Example #1
0
File: ucs.c Project: braincat/uwin
int main(int argc, char** argv)
{
	char*			op;
	char*			s;
	int			n;
	char			name[80];
	char			passwd[PATH_MAX];
	SERVICE_TABLE_ENTRY	table[] = 
	{
		{NULL, (LPSERVICE_MAIN_FUNCTION)csmain},
		{NULL, NULL}
	};
	OSVERSIONINFO		osinfo;

	log_command = "ucs";
	log_level = 1;
	osinfo.dwOSVersionInfoSize = sizeof(osinfo); 
	if (!GetVersionEx(&osinfo) || osinfo.dwPlatformId != VER_PLATFORM_WIN32_NT) 
	{
		logmsg(LOG_STDERR+0, "not supported for this windows release");
		return 1;
	}
	logopen(log_command, 0);
	if ((s = *++argv) && (!_stricmp(s, "--quiet") || !_stricmp(s, "-q") || !_stricmp(s, "quiet")))
	{
		quiet = 1;
		s = *++argv;
	}
	if ((op = s) && _stricmp(op, "start"))
	{
		if (s = *++argv)
		{
			strncpy(name, s, sizeof(name));
			s = *++argv;
		}
		else
		{
			sfprintf(sfstderr, "Enter Account Name: ");
			sfscanf(sfstdin, "%s", name);
		}
		if (!_stricmp(op, "install"))
		{
			if (s && !strcmp(s, "-"))
			{
				passwd[0] = 0;
				if ((n = read(0, passwd, sizeof(passwd))) < 0)
				{
					logerr(LOG_STDERR+0, "read error");
					return 1;
				}
				passwd[n] = 0;
				s = passwd;
			}
			if (!installservice(name, s))
			{
				logerr(LOG_ALL+0, "install %s failed", name);
				return 1;
			}
			logmsg(1, "installed %s", name);
		}
		else if (!_stricmp(op, "delete"))
		{
			if (!deleteservice(name))
			{
				logerr(LOG_ALL+0, "delete %s failed", name);
				return 1;
			}
			logmsg(1, "deleted %s", name);
		}
		else
		{
			logmsg(LOG_STDERR+LOG_USAGE+0, "[ --quiet ] [ start | [ delete | install [ name [ password ] ] ] ]");
			return 2;
		}
	}
	else
	{
		getservname();
		table[0].lpServiceName = servname;
		if (!StartServiceCtrlDispatcher(table))
			eventlog("StartServiceCtrlDispatcher failed");
	}
	logclose();
	return 0;
}
Example #2
0
File: ucs.c Project: braincat/uwin
void WINAPI csmain(DWORD argc, LPTSTR *argv)
{
	HANDLE pipehandle, atok;
	DWORD len;
	UMS_slave_data_t sr;
	SECURITY_ATTRIBUTES sa;
	BOOL (PASCAL *duptok)(HANDLE,DWORD,LPSECURITY_ATTRIBUTES,SECURITY_IMPERSONATION_LEVEL,TOKEN_TYPE,PHANDLE);
	char c;
	HMODULE hp = NULL;

	log_command = "ucs";
	log_level = 1;
	logopen(log_command, 0);
	getservname();
	logmsg(1, "startup %s %s", servname, &ucs_version_id[9]);

	sa.nLength = sizeof(sa);
	sa.lpSecurityDescriptor = 0;
	sa.bInheritHandle = FALSE;

	statushandle = RegisterServiceCtrlHandler(TEXT(servname), csctrl);

	if (statushandle == (SERVICE_STATUS_HANDLE)0)
	{
		eventlog("RegisterServiceCtrlHandler failed");
		return;
	}
	status.dwServiceType = SERVICE_WIN32_OWN_PROCESS;
	status.dwServiceSpecificExitCode = 0;

	scmstatus(SERVICE_RUNNING, NO_ERROR, 0);

