int LoadConfig(HTTPCSTR UserFile, HTTPCSTR PasswordFile, PCONFIG config) {
char line[100];
HTTPCSTR filename = UserFile;
if (!filename)
filename = PasswordFile;
FILE *dataFile = _tfopen(filename, _T("r"));
if (dataFile) {
if (dataFile) {
while (!feof(dataFile)) {
memset(line, '\0', sizeof(line));
if (ReadAndSanitizeInput(dataFile, line, sizeof(line) - 1) &&
(strlen(line) > 1)) {
#ifdef _UNICODE
HTTPCHAR* lpoutputW = (HTTPCHAR*)malloc(strlen(line) + 1);
MultiByteToWideChar(CP_UTF8, 0, line, strlen(line),
lpoutputW, strlen(line) + 1);
lpoutputW[strlen(line) - 1] = 0;
if (UserFile)
AddUser(lpoutputW, config);
else
AddPassword(lpoutputW, config);
free(lpoutputW);
#else
if ((UserFile) && (PasswordFile)) {
HTTPCHAR *p = _tcstok(line, _T(":"));
if (p) {
AddUser(p, config);
p = _tcstok(NULL, _T(":"));
if (p) {
AddPassword(p, config);
}
else {
AddPassword(_T(""), config);
}
}
}
else {
if (UserFile)
AddUser(line, config);
else
AddPassword(line, config);
}
#endif
}
}
fclose(dataFile);
}
}
return (1);
}
void
TrackingConfigPanel::Prepare(ContainerWindow &parent, const PixelRect &rc)
{
const TrackingSettings &settings =
CommonInterface::GetComputerSettings().tracking;
RowFormWidget::Prepare(parent, rc);
#ifdef HAVE_SKYLINES_TRACKING
AddBoolean(_T("SkyLines"), NULL, settings.skylines.enabled, this);
AddTime(_("Tracking Interval"), NULL, 5, 1200, 5,
settings.skylines.interval);
#ifdef HAVE_SKYLINES_TRACKING_HANDLER
AddBoolean(_("Track friends"),
_("Download the position of your friends live from the SkyLines server."),
settings.skylines.traffic_enabled, this);
#endif
StaticString<64> buffer;
if (settings.skylines.key != 0)
buffer.UnsafeFormat(_T("%llX"), (unsigned long long)settings.skylines.key);
else
buffer.clear();
AddText(_T("Key"), NULL, buffer);
#endif
#if defined(HAVE_SKYLINES_TRACKING) && defined(HAVE_LIVETRACK24)
AddSpacer();
#endif
#ifdef HAVE_LIVETRACK24
AddBoolean(_T("LiveTrack24"), _T(""), settings.livetrack24.enabled, this);
AddTime(_("Tracking Interval"), _T(""), 5, 3600, 5, settings.interval);
AddEnum(_("Vehicle Type"), _("Type of vehicle used."), vehicle_type_list,
(unsigned) settings.vehicleType);
WndProperty *edit = AddEnum(_("Server"), _T(""), server_list, 0);
((DataFieldEnum *)edit->GetDataField())->Set(settings.livetrack24.server);
edit->RefreshDisplay();
AddText(_("Username"), _T(""), settings.livetrack24.username);
AddPassword(_("Password"), _T(""), settings.livetrack24.password);
#endif
#ifdef HAVE_SKYLINES_TRACKING
SetSkyLinesEnabled(settings.skylines.enabled);
#endif
#ifdef HAVE_LIVETRACK24
SetEnabled(settings.livetrack24.enabled);
#endif
}
int main(int argc, char *argv[])
{
FILE *usersFilePtr = NULL, *tempUsersFilePtr = NULL, *passFilePtr = NULL, *groupsFilePtr = NULL;
//char line[MAX_STRING_LEN + 1];
char line[MAX_LINE_LEN];
char lineFromFile[MAX_LINE_LEN];
char usernameFromFile[MAX_STRING_LEN + 1];
char realmFromFile[MAX_STRING_LEN + 1];
int found;
int result;
static char choice[81];
int doCreateNewFile = 0;
int doDeleteUser = 0;
int addUserToGroup = 0;
int deleteUserFromGroup = 0;
int createGroup = 0;
int deleteGroup = 0;
int confirmPotentialDamage = 1;
char* qtusersFilePath = NULL;
char* qtgroupsFilePath = NULL;
char* userName = NULL;
char* groupName = NULL;
char* realmString = NULL;
char* password = NULL;
char* passwordFilePath = NULL;
int ch;
extern char* optarg;
extern int optind;
/* Read command line arguments */
while ((ch = getopt(argc, argv, "f:cg:r:p:P:A:D:C:R:dFhv?")) != EOF)
{
switch(ch)
{
case 'f':
qtusersFilePath = CopyString(optarg);
break;
case 'c':
doCreateNewFile = 1;
break;
case 'g':
qtgroupsFilePath = CopyString(optarg);
break;
case 'r':
realmString = CopyString(optarg);
if (::strlen(realmString) > MAX_STRING_LEN)
{
qtss_fprintf(stderr, "Realm cannot have more than %d characters.\n", MAX_STRING_LEN);
qtss_printf("Exiting! \n");
exit(1);
}
break;
case 'p':
password = CopyString(optarg);
::memset(optarg, 0, ::strlen(optarg));
if (::strlen(password) > MAX_PASSWORD_LEN)
{
qtss_fprintf(stderr, "Password cannot have more than %d characters.\n", MAX_PASSWORD_LEN);
qtss_printf("Exiting! \n");
exit(1);
}
break;
case 'P':
passwordFilePath = CopyString(optarg);
break;
case 'A':
groupName = CopyString(optarg);
addUserToGroup = 1;
break;
case 'D':
groupName = CopyString(optarg);
deleteUserFromGroup = 1;
break;
case 'C':
groupName = CopyString(optarg);
createGroup = 1;
break;
case 'R':
groupName = CopyString(optarg);
deleteGroup = 1;
break;
case 'd':
doDeleteUser = 1;
break;
case 'F':
confirmPotentialDamage = 0;
break;
case 'h':
case 'v':
case '?':
default:
usage();
break;
}
}
/* If password is to be read from a file, check validity of the password */
if ((password == NULL) && (passwordFilePath != NULL))
{
if ((passFilePtr = fopen(passwordFilePath, "r")) != NULL )
{
char passline[MAX_STRING_LEN];
char passFromFile[MAX_STRING_LEN];
int passLen = 0;
::memset(passline, 0, MAX_STRING_LEN);
::memset(passFromFile, 0, MAX_STRING_LEN);
GetLine(passline, MAX_STRING_LEN, passFilePtr);
if (passline[0] == '\'') // if it is single quoted, read until the end single quote
GetWord(passFromFile, (passline + 1), '\'');
else if (passline[0] == '"') // if it is double quoted, read until the end double quote
GetWord(passFromFile, (passline + 1), '"');
else // if it is not quoted, read until the first whitespace
GetWord(passFromFile, passline, ' ');
passLen = ::strlen(passFromFile);
if (passLen == 0)
{
qtss_fprintf(stderr, "Password in file %s is blank.\n", passwordFilePath);
qtss_printf("Exiting! \n");
exit(1);
}
else if (passLen > MAX_PASSWORD_LEN)
{
qtss_fprintf(stderr, "Password in file %s has more than %d characters. Cannot accept password.\n", passwordFilePath, MAX_PASSWORD_LEN);
qtss_printf("Exiting! \n");
exit(1);
}
else
password = CopyString(passFromFile);
fclose(passFilePtr);
}
}
/* deleting a user and (creating a file or setting a password) don't make sense together */
if ( doDeleteUser && (doCreateNewFile || password != NULL) )
{
qtss_fprintf(stderr, "Cannot use the -c option (to create the file) with the -d option (to delete the user).\n");
qtss_printf("Exiting! \n");
usage();
}
/* realm name only makes sense when creating a new password file */
if ( !doCreateNewFile && (realmString != NULL) )
{
qtss_fprintf(stderr, "Can use the -r option only with the -c option (when creating the file).\n");
qtss_printf("Exiting! \n");
usage();
}
/* group name checks */
if (groupName != NULL)
{
/* check length < MAX_STRING_LEN */
if (::strlen(groupName) > MAX_STRING_LEN)
{
qtss_fprintf(stderr, "Group name cannot have more than %d characters.\n", MAX_STRING_LEN);
qtss_printf("Exiting! \n");
exit(1);
}
/* check for : */
if (strchr(groupName, ':') != NULL)
{
qtss_printf("Group name cannot contain a ':' character.\n");
qtss_printf("Exiting! \n");
exit(1);
}
/* can't add user to group and delete user from a group at the same time */
if (addUserToGroup && deleteUserFromGroup)
{
qtss_printf("Cannot add to or delete from a group at the same time (use either -A or -D option, not both!).\n");
qtss_printf("Exiting! \n");
exit(1);
}
/* can't create and delete group at the same time */
if (createGroup && deleteGroup)
{
qtss_printf("Cannot create new group and delete group at the same time (use either -C or -R option, not both!).\n");
qtss_printf("Exiting! \n");
exit(1);
}
}
/* Read in the username */
if (argv[optind] != NULL)
{
/* If group needs to be created or deleted, username will be ignored. */
if (createGroup || deleteGroup)
{
qtss_fprintf(stderr, "Warning: username cannot be specified with -C or -R option and will be ignored!\n");
}
else
{
userName = CopyString(argv[optind]);
/* check length < MAX_STRING_LEN */
if (::strlen(userName) > MAX_STRING_LEN)
{
qtss_fprintf(stderr, "Username cannot have more than %d characters.\n", MAX_STRING_LEN);
qtss_printf("Exiting! \n");
exit(1);
}
}
}
else
{
/* Exit if username is not given, unless a group has to be created or deleted. */
if (!createGroup && !deleteGroup)
{
qtss_fprintf(stderr, "Username not given!\n");
qtss_printf("Exiting! \n");
usage();
}
}
if (confirmPotentialDamage && doDeleteUser)
{
qtss_printf("Delete user %s (will also delete user from groups in the groups file)? y or n [y] ", userName);
fgets( (char*)&choice, 80, stdin);
if( choice[0] == 'n' || choice[0] == 'N' )
exit(0);
}
if (qtusersFilePath == NULL)
{
qtusersFilePath = new char[strlen(kDefaultQTPasswdFilePath)+1];
strcpy(qtusersFilePath, kDefaultQTPasswdFilePath);
}
if (qtgroupsFilePath == NULL)
{
qtgroupsFilePath = new char[strlen(kDefaultQTGroupsFilePath)+1];
strcpy(qtgroupsFilePath, kDefaultQTGroupsFilePath);
}
if (realmString == NULL)
{
char* kDefaultRealmString = "Streaming Server";
realmString = new char[strlen(kDefaultRealmString)+1];
strcpy(realmString, kDefaultRealmString);
}
tempUsersFile = NULL;
tempGroupsFile = NULL;
#ifndef __Win32__
signal(SIGINT, (void(*)(int))CleanupAndExit);
//create file with owner RW permissions only
umask(S_IRWXO|S_IRWXG);
#endif
if (doCreateNewFile)
{
if (confirmPotentialDamage)
if( (usersFilePtr = fopen(qtusersFilePath, "r")) != NULL )
{
fclose(usersFilePtr);
qtss_printf("File already exists. Do you wish to overwrite it? y or n [y] ");
fgets( (char*)&choice, 80, stdin);
if( choice[0] == 'n' || choice[0] == 'N' )
CleanupAndExit();
}
//create new file or truncate existing one to 0
if ( (usersFilePtr = fopen(qtusersFilePath, "w")) == NULL)
{
char buffer[kErrorStrSize];
qtss_fprintf(stderr, "Could not open password file %s for writing. (err=%d %s)\n", qtusersFilePath, errno, qtss_strerror(errno, buffer, sizeof(buffer)));
perror("fopen");
CleanupAndExit();
}
qtss_printf("Creating password file for realm %s.\n", realmString);
//write the realm into the file
qtss_fprintf(usersFilePtr, "realm %s\n", realmString);
fclose(usersFilePtr);
SetPrivileges(qtusersFilePath);
}
#ifdef __Win32__
char separator = '\\';
#else
char separator = '/';
#endif
char* tmpFile = "tmp.XXXXXX";
char* alternateTempPath = "./tmp.XXXXXX";
char* tempFilePath;
int tempFilePathLength = 0;
char* lastOccurOfSeparator = strrchr(qtusersFilePath, separator);
int pathLength = strlen(qtusersFilePath);
if(lastOccurOfSeparator != NULL)
{
int filenameLength = ::strlen(lastOccurOfSeparator) + sizeof(char);
tempFilePathLength = pathLength - filenameLength + sizeof(char) + ::strlen(tmpFile);
tempFilePath = new char[tempFilePathLength];
memcpy(tempFilePath, qtusersFilePath, (pathLength - filenameLength));
memcpy(tempFilePath + (pathLength - filenameLength), tmpFile, ::strlen(tmpFile));
tempFilePath[pathLength - filenameLength + ::strlen(tmpFile)] = '\0';
/* Get temp users file path name */
if (!createGroup && !deleteGroup)
tempUsersFile = GetTempFileAtPath(tempFilePath, tempFilePathLength);
/* Get temp groups file path name */
if ((groupName != NULL) || doDeleteUser)
tempGroupsFile = GetTempFileAtPath(tempFilePath, tempFilePathLength);
delete [] tempFilePath;
}
else
{
if (!createGroup && !deleteGroup)
tempUsersFile = GetTempFileAtPath(alternateTempPath, ::strlen(alternateTempPath));
if ((groupName != NULL) || doDeleteUser)
tempGroupsFile = GetTempFileAtPath(alternateTempPath, ::strlen(alternateTempPath));
}
if ((groupName != NULL) && !(groupsFilePtr = fopen(qtgroupsFilePath, "r")))
{
char buffer[kErrorStrSize];
qtss_fprintf(stderr, "Could not open groups file %s to manipulate groups file. (err=%d:%s)\n", qtgroupsFilePath, errno, qtss_strerror(errno, buffer, sizeof(buffer)));
//create new file
if ( (groupsFilePtr = fopen(qtgroupsFilePath, "w")) == NULL)
{
char buffer[kErrorStrSize];
qtss_fprintf(stderr, "Could not create a new groups file %s either. (err=%d %s)\n", qtgroupsFilePath, errno, qtss_strerror(errno, buffer, sizeof(buffer)));
CleanupAndExit();
}
else
qtss_printf("Created new groups file %s.\n", qtgroupsFilePath);
fclose(groupsFilePtr);
SetPrivileges(qtgroupsFilePath);
}
if (createGroup)
{
AddOrDeleteGroup(1, groupName, qtgroupsFilePath, tempGroupsFile);
qtss_printf("Created new group %s\n", groupName);
return 0;
}
if (deleteGroup)
{
AddOrDeleteGroup(0, groupName, qtgroupsFilePath, tempGroupsFile);
qtss_printf("Deleted group %s\n", groupName);
return 0;
}
if (!(tempUsersFilePtr = fopen(tempUsersFile, "w")))
{
char buffer[kErrorStrSize];
qtss_printf("failed\n");
qtss_fprintf(stderr, "Could not open temp users file. (err=%d %s)\n", errno, qtss_strerror(errno, buffer, sizeof(buffer)));
CleanupAndExit();
}
if (!(usersFilePtr = fopen(qtusersFilePath, "r")))
{
char buffer[kErrorStrSize];
qtss_fprintf(stderr, "Could not open passwd file %s for reading. (err=%d:%s)\n", qtusersFilePath, errno, qtss_strerror(errno, buffer, sizeof(buffer)));
qtss_fprintf(stderr, "Use -c option to create new one.\n");
CleanupAndExit();
}
// Get the realm from the first line
while (!(GetLine(line, MAX_LINE_LEN, usersFilePtr)))
{
if ((line[0] == '#') || (!line[0]))
{
PutLine(tempUsersFilePtr, line);
continue;
}
else
{
// line is "realm somename"
if( strncmp(line, "realm", strlen("realm")) != 0 )
{
qtss_fprintf(stderr, "Invalid users file.\n");
qtss_fprintf(stderr, "The first non-comment non-blank line must be the realm line\n");
qtss_fprintf(stderr, "The file may have been tampered manually!\n");
CleanupAndExit();
}
strcpy(realmFromFile ,line + strlen("realm")+1);
PutLine(tempUsersFilePtr, line);
break;
}
}
// Look for an existing entry with the username
found = 0;
while (!(GetLine(line, MAX_LINE_LEN, usersFilePtr)))
{
//write comments and blank lines out to temp file
if (found || (line[0] == '#') || (line[0] == 0))
{
PutLine(tempUsersFilePtr, line);
continue;
}
strcpy(lineFromFile, line);
GetWord(usernameFromFile, lineFromFile, ':');
//if not the user we're looking for, write the line out to the temp file
if (strcmp(userName, usernameFromFile) != 0)
{
PutLine(tempUsersFilePtr, line);
continue;
}
else
{
if (doDeleteUser)
{ //to delete a user - just don't write it out to the temp file
qtss_printf("Deleting user %s\n", userName);
//delete user from all groups in the group file
qtss_printf("Deleting user %s from all groups\n", userName);
AddOrDeleteUserFromGroup(0, userName, NULL, qtgroupsFilePath, tempGroupsFile);
}
else
{
if (addUserToGroup)
{
PutLine(tempUsersFilePtr, line);
qtss_printf("Adding user %s to group %s\n", userName, groupName);
AddOrDeleteUserFromGroup(1, userName, groupName, qtgroupsFilePath, tempGroupsFile);
}
else if (deleteUserFromGroup)
{
PutLine(tempUsersFilePtr, line);
qtss_printf("Deleting user %s from group %s\n", userName, groupName);
AddOrDeleteUserFromGroup(0, userName, groupName, qtgroupsFilePath, tempGroupsFile);
}
else
{
qtss_printf("Changing password for user %s\n", userName);
if(password != NULL)
AddPasswordWithoutPrompt(userName, password, realmFromFile, tempUsersFilePtr);
else
AddPassword(userName, realmFromFile, tempUsersFilePtr);
}
}
found = 1;
}
}
if (!found)
{
if (doDeleteUser)
{
qtss_printf("Username %s not found in users file.\n", userName);
//delete user from all groups in the group file
qtss_printf("Deleting user %s from all groups if found in groups file\n", userName);
AddOrDeleteUserFromGroup(0, userName, NULL, qtgroupsFilePath, tempGroupsFile);
CleanupAndExit();
}
/* check for : in name before adding user */
if(strchr(userName, ':') != NULL)
{
qtss_printf("Username cannot contain a ':' character.");
CleanupAndExit();
}
qtss_printf("Adding userName %s\n", userName);
if(password != NULL)
AddPasswordWithoutPrompt(userName, password, realmFromFile, tempUsersFilePtr);
else
AddPassword(userName, realmFromFile, tempUsersFilePtr);
if (addUserToGroup)
{
qtss_printf("Adding user %s to group %s\n", userName, groupName);
AddOrDeleteUserFromGroup(1, userName, groupName, qtgroupsFilePath, tempGroupsFile);
}
else if (deleteUserFromGroup)
{
qtss_printf("Deleting user %s from group %s\n", userName, groupName);
AddOrDeleteUserFromGroup(0, userName, groupName, qtgroupsFilePath, tempGroupsFile);
}
}
fclose(usersFilePtr);
fclose(tempUsersFilePtr);
// Remove old file and change name of temp file to match new file
remove(qtusersFilePath);
result = rename(tempUsersFile, qtusersFilePath);
if(result != 0)
{
perror("rename failed with error");
CleanupAndExit();
}
SetPrivileges(qtusersFilePath);
return 0;
}
PCONFIG LoadConfigurationFiles(int argc, HTTPCHAR *argv[]) {
if (argc < 2) {
usage();
return (NULL);
}
PCONFIG config = new CONFIG;
// First we lock for threads
for (int i = 1; i < argc; i++) {
if (argv[i][0] == _T('-')) {
if (argv[i][1] == _T('T')) {
config->ThreadNumber = _tstoi(argv[++i]);
break;
}
}
}
config->HTTPHandle =
(HTTPHANDLE*)malloc(config->ThreadNumber*sizeof(HTTPHANDLE));
config->api = (HTTPAPI * *)malloc(config->ThreadNumber*sizeof(void*));
for (int i = 0; i < config->ThreadNumber; i++) {
config->api[i] = new HTTPAPI;
}
for (int i = 1; i < argc; i++) {
if (argv[i][0] == _T('-')) {
switch (argv[i][1]) {
case _T('T'):
i++;
break;
case _T('i'):
if (!config->getInformation) {
config->getInformation = 1;
}
else {
DIE();
}
break;
case _T('g'):
if (argc > i + 1) {
HTTPCHAR proxyhost[512];
HTTPCHAR proxyport[10];
if (_stscanf(argv[++i], _T("http://%[^:]:%s"), proxyhost,
proxyport) == 2) {
_tprintf(_T
("[+] Stablishing Proxy Host Configuration: %s\n"),
proxyhost);
for (int i = 0; i < config->ThreadNumber; i++)
config->api[i]->SetHTTPConfig(GLOBAL_HTTP_CONFIG,
ConfigProxyHost, proxyhost);
_tprintf(_T
("[+] Stablishing Proxy Port Configuration: %s\n"),
proxyport);
for (int i = 0; i < config->ThreadNumber; i++)
config->api[i]->SetHTTPConfig(GLOBAL_HTTP_CONFIG,
ConfigProxyPort, proxyport);
}
else {
_tprintf(_T(" [-] Invalid proxy parameter %s\n"),
argv[i]);
_tprintf(_T(" [-] Should be http://host:port\n"));
DIE();
}
}
else {
DIE();
}
break;
case _T('u'):
if (!config->resource->port) {
ParseUrl(argv[++i], config->resource);
}
else {
DIE();
}
break;
case _T('c'):
if (argc > i + 1) {
_tcscpy(config->CustomCookie, argv[++i]);
}
else {
DIE();
}
break;
case _T('C'):
for (int threads = 0; threads < config->ThreadNumber; threads++)
config->api[threads]->SetHTTPConfig(GLOBAL_HTTP_CONFIG,
ConfigCookieHandling, 1);
break;
case _T('r'):
config->ResumeIndex = _tstoi(argv[i + 1]);
i++;
break;
case _T('R'):
for (int threads = 0; threads < config->ThreadNumber; threads++)
config->api[threads]->SetHTTPConfig(GLOBAL_HTTP_CONFIG,
ConfigAutoredirect, 1);
break;
case _T('d'):
if (argc > i + 1) {
_tcscpy(config->Domain, argv[++i]);
}
else {
DIE();
}
break;
case 's':
config->SingleBruteforceAttack = 1;
break;
case _T('m'):
if (argc > i + 1) {
config->MaxAttempts = _tstoi(argv[++i]);
}
else {
DIE();
}
break;
case _T('M'):
if (argc > i + 1) {
_tcscpy(config->resource->HTTPMethod, argv[++i]);
}
else {
DIE();
}
break;
case _T('w'):
if (argc > i + 1) {
config->WaitTime = _tstoi(argv[++i]) * 1000 + 150;
// add additional 150ms
}
else {
usage();
return (0);
}
break;
case _T('v'):
if (argc > i + 1) {
if ((config->api[0]->GetHTTPConfig(GLOBAL_HTTP_CONFIG,
ConfigProxyHost)) && (!config->resource->SSLRequest)) {
_tprintf(_T
("[-] Unable to set a virtual host header with HTTP proxy (parametr -v ignored)\r\n")
);
i++;
}
else {
config->resource->VirtualHost = _tcsdup(argv[++i]);
}
}
else {
DIE();
}
break;
case _T('l'):
if (argc > i + 1) {
HTTPCHAR *trozo = _tcstok(argv[++i], _T(","));
while (trozo != NULL) {
AddUser(trozo, config);
trozo = _tcstok(NULL, _T(","));
}
}
else {
DIE();
}
break;
case _T('H'):
if (argc > i + 1) {
HTTPCHAR *trozo = _tcstok(argv[++i], _T(","));
while (trozo != NULL) {
_tcscat(config->AdditionalHeaders, trozo);
_tcscat(config->AdditionalHeaders, _T("\r\n"));
trozo = _tcstok(NULL, _T(","));
}
}
else {
DIE();
}
break;
case _T('L'):
if (argc > i + 1) {
if ((strlen(argv[i]) == 3) && (argv[i][2] == 'm')) {
LoadConfig(argv[i + 1], argv[i + 1], config);
config->SingleBruteforceAttack = 1;
i++;
}
else {
LoadConfig(argv[++i], NULL, config);
}
}
else {
DIE();
}
break;
case _T('p'):
if (argc > i + 1) {
HTTPCHAR *trozo = _tcstok(argv[++i], _T(","));
while (trozo != NULL) {
AddPassword(trozo, config);
trozo = _tcstok(NULL, _T(","));
}
}
else {
DIE();
}
break;
case _T('P'):
if (argc > i + 1) {
LoadConfig(NULL, argv[++i], config);
}
else {
DIE();
}
break;
case _T('S'):
config->StopAfterPasswordFound = 0;
break;
case _T('f'):
config->FakeSourceAddress = 1;
break;
default:
_tprintf(_T("[-] Invalid parameter %s\r\n\r\n"), argv[i]);
DIE();
break;
}
}
}
if (!config->resource->host) {
DIE();
}
for (int threads = 0; threads < config->ThreadNumber; threads++) {
config->HTTPHandle[threads] =
config->api[threads]->InitHTTPConnectionHandle
(config->resource->host, config->resource->port,
config->resource->SSLRequest);
if (config->HTTPHandle[threads] == INVALID_HHTPHANDLE_VALUE) {
_tprintf(_T("[-] ERROR - Unable to resolve the remote Host\n"));
delete config;
return (NULL);
}
if (config->CustomCookie[0]) {
config->api[threads]->SetHTTPConfig(config->HTTPHandle[threads],
ConfigCookie, config->CustomCookie);
}
if (config->resource->VirtualHost) {
config->api[threads]->SetHTTPConfig(config->HTTPHandle[threads],
ConfigHTTPHost, config->resource->VirtualHost);
}
}
int ret = GetInformation(config->api[0], config->HTTPHandle[0],
config->resource->host, config->resource->port, config->resource->path,
config->resource->SSLRequest, config->resource->HTTPMethod,
config->AdditionalHeaders);
if ((!ret) || (config->getInformation)) {
delete config;
return (NULL);
}
if ((ret & NTLM_AUTH) && (config->WaitTime == 0)) {
_tprintf(_T("\r\n"));
_tprintf(_T
("[-] Warning. The remote host supports NTLM auth. No lock policy was selected\r\n")
);
_tprintf(_T
("[-] Warning. Remote computer or domain accounts can be locked\r\n"
));
_tprintf(_T
("[-] Warning. Press any key to continue at your own risk\r\n"));
_tprintf(_T
("[-] Warning. Or cancel the bruteforce attack with CTRL+C (recommended -m and -w flags)\r\n")
);
getchar();
}
if (config->credential.nLogins == 0) {
LoadConfig(_T("users.txt"), NULL, config);
}
if (config->credential.nPasswords == 0) {
LoadConfig(NULL, _T("pass.txt"), config);
}
_tprintf(_T("[+] Loaded user list: %i users\r\n"),
config->credential.nLogins);
_tprintf(_T("[+] Loaded pass list: %i passwords\r\n\r\n"),
config->credential.nPasswords);
if (config->credential.nLogins == 0) {
_tprintf(_T
("[-] Unable to perform attack without usernames. Use -L or -l flag\r\n")
);
delete config;
return (NULL);
}
if (config->credential.nPasswords == 0) {
_tprintf(_T
("[-] Unable to perform attack without passwords. Use -L or -l flag\r\n")
);
delete config;
return (NULL);
}
return (config);
}
