Multiple fixes, QLikView added.

This commit is contained in:
cora32 2016-01-24 22:03:28 +03:00
parent 24525249de
commit baefcabbda
9 changed files with 44 additions and 22 deletions

View File

@ -158,6 +158,7 @@ lopaStr BA::BALobby(const char *ip, const int port) {
++baCount; ++baCount;
++BrutingThrds; ++BrutingThrds;
stt->doEmitionUpdateArc(gTargets);
const lopaStr &lps = BABrute(ip, port); const lopaStr &lps = BABrute(ip, port);
--BrutingThrds; --BrutingThrds;

View File

@ -286,9 +286,9 @@ void eraser(std::string *buffer, const std::string delim1, const std::string del
} }
} }
void cutoutComments(std::string *buffer) { void cutoutComments(std::string *buffer) {
//eraser(buffer, "//", "\n"); //Cant's handle urls: http://bla.bla
eraser(buffer, "<!--", "-->"); eraser(buffer, "<!--", "-->");
eraser(buffer, "/*", "*/"); eraser(buffer, "/*", "*/");
eraser(buffer, "//", "\n");
} }
int Connector::nConnect(const char* ip, const int port, std::string *buffer, int Connector::nConnect(const char* ip, const int port, std::string *buffer,

View File

@ -98,6 +98,7 @@ lopaStr FTPA::FTPLobby(const char *ip, const int port, PathStr *ps) {
++baCount; ++baCount;
++BrutingThrds; ++BrutingThrds;
stt->doEmitionUpdateArc(gTargets);
const lopaStr &lps = FTPBrute(ip, port, ps); const lopaStr &lps = FTPBrute(ip, port, ps);
--BrutingThrds; --BrutingThrds;

View File

@ -540,6 +540,7 @@ lopaStr HikVis::HVLobby(const char *ip, const int port) {
++baCount; ++baCount;
++BrutingThrds; ++BrutingThrds;
stt->doEmitionUpdateArc(gTargets);
const lopaStr &lps = hikLogin(ip, port); const lopaStr &lps = hikLogin(ip, port);
--BrutingThrds; --BrutingThrds;
@ -558,6 +559,7 @@ lopaStr HikVis::RVILobby(const char *ip, const int port) {
++baCount; ++baCount;
++BrutingThrds; ++BrutingThrds;
stt->doEmitionUpdateArc(gTargets);
const lopaStr &lps = rviLogin(ip, port); const lopaStr &lps = rviLogin(ip, port);
--BrutingThrds; --BrutingThrds;

View File

@ -259,6 +259,7 @@ lopaStr IPC::IPCLobby(const char *ip, int port, char *SPEC) {
++baCount; ++baCount;
++BrutingThrds; ++BrutingThrds;
stt->doEmitionUpdateArc(gTargets);
lopaStr lps = IPCBrute(ip, port, SPEC); lopaStr lps = IPCBrute(ip, port, SPEC);
--BrutingThrds; --BrutingThrds;

View File

@ -908,7 +908,6 @@ void _tracker() {
} }
void verboseProgress(unsigned long target) { void verboseProgress(unsigned long target) {
stt->doEmitionUpdateArc(gTargets); stt->doEmitionUpdateArc(gTargets);
if (gTargets > 0) --gTargets; if (gTargets > 0) --gTargets;

View File

@ -201,6 +201,7 @@ int SSHAuth::SSHLobby(const char *ip, int port, std::string *buffer)
if (strlen(sshBanner.c_str()) > 0) if (strlen(sshBanner.c_str()) > 0)
{ {
++BrutingThrds; ++BrutingThrds;
stt->doEmitionUpdateArc(gTargets);
int res = SSHBrute(ip, port, buffer, sshBanner.c_str()); int res = SSHBrute(ip, port, buffer, sshBanner.c_str());
--BrutingThrds; --BrutingThrds;

