string((long double)flCounter).c_str()); - strcat(tempMsg, "] String-> ["); - strcat(tempMsg, curIPCopy); - strcat(tempMsg, "]"); - #pragma region QTGUI_Area - stt->doEmitionRedFoundData(QString(tempMsg)); - #pragma endregion - }; - - gTargets += 256*256*256*(ipsendfl[flCounter][0] - ipsstartfl[flCounter][0]); - gTargets += 256*256*(ipsendfl[flCounter][1] - ipsstartfl[flCounter][1]); - gTargets += 256*(ipsendfl[flCounter][2] - ipsstartfl[flCounter][2]); - gTargets += (ipsendfl[flCounter][3] - ipsstartfl[flCounter][3]); - ++flCounter; - } - else if(strstr(curIP, "/") != NULL) - { - char *str1; - char *str2; - char res[8] = {0}; - - int mask = 0; - char *ptr1 = strstr(curIP, "/"); - GetOctets(curIP); - - mask = atoi(ptr1 + 1); - unsigned char mOctet[4]; - mOctet[0] = 1; - mOctet[1] = 1; - mOctet[2] = 1; - mOctet[3] = 1; - - if(mask >= 24) - { - mOctet[0] = 255; - mOctet[1] = 255; - mOctet[2] = 255; - for(int i = 0; i < mask - 24 - 1; ++i) + bool firstPart = true; + int offset = 0; + int curNIndex = 0; + char curS; + char curN[32] = {0}; + for(int i = 0; i < strlen(curIP); ++i) { - mOctet[3] = mOctet[3] << 1; - mOctet[3] |= 1; + curS = curIP[i]; + if(curS == '.') + { + if(firstPart) + { + starterIP[flCounter][offset] = atoi(curN); + ipsstartfl[flCounter][offset] = atoi(curN); + } + else ipsendfl[flCounter][offset] = atoi(curN); + ++offset; + curNIndex = 0; + ZeroMemory(curN, 32); + continue; + } + else if(curS == '-') + { + if(firstPart) + { + starterIP[flCounter][offset] = atoi(curN); + ipsstartfl[flCounter][offset] = atoi(curN); + } + else ipsendfl[flCounter][offset] = atoi(curN); + offset = 0; + firstPart = false; + curNIndex = 0; + ZeroMemory(curN, 32); + continue; + }; + curN[curNIndex++] = curS; + if(i == strlen(curIP) - 1) + { + ipsendfl[flCounter][offset] = atoi(curN); + }; }; - mOctet[3] = mOctet[3] << 8 - (mask - 24); + + if(ipsstartfl[flCounter][0] > ipsendfl[flCounter][0] + || (ipsstartfl[flCounter][0] >= ipsendfl[flCounter][0] + && ipsstartfl[flCounter][1] > ipsendfl[flCounter][1] + ) + || (ipsstartfl[flCounter][0] >= ipsendfl[flCounter][0] + && ipsstartfl[flCounter][1] >= ipsendfl[flCounter][1] + && ipsstartfl[flCounter][2] > ipsendfl[flCounter][2] + ) + || (ipsstartfl[flCounter][0] >= ipsendfl[flCounter][0] + && ipsstartfl[flCounter][1] >= ipsendfl[flCounter][1] + && ipsstartfl[flCounter][2] >= ipsendfl[flCounter][2] + && ipsstartfl[flCounter][3] > ipsendfl[flCounter][3] + ) + ) + { + char tempMsg[64] = {0}; + strcpy(tempMsg, "[IP Loader]Error in IP list. Line-> ["); + strcat(tempMsg, std::to_string((long double)flCounter).c_str()); + strcat(tempMsg, "] String-> ["); + strcat(tempMsg, curIPCopy); + strcat(tempMsg, "]"); + stt->doEmitionRedFoundData(QString(tempMsg)); + return; + }; + + gTargets += 256*256*256*(ipsendfl[flCounter][0] - ipsstartfl[flCounter][0]); + gTargets += 256*256*(ipsendfl[flCounter][1] - ipsstartfl[flCounter][1]); + gTargets += 