Ejemplo n.º 1
0
static int
do_test (void)
{
  tryme ();

  /* Test that growing the stack region gets new executable pages too.  */
  deeper (&tryme);

  return 0;
}
Ejemplo n.º 2
0
Archivo: R.cpp Proyecto: Marneus68/rog
 void Rgame::resolveTurn(int move_x, int move_y)
 {
     if (mapSpr.GetPixel(hero.x+move_x, hero.y+move_y) == color::exit)
         deeper();
         
     if (mapSpr.GetPixel(hero.x+move_x, hero.y+move_y) != Color::Black)
     {
         hero.x+=move_x;
         hero.y+=move_y;
     }
     
     moveEnemy();
 }
Ejemplo n.º 3
0
 int deep      ( int x ) { return deeper(x + 4); }
Ejemplo n.º 4
0
int main(int argc, char *argv[]) {
  unsigned char *ptr, *ptr2, *dest, range_start = 0;;
  int i, j, k, ok;

  setvbuf(stdout, NULL, _IONBF, 0);
  setvbuf(stderr, NULL, _IONBF, 0);
  prg = argv[0];

  if (argc < 3) {
    printf("%s %s (c) 2013 by %s %s\n\n", prg, VERSION, AUTHOR, RESOURCE);
    printf("Syntax: %s dns-server ipv6address\n\n", argv[0]);
    printf("Performs a fast reverse DNS enumeration and is able to cope with slow servers.\n");
    printf("Examples:\n");
    printf("  %s dns.test.com 2001:db8:42a8::/48\n", argv[0]);
    printf("  %s dns.test.com 8.a.2.4.8.b.d.0.1.0.0.2.ip6.arpa\n", argv[0]);
    exit(0);
  }
 
  if (getenv("THC_IPV6_PPPOE") != NULL || getenv("THC_IPV6_6IN4") != NULL) printf("WARNING: %s is not working with injection!\n", argv[0]);

  if (strcmp(argv[1], "-d") == 0) {
    debug = 1;
    argv++;
    argc--;
  }
  
  dst = argv[1];
  ptr = argv[2];
  
  srand(time(NULL) + getpid());
  memset(range, 0, sizeof(range));
  memset(buf, 0, sizeof(buf));
  memset(buf_start, 0, sizeof(buf_start));
  memset(buf_end, 0, sizeof(buf_end));
  
  ok = 1;
  if ((*ptr != '.') && (index((char*)(uintptr_t)ptr, '.') != NULL) && ((ptr2 = (unsigned char*)(uintptr_t)strcasestr((char*)(uintptr_t)ptr, ".ip6.arpa")) != NULL)) {
    *ptr2 = 0;
    for (i = strlen(ptr) - 1; i >= 0 && ok == 1; i--) {
      if ((ptr[i] >= 'A' && ptr[i] <= 'F') || (ptr[i] >= 'a' && ptr[i] <= 'f') || (ptr[i] >= '0' && ptr[i] <= '9')) {
        range[range_start++] = (char) tolower(ptr[i]);
        if (i >= 2) {
          if (ptr[i - 1] != '.')
            ok = 0;
          else
            i--;
        }
      } else
        ok = 0;
    }
    
  } else if (index(ptr, ':') != NULL && (ptr2 = index(ptr, '/')) != NULL) {
    *ptr2++ = 0;
    len = atoi(ptr2);
    if (len % 4 > 0 || len < 4 || len > 124) {
      fprintf(stderr, "Error: invalid prefix length, must be a multiple of 4!\n");
      exit(-1);
    }
    if (len < 48)
      fprintf(stderr, "Warning: prefix length is smaller than 48, usually this does not work.\n");
    if (len % 8 > 0)
      j = (len / 8) + 1;
    else
      j = len / 8;
    if ((dest = thc_resolve6(ptr)) == NULL) {
      fprintf(stderr, "Error: %s gives not a valid IPv6 address\n", ptr);
      exit(-1);
    }
    for (i = 0; i < j; i++) {
      range[i * 2] = tohex(dest[i] / 16);
      range[i * 2 + 1] = tohex(dest[i] % 16);
    }
    range_start = len / 4;
  } else
    ok = 0;
  
  if (ok == 0) {
    fprintf(stderr, "Error: invalid IPv6 address specified: %s\n", argv[2]);
    exit(-1);
  }
  
  memset(buf_start, 0, sizeof(buf_start));
  memset(buf_end, 0, sizeof(buf_end));
  buf_start[2] = 1;
  buf_start[5] = 1;
  memcpy(buf, buf_start, sizeof(buf_start));
  buf[12] = 1;
  buf_end[0] = 3;
  strcpy(buf_end + 1, "ip6");
  buf_end[4] = 4;
  strcpy(buf_end + 5, "arpa");
  buf_end[11] = 0x0c;
  buf_end[13] = 1;
  signal(SIGALRM, ignore);

  printf("Starting DNS reverse enumeration of %s on server %s\n", ptr, dst);