View File

@ -390,10 +390,10 @@ int sharedDetector(const char * ip, int port, const std::string *buffcpy, const
if(Utils::ustrstr(buffcpy, "hikvision-webs") != -1 if(Utils::ustrstr(buffcpy, "hikvision-webs") != -1
|| ( || (
(Utils::ustrstr(buffcpy, "hikvision digital") != -1 (Utils::ustrstr(buffcpy, "hikvision digital") != -1 || Utils::ustrstr(buffcpy, "doc/page/login.asp") != -1)
|| Utils::ustrstr(buffcpy, "doc/page/login.asp") != -1) && Utils::ustrstr(buffcpy, "dvrdvs-webs") != -1 || Utils::ustrstr(buffcpy, "app-webs") != -1)
&& Utils::ustrstr(buffcpy, "dvrdvs-webs") != -1) ||
|| (Utils::ustrstr(buffcpy, "lapassword") != -1 (Utils::ustrstr(buffcpy, "lapassword") != -1
&& Utils::ustrstr(buffcpy, "lausername") != -1 && Utils::ustrstr(buffcpy, "lausername") != -1
&& Utils::ustrstr(buffcpy, "dologin()") != -1) && Utils::ustrstr(buffcpy, "dologin()") != -1)
) return 34; //hikvision cam ) return 34; //hikvision cam
@ -462,6 +462,8 @@ int sharedDetector(const char * ip, int port, const std::string *buffcpy, const
if (Utils::ustrstr(buffcpy, "dvr_remember") != -1 if (Utils::ustrstr(buffcpy, "dvr_remember") != -1
&& Utils::ustrstr(buffcpy, "login_chk_usr_pwd") != -1 && Utils::ustrstr(buffcpy, "login_chk_usr_pwd") != -1
) return 57; //Network video client (http://203.190.113.54:60001/) ) return 57; //Network video client (http://203.190.113.54:60001/)
if (Utils::ustrstr(buffcpy, "QlikView") != -1) return 58; //QLikView (http://203.96.113.183/qlikview/login.htm)
//if (Utils::ustrstr(buffcpy, "ShareCenter") != -1) return 58; //ShareCenter (http://49.50.207.6/) //if (Utils::ustrstr(buffcpy, "ShareCenter") != -1) return 58; //ShareCenter (http://49.50.207.6/)
if (Utils::ustrstr(buffcpy, "nas - ") != -1 if (Utils::ustrstr(buffcpy, "nas - ") != -1
@ -2724,22 +2726,33 @@ bool jsRedirectHandler(std::string *buff, char* ip, int port, Lexems *counter) {
std::string subLocation = subRedirect.substr(quotePosFirst + 1, quotePosSecond - quotePosFirst - 1); std::string subLocation = subRedirect.substr(quotePosFirst + 1, quotePosSecond - quotePosFirst - 1);
std::string location = ""; std::string location = "";
if (-1 != STRSTR((const std::string *) &buffcpy, "http")) { if (-1 != STRSTR((const std::string *) &buffcpy, "http")) {
if (-1 != STRSTR((const std::string *) &buffcpy, "https")) { // /*if (-1 != STRSTR((const std::string *) &buffcpy, "https")) {
location += "https://"; // location += "https://";
} // }
else if (-1 != STRSTR((const std::string *) &buffcpy, "http")) { // else if (-1 != STRSTR((const std::string *) &buffcpy, "http")) {
location += "http://"; // location += "http://";
} // }
//*/
// int quotePosSecond2 = subLocation.find_first_of(";\n", quotePosFirst + 1);
// std::string redirectLine = subLocation.substr(quotePosFirst + 1, quotePosSecond2 - (quotePosFirst + 1));
// int posFinalAddition = redirectLine.find_last_of("+");
// std::string finalAddition = redirectLine.substr(posFinalAddition + 1);
// int pos1 = finalAddition.find_first_of("'\"");
// int pos2 = finalAddition.find_first_of("'\"", pos1 + 1);
//
// std::string path = finalAddition.substr(pos1 + 1, pos2 - (pos1 + 1));
//location += std::string(ip) + "/" + path;
int quotePosSecond2 = subRedirect.find_first_of(";\n", quotePosFirst + 1); int portDelim = subLocation.find(":", 7);
std::string redirectLine = subRedirect.substr(quotePosFirst + 1, quotePosSecond2 - (quotePosFirst + 1)); if (-1 != portDelim) {
int posFinalAddition = redirectLine.find_last_of("+"); std::string portString = subLocation.substr(portDelim + 1);
std::string finalAddition = redirectLine.substr(posFinalAddition + 1); int trimPos = portString.find("/");
int pos1 = finalAddition.find_first_of("'\""); if (-1 != trimPos) {
int pos2 = finalAddition.find_first_of("'\"", pos1 + 1); portString = portString.substr(0, trimPos);
}
std::string path = finalAddition.substr(pos1 + 1, pos2 - (pos1 + 1)); port = std::stoi(portString);
location += std::string(ip) + "/" + path; }
location = subLocation;
} }
else { else {
location = std::string(ip) + (subLocation[0] == '/' ? "" : "/") + subLocation; location = std::string(ip) + (subLocation[0] == '/' ? "" : "/") + subLocation;
@ -3133,6 +3146,10 @@ void parseFlag(int flag, char* ip, int port, int size, const std::string &header
{ {
_specWEBIPCAMBrute(ip, port, "[JUAN] WEB IP Camera", flag, "WEB Authorization", cp, size, "JUAN"); _specWEBIPCAMBrute(ip, port, "[JUAN] WEB IP Camera", flag, "WEB Authorization", cp, size, "JUAN");
} }
else if (flag == 58) //QLikView
{
_specBrute(ip, port, "[QLikView] IP Camera", flag, "/QvAJAXZfc/Authenticate.aspx?_=1453661324640", "Basic Authorization", cp, size);
}
else if (flag == 20) //AXIS Camera else if (flag == 20) //AXIS Camera
{ {
if (_specBrute(ip, port, "AXIS Camera", flag, "/mjpg/video.mjpg", "Basic Authorization", cp, size) == -1) { if (_specBrute(ip, port, "AXIS Camera", flag, "/mjpg/video.mjpg", "Basic Authorization", cp, size) == -1) {

View File

@ -1 +1 @@
2716B-2E6 2716B-167