256*(ipsendfl[flCounter][2] - ipsstartfl[flCounter][2]); + gTargets += (ipsendfl[flCounter][3] - ipsstartfl[flCounter][3]); + ++flCounter; } - else if(mask >= 16) + else if(strstr(curIP, "/") != NULL) { - mOctet[0] = 255; - mOctet[1] = 255; - for(int i = 0; i < mask - 16 - 1; ++i) + char *str1; + char *str2; + char res[8] = {0}; + + int mask = 0; + char *ptr1 = strstr(curIP, "/"); + GetOctets(curIP); + + mask = atoi(ptr1 + 1); + unsigned char mOctet[4]; + mOctet[0] = 1; + mOctet[1] = 1; + mOctet[2] = 1; + mOctet[3] = 1; + + if(mask >= 24) { - mOctet[2] = mOctet[2] << 1; - mOctet[2] |= 1; + mOctet[0] = 255; + mOctet[1] = 255; + mOctet[2] = 255; + for(int i = 0; i < mask - 24 - 1; ++i) + { + mOctet[3] = mOctet[3] << 1; + mOctet[3] |= 1; + }; + mOctet[3] = mOctet[3] << 8 - (mask - 24); + } + else if(mask >= 16) + { + mOctet[0] = 255; + mOctet[1] = 255; + for(int i = 0; i < mask - 16 - 1; ++i) + { + mOctet[2] = mOctet[2] << 1; + mOctet[2] |= 1; + }; + mOctet[2] = mOctet[2] << 8 - (mask - 16); + mOctet[3] = 0; + } + else if(mask >= 8) + { + mOctet[0] = 255; + for(int i = 0; i < mask - 8 - 1; ++i) + { + mOctet[1] = mOctet[1] << 1; + mOctet[1] |= 1; + }; + mOctet[1] = mOctet[1] << 8 - (mask - 8); + mOctet[2] = 0; + mOctet[3] = 0; + } + else + { + for(int i = 0; i < mask - 1; ++i) + { + mOctet[0] = mOctet[0]<< 1; + mOctet[0] |= 1; + }; + mOctet[0] = mOctet[0] << 8 - mask; + mOctet[1] = 0; + mOctet[2] = 0; + mOctet[3] = 0; }; - mOctet[2] = mOctet[2] << 8 - (mask - 16); - mOctet[3] = 0; + + unsigned char ocRes = 0; + for(int i = 0; i < 4; ++i) + { + ocRes = octet[i]&mOctet[i]; + starterIP[flCounter][i] = ocRes; + ipsstartfl[flCounter][i] = ocRes; + if(mOctet[i] == 255) ipsendfl[flCounter][i] = octet[i]; + else ipsendfl[flCounter][i] = octet[i]|~mOctet[i]; + }; + + gTargets += pow((float)2, (32 - mask)); + ++flCounter; } - else if(mask >= 8) + else if(strstr(curIP, "RESTORE_IMPORT_SESSION") != NULL) { - mOctet[0] = 255; - for(int i = 0; i < mask - 8 - 1; ++i) - { - mOctet[1] = mOctet[1] << 1; - mOctet[1] |= 1; - }; - mOctet[1] = mOctet[1] << 8 - (mask - 8); - mOctet[2] = 0; - mOctet[3] = 0; + ///DUMMY/// } else { - for(int i = 0; i < mask - 1; ++i) - { - mOctet[0] = mOctet[0]<< 1; - mOctet[0] |= 1; - }; - mOctet[0] = mOctet[0] << 8 - mask; - mOctet[1] = 0; - mOctet[2] = 0; - mOctet[3] = 0; + stt->doEmitionRedFoundData("[IP Loader] Wrong list format. String: " + QString(curIP)); }; - - unsigned char ocRes = 0; - for(int i = 0; i < 4; ++i) - { - ocRes = octet[i]&mOctet[i]; - starterIP[flCounter][i] = ocRes; - ipsstartfl[flCounter][i] = ocRes; - if(mOctet[i] == 255) ipsendfl[flCounter][i] = octet[i]; - else ipsendfl[flCounter][i] = octet[i]|~mOctet[i]; - }; - - gTargets += pow((float)2, (32 - mask)) - 1; - ++flCounter; - } - else if(strstr(curIP, "RESTORE_IMPORT_SESSION") != NULL) - { - ///DUMMY/// - } - else - { -#pragma region QTGUI_Area - stt->doEmitionRedFoundData("[IP Loader] Wrong list