  // first: wildcard check
  ok = 0;
  k = 0;
  sock = dnssocket(dst);

  for (j = 0; j < 5; j++) {
    for (i = range_start; i < 32; i++)
      range[i] = tohex(rand() % 16);
    switch(send_range()) {
      case 0:
        ok++;
      break;
      case -1:
        k++;
      break;
      default:
        i = 0; // ignored
    } 
  }

  if (ok > 2) {
    fprintf(stderr, "Error: Wildcard configured in DNS server, not possible to enumerate!\n");
    return -1;
  }
  if (k == 5) {
    fprintf(stderr, "Error: DNS server %s sent no replies!\n", dst);
    return -1;
  } else if (k > 0)
    waittime += 2;

  // starting the search
  i = deeper(range_start);
  
  printf("Found %d entr%s.\n", found, found == 1 ? "y" : "ies");
  if (found == 0)
    return 1;
  else
    return 0;
}
Ejemplo n.º 5
0
int deeper(int depth) {
  unsigned char r[16], *ptr2;
  int i, j, ok = 0, rs = 0, len, clen, nlen;
  
  if (depth > 31)
    return -1;
  memset(r, 0, sizeof(r));
  
  // generate base packet
  cnt++;
  buf[1] = cnt;
  for (i = 0; i < depth; i++) {
    buf[sizeof(buf_start) + 2 + i * 2] = 1;
    buf[sizeof(buf_start) + 2 + i * 2 + 1] = range[depth - i - 1];
  }
  memcpy(buf + sizeof(buf_start) + 2 + depth * 2, buf_end, sizeof(buf_end));
  buf_len = sizeof(buf_start) + 2 + depth * 2 + sizeof(buf_end);
  
  // loop to finish generation and send
redo:
  for (i = 0; i < 16; i++) {
    if (r[i] == 0) {
      buf[0] = i;
      buf[13] = tohex(i);

      if (send(sock, buf, buf_len, 0) < 0) {
        fprintf(stderr, "Error: can not send to network!\n");
        exit(-1);
      } else
        usleep(5);
    }
  }

  //recveive and process replies
  wait = 1;
  alarm(waittime);
  while(ok == 0 && wait == 1) {
    if ((len = recv(sock, buf2, sizeof(buf2), 0)) > 70 && buf2[1] == cnt) {
      i = (buf2[0] & 15);
      if ((buf2[3] & 3) == 0) {
        if (depth == 31) {
          r[i] = 3;
          if (buf2[7] == 1) {
            found++;
            strcpy(name, "Found: ");
            ptr2 = buf2 + 12;
            i = 0;
            while (i < 32 && *ptr2 == 1) {
              if (i % 2 == 0)
                j = tochar(ptr2[1]);
              else
                dst6[15 - i/2] = (tochar(ptr2[1]) * 16) + j;
              ptr2 += 2;
              i++;
            }
            strcat(name, thc_ipv62notation(dst6));
            strcat(name, " is ");
            ptr2 = buf2 + 102;
            while (*ptr2 != 0 && ptr2 + *ptr2 + 1 <= buf2 + len) {
              clen = *ptr2;
              nlen = *(ptr2 + clen + 1);
              *(ptr2 + clen + 1) = 0;
              strcat(name, ptr2 + 1);
              strcat(name, ".");
              *(ptr2 + *ptr2 + 1) = nlen;
              ptr2 += clen + 1;
            }
            if (debug) {
              strcat(name, " is ");
              ptr2 = buf2 + 12;
              while (*ptr2 != 0 && ptr2 + *ptr2 + 1 <= buf2 + len) {
                clen = *ptr2;
                nlen = *(ptr2 + clen + 1);
                *(ptr2 + clen + 1) = 0;
                strcat(name, ptr2 + 1);
                strcat(name, ".");
                *(ptr2 + *ptr2 + 1) = nlen;
                ptr2 += clen + 1;
              }
            }
            printf("%s\n", name);
          
          }
        } else
          r[i] = 2;
      } else
        r[i] = 1;
      rs++;
    }
  
    if (rs == 16)
      ok = 1;
  }
  alarm(0);

  if (ok == 1 || rs == 16) { // all packets received
    for (i = 0; i < 16; i++)
      if (r[i] == 2) {
        range[depth] = tohex(i);
        deeper(depth + 1);
      }
  } else { // packet loss / timeout
    if (rs < 16)
      waittime++;
    if (rs < 11)
      waittime++;
    if (rs < 6)
      waittime++;
    if (rs < 2)
      waittime++;
    if ((rs == 0 && (waittime >= WAITTIME_START + 6)) || waittime > 15) {
      fprintf(stderr, "Error: DNS Server %s is not answering or not reliable enough anymore!\n", dst);
      exit(-1);
    }
    fprintf(stderr, "Warning: packet loss, increasing response timeout to %d seconds\n", waittime);
    goto redo;
  }
  
  return rs;
}