	if (Check_UMS_Running())
	{
		if (WaitNamedPipe(UWIN_PIPE_TOKEN, MAX_WAIT_TIME))
		{
			pipehandle = CreateFile(UWIN_PIPE_TOKEN, GENERIC_WRITE, 0, NULL, OPEN_EXISTING, 0, NULL);
			if (pipehandle != INVALID_HANDLE_VALUE)
			{
				sr.pid = GetCurrentProcessId();
				if(OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_DEFAULT|TOKEN_ADJUST_GROUPS|TOKEN_ADJUST_PRIVILEGES|TOKEN_EXECUTE|TOKEN_QUERY|TOKEN_IMPERSONATE|TOKEN_DUPLICATE|TOKEN_READ|TOKEN_WRITE|TOKEN_QUERY_SOURCE, &atok))
				{
					if(!(duptok = (BOOL (PASCAL*)(HANDLE,DWORD,SECURITY_ATTRIBUTES*,SECURITY_IMPERSONATION_LEVEL,TOKEN_TYPE,HANDLE*))getapi_addr("advapi32.dll","DuplicateTokenEx",&hp)))
						error(1, "DuplicateTokenEx function not found");
					else
					{
						if(duptok && (*duptok)(atok, MAXIMUM_ALLOWED, &sa, SecurityAnonymous, TokenPrimary, &sr.atok))
						{
							if (WriteFile(pipehandle, &sr, sizeof(sr), &len, NULL))
							{
								FlushFileBuffers(pipehandle);
								ReadFile(pipehandle,&c,sizeof(char),&len,NULL);
								Sleep(10);
							}
							else
								error(1, "WriteFile failed on TOKEN PIPE");
						}
						else
							error(1, "DuplicateTokenEx failed");
						CloseHandle(atok);
					}
				}
				else
				{
					GetUserName(buffer,&siz);
					error(1, "Unable to open my own process token");
				}
				CloseHandle(pipehandle);
			}
			else
				error(1, "Unable to connect to token pipe");
		}
		else
			error(1, "WaitNamedPipe failed");
	}
	else
		error(1, "UWIN Master service is not running");
	if (hp)
		FreeLibrary(hp);
	logclose();
	scmstatus(SERVICE_STOPPED, NO_ERROR, 0);
}
static void do_report() {
	union {
		void *ptr;
		ip_report_t *r;
	} r_u;
	struct in_addr ia;

	fifo_order(rfifo, &compare_ip_report_port, 1); /* JZ */
	fifo_order(rfifo, &compare_ip_report_addr, 1); /* JZ */

	while ((r_u.ptr=fifo_pop(rfifo)) != NULL) {
		char *extra=NULL;

		push_report_modules((const void *)r_u.ptr); /* ADD to it */
		push_output_modules((const void *)r_u.ptr); /* display it somehow */

		extra=get_report_extra(r_u.r);

		if (port_open(r_u.r->proto, r_u.r->type, r_u.r->subtype)) {
			ia.s_addr=r_u.r->host_addr;
			if (extra != NULL) {
				MSG(M_OUT, "Open     \t%16s[%5d]\t\tFrom %s\tttl %d %s", getservname(r_u.r->sport), r_u.r->sport, inet_ntoa(ia), r_u.r->ttl, extra);
			}
			else {
				MSG(M_OUT, "Open     \t%16s[%5d]\t\tFrom %s\tttl %d", getservname(r_u.r->sport), r_u.r->sport, inet_ntoa(ia), r_u.r->ttl);
			}
		}
		else if (port_closed(r_u.r->proto, r_u.r->type, r_u.r->subtype)) {
			struct in_addr ia2;
			char tmp[32];

			memset(&ia2, 0, sizeof(ia2));
			ia2.s_addr=r_u.r->trace_addr;

			ia.s_addr=r_u.r->host_addr;
			snprintf(tmp, sizeof(tmp) -1, "%s", inet_ntoa(ia));

			if (r_u.r->trace_addr != r_u.r->host_addr) {
				/* treason uncloaked */

				if (extra != NULL) {
					MSG(M_OUT, "Closed   \t%16s[%5d]\t\tTo   %s\tttl %d From %s %s", getservname(r_u.r->sport), r_u.r->sport, tmp, r_u.r->ttl, inet_ntoa(ia2), extra);
				}
				else {
					MSG(M_OUT, "Closed   \t%16s[%5d]\t\tTo   %s\tttl %d From %s", getservname(r_u.r->sport), r_u.r->sport, tmp, r_u.r->ttl, inet_ntoa(ia2));
				}
			}
			else {
				if (extra != NULL) {
					MSG(M_OUT, "Closed   \t%16s[%5d]\t\tFrom %s\tttl %d %s", getservname(r_u.r->sport), r_u.r->sport, tmp, r_u.r->ttl, extra);
				}
				else {
					MSG(M_OUT, "Closed   \t%16s[%5d]\t\tFrom %s\tttl %d", getservname(r_u.r->sport), r_u.r->sport, tmp, r_u.r->ttl);
				}
			}
		} /* end PORT CLOSED */
		else {
			struct in_addr ia2;
			char tmp[32];

			memset(&ia2, 0, sizeof(ia2));
			ia2.s_addr=r_u.r->trace_addr;

			ia.s_addr=r_u.r->host_addr;
			snprintf(tmp, sizeof(tmp) -1, "%s", inet_ntoa(ia));

			if (r_u.r->trace_addr != r_u.r->host_addr) {
				/* treason uncloaked */

				if (r_u.r->proto == IPPROTO_ICMP) {
					if (extra != NULL) {
						MSG(M_OUT, "T%.02dC%.02d   \t%16s[%5d]\t\tTo   %s\tttl %d From %s %s", r_u.r->type, r_u.r->subtype, getservname(r_u.r->sport), r_u.r->sport, tmp, r_u.r->ttl, inet_ntoa(ia2), extra);
					}
					else {
						MSG(M_OUT, "T%.02dC%.02d   \t%16s[%5d]\t\tTo   %s\tttl %d From %s", r_u.r->type, r_u.r->subtype, getservname(r_u.r->sport), r_u.r->sport, tmp, r_u.r->ttl, inet_ntoa(ia2));
					}
				}
				else if (r_u.r->proto == IPPROTO_TCP) {
					char tcpflags[16];

					str_tcpflags(tcpflags, r_u.r->type);
					if (extra != NULL) {
						MSG(M_OUT, "TCP%s\t%16s[%5d]\t\tTo   %s\tttl %d From %s %s", tcpflags, getservname(r_u.r->sport), r_u.r->sport, tmp, r_u.r->ttl, inet_ntoa(ia2), extra);
					}
					else {
						MSG(M_OUT, "TCP%s\t%16s[%5d]\t\tTo   %s\tttl %d From %s", tcpflags, getservname(r_u.r->sport), r_u.r->sport, tmp, r_u.r->ttl, inet_ntoa(ia2));
					}
				}
				else if (r_u.r->proto == IPPROTO_UDP) {
					PANIC("now this is silly [1]");
				}
				else {
					PANIC("now this is silly [2]");
				}
			}
			else {
				if (r_u.r->proto == IPPROTO_ICMP) {
					if (extra != NULL) {
						MSG(M_OUT, "T%.02dC%.02d   \t%16s[%5d]\t\tTo   %s\tttl %d %s", r_u.r->type, r_u.r->subtype, getservname(r_u.r->sport), r_u.r->sport, tmp, r_u.r->ttl, extra);
					}
					else {
						MSG(M_OUT, "T%.02dC%.02d   \t%16s[%5d]\t\tTo   %s\tttl %d", r_u.r->type, r_u.r->subtype, getservname(r_u.r->sport), r_u.r->sport, tmp, r_u.r->ttl);
					}
				}
				else if (r_u.r->proto == IPPROTO_TCP) {
					char tcpflags[16];

					str_tcpflags(tcpflags, r_u.r->type);
					if (extra != NULL) {
						MSG(M_OUT, "TCP%s\t%16s[%5d]\t\tTo   %s\tttl %d %s", tcpflags, getservname(r_u.r->sport), r_u.r->sport, tmp, r_u.r->ttl, extra);
					}
					else {
						MSG(M_OUT, "TCP%s\t%16s[%5d]\t\tTo   %s\tttl %d", tcpflags, getservname(r_u.r->sport), r_u.r->sport, tmp, r_u.r->ttl);
					}
				}
				else if (r_u.r->proto == IPPROTO_UDP) {
					PANIC("now this is silly [3]");
				}
				else {
					PANIC("now this is silly [4]");
				}
			}
		} /* end Not port OPEN or CLOSED */
		fifo_destroy(r_u.r->od_q);
		xfree(r_u.ptr);
	}

	fifo_destroy(rfifo);

	return;
}