format. String: " + QString(curIP)); -#pragma endregion + ZeroMemory(curIP, sizeof(curIP)); }; }; + gTargets -= 1; gTargetsOverall = gTargets; targets = gTargets; @@ -1805,9 +1835,7 @@ void FileLoader(char *str) } else { -#pragma region QTGUI_Area stt->doEmitionRedFoundData("[IP Loader] Cannot open IP list."); -#pragma endregion }; }; char *GetCIDRRangeStr(char *str) @@ -2209,10 +2237,6 @@ int startScan(char* args) overallPorts = 0; found = 0; indexIP = 0; - ZeroMemory(starterIP, sizeof(starterIP)); - ZeroMemory(ipsstartfl, sizeof(ipsstartfl)); - ZeroMemory(ipsendfl, sizeof(ipsendfl)); - ZeroMemory(ipsstartfl, sizeof(ipsstartfl)); ZeroMemory(octet, sizeof(octet)); ZeroMemory(ipsstart, sizeof(ipsstart)); ZeroMemory(ipsend, sizeof(ipsend)); @@ -2282,18 +2306,19 @@ stt->doEmitionThreads(QString::number(0) + "/" + QString::number(gThreads)); if(globalScanFlag == false) break; while(ipsstart[0] < 256 && eor0 == 0) { - if(globalScanFlag == false) break; if(ipsstart[0] == ipsend[0]) eor0 = 1; + if(globalScanFlag == false) break; while(ipsstart[1] < 256 && eor1 == 0) { - if(globalScanFlag == false) break; if(ipsstart[1] == ipsend[1] && eor0 == 1) eor1 = 1; + if(globalScanFlag == false) break; while(ipsstart[2] < 256 && eor2 == 0) { - if(globalScanFlag == false) break; if(ipsstart[2] == ipsend[2] && eor1 == 1) eor2 = 1; + if(globalScanFlag == false) break; while(ipsstart[3] < 256 && eor3 == 0) { + if(globalScanFlag == false) break; st = new sockstruct(); ZeroMemory(st->argv, sizeof(st->argv)); ZeroMemory(res, sizeof(res)); @@ -2313,16 +2338,12 @@ stt->doEmitionThreads(QString::number(0) + "/" + QString::number(gThreads)); strcpy(saveStartIP, res); targetAndIPWriter(gTargets--, st->argv); - ConInc(); #if defined(WIN32) - if(globalScanFlag) _beginthread( (void(*)(void*))_connect, 0, st ); + _beginthread( (void(*)(void*))_connect, 0, st ); #else - if(globalScanFlag) - { - pthread_t thrc; - pthread_create(&thrc, NULL, (void *(*)(void*))&_connect, st); - }; + pthread_t thrc; + pthread_create(&thrc, NULL, (void *(*)(void*))&_connect, st); #endif Sleep(gThreadDelay); ++ipsstart[3]; @@ -2587,13 +2608,10 @@ stt->doEmitionThreads(QString::number(0) + "/" + QString::number(gThreads)); ConInc(); #if defined(WIN32) - if(globalScanFlag) _beginthread( (void(*)(void*))_connect, 0, st ); + _beginthread( (void(*)(void*))_connect, 0, st ); #else - if(globalScanFlag) - { - pthread_t thrc; - pthread_create(&thrc, NULL, (void *(*)(void*))&_connect, st ); - }; + pthread_t thrc; + pthread_create(&thrc, NULL, (void *(*)(void*))&_connect, st ); #endif Sleep(gThreadDelay); if(ipsstartfl[gC][3] == 255) break; @@ -2627,7 +2645,6 @@ stt->doEmitionThreads(QString::number(0) + "/" + QString::number(gThreads)); #pragma endregion }; - Sleep(gTimeOut + 1); #pragma region QTGUI_Area stt->doEmitionYellowFoundData("Stopping threads..."); @@ -2676,7 +2693,24 @@ stt->doEmitionThreads(QString::number(0) + "/" + QString::number(gThreads)); delete []sshlpLst; sshlpLst = NULL; }; - + if(ipsstartfl != NULL) + { + for(int i = 0; i < MaxSSHPass; ++i) delete []ipsstartfl[i]; + delete []ipsstartfl; + ipsstartfl = NULL; + }; + if(ipsendfl != NULL) + { + for(int i = 0; i < MaxSSHPass; ++i) delete []ipsendfl[i]; + delete []ipsendfl; + ipsendfl = NULL; + }; + if(starterIP != NULL) + { + for(int i = 0; i < MaxSSHPass; ++i) delete []starterIP[i]; + delete []starterIP; + starterIP = NULL; + }; #pragma region QTGUI_Area stt->doEmitionGreenFoundData("Done. Saved: " + QString::number(saved) + "; Alive: " + QString::number(found) + "."); stt->doEmitionChangeParsed(QString::number(saved) + "/" + QString::number(found)); diff --git a/resource.h b/resource.h index 9193290..1cfa0cd 100644 --- a/resource.h +++ b/resource.h @@ -48,8 +48,10 @@ typedef int BOOL; #endif #define MAX_ADDR_LEN 128 -#define TITLE_MAX_LENGTH 512 -#define RECV_MAX_LENGTH 350000 +#define TITLE_MAX_SIZE 512 +#define RECV_MAX_SIZE 350000 +#define REQUEST_MAX_SIZE 4096 +#define COOKIE_MAX_SIZE 1024 #define SD_BOTH 2 #define PORTSET "80,81,88,8080,8081,60001,60002,8008,8888,554,9000,441,4111,6667,3536,22,21" #define IRC_CHAN "iskopasi_lab03" @@ -134,12 +136,7 @@ extern int stopGlobalLog; extern int GlobalNegativeSize; extern char* thrds, top_level_domain[128]; extern char startM[64], endM[64]; -struct workerStruct -{ - int id; - bool giveMeMore; - char argv[MAX_ADDR_LEN]; -}; + extern char **GlobalNegatives; extern char **loginLst, **passLst, **wfLoginLst, **wfPassLst, **sshlpLst; extern int MaxPass, MaxLogin, MaxWFLogin, MaxWFPass, MaxSSHPass; @@ -162,39 +159,36 @@ extern char gFirstDom[128]; extern char gPorts[65536]; extern int gMaxBrutingThreads; extern int OnLiner; - +extern bool __savingBackUpFile; +extern unsigned int importFileSize; extern int ipsstart[4], ipsend[4], startNum, endNum, overallPorts, flCounter, octet[4]; -extern unsigned char ipsstartfl[8192][4], ipsendfl[8192][4], starterIP[8192][4]; +//extern unsigned char ipsstartfl[8192][4], ipsendfl[8192][4], starterIP[8192][4]; +extern unsigned char **ipsstartfl, **ipsendfl, **starterIP; typedef struct ST{ - char argv[2048]; + char argv[MAX_ADDR_LEN]; }sockstruct; - struct conSTR{ char *lowerBuff; int size; }; - struct assClSt{ const char *argv2; }; - struct PathStr{ char codepage[32]; - char headr[TITLE_MAX_LENGTH]; + char headr[TITLE_MAX_SIZE]; char path[1024]; int flag; int port; - char ip[2048]; - char cookie[1024]; + char ip[MAX_ADDR_LEN]; + char cookie[COOKIE_MAX_SIZE]; }; - struct pl{ int loginCounter; int passCounter; }; - struct lopaStr{ char login[128]; char pass[32]; @@ -214,6 +208,7 @@ extern void _SaveBackupToFile(); extern char* __cdecl strstri(char *_Str, const char *_SubStr); extern char* _getAttribute(char *str, char *attrib); extern char *_findFirstOcc(char *str, char *delim); +extern int _SSHLobby(char *ip, int port, conSTR *CSTR); class Lexems { public: