| 1 |
michael |
3252 |
// Copyright (C) 2003 Stephane Thiell |
| 2 |
|
|
// |
| 3 |
|
|
// This file is part of pxyscand (from pxys) |
| 4 |
|
|
// |
| 5 |
|
|
// This program is free software; you can redistribute it and/or |
| 6 |
|
|
// modify it under the terms of the GNU General Public License |
| 7 |
|
|
// as published by the Free Software Foundation; either version 2 |
| 8 |
|
|
// of the License, or (at your option) any later version. |
| 9 |
|
|
// |
| 10 |
|
|
// This program is distributed in the hope that it will be useful, |
| 11 |
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 12 |
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 13 |
|
|
// GNU General Public License for more details. |
| 14 |
|
|
// |
| 15 |
|
|
// You should have received a copy of the GNU General Public License |
| 16 |
|
|
// along with this program; if not, write to the Free Software |
| 17 |
|
|
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
| 18 |
|
|
// |
| 19 |
|
|
#define RCSID "$Id: PXMCrazyBandit.cc,v 1.2 2004/01/01 02:18:10 mbuna Exp $" |
| 20 |
|
|
|
| 21 |
|
|
// This class scans for "MalayBouncer ver2.0 by CrazyBandit Co. Ltd." |
| 22 |
|
|
// (thanks puppet for the info). It's not a misconfigured proxy but a trojan |
| 23 |
|
|
// (mIRC script) that can act like a proxy. Although there is a generic |
| 24 |
|
|
// password, I decided to not check it as such a bouncer on port 407 shouldn't |
| 25 |
|
|
// really exist anyway. |
| 26 |
|
|
// |
| 27 |
|
|
|
| 28 |
|
|
#define CRAZYBANDIT_SHORTNAME "CrazyBandit" |
| 29 |
|
|
#define CRAZYBANDIT_DESCR "MalayBouncer by CrazyBandit" |
| 30 |
|
|
#define CRAZYBANDIT_PORT 407 |
| 31 |
|
|
|
| 32 |
|
|
#include "PXMCrazyBandit.h" |
| 33 |
|
|
|
| 34 |
|
|
#include <cassert> |
| 35 |
|
|
#include <cerrno> |
| 36 |
|
|
#include <cstring> |
| 37 |
|
|
#include <arpa/inet.h> |
| 38 |
|
|
|
| 39 |
|
|
uint32_t PXMCrazyBandit::sConnCount = 0; |
| 40 |
|
|
uint32_t PXMCrazyBandit::sProxyCount = 0; |
| 41 |
|
|
|
| 42 |
|
|
PXMCrazyBandit::PXMCrazyBandit(PXScan *inScan) |
| 43 |
|
|
: PXScanModule(inScan) |
| 44 |
|
|
{ |
| 45 |
|
|
} |
| 46 |
|
|
|
| 47 |
|
|
PXMCrazyBandit::~PXMCrazyBandit() |
| 48 |
|
|
{ |
| 49 |
|
|
} |
| 50 |
|
|
|
| 51 |
|
|
void |
| 52 |
|
|
PXMCrazyBandit::InitModule() |
| 53 |
|
|
{ |
| 54 |
|
|
RegisterPXM(CRAZYBANDIT_SHORTNAME, CRAZYBANDIT_PORT, |
| 55 |
|
|
&sConnCount, &sProxyCount); |
| 56 |
|
|
} |
| 57 |
|
|
|
| 58 |
|
|
bool |
| 59 |
|
|
PXMCrazyBandit::StartScan() |
| 60 |
|
|
{ |
| 61 |
|
|
peak_task task = peak_task_self(); |
| 62 |
|
|
|
| 63 |
|
|
struct sockaddr_in sin; |
| 64 |
|
|
memset(&sin, 0, sizeof(struct sockaddr_in)); |
| 65 |
|
|
sin.sin_family = AF_INET; |
| 66 |
|
|
sin.sin_addr = this->GetAddress(); |
| 67 |
|
|
sin.sin_port = htons((uint16_t)CRAZYBANDIT_PORT); |
| 68 |
|
|
|
| 69 |
|
|
mStream = peak_stream_socket_create((struct sockaddr *)&sin, sizeof(sin), |
| 70 |
|
|
PEAK_STREAM_OPT_LINEMODE, |
| 71 |
|
|
EventCallback, |
| 72 |
|
|
this); |
| 73 |
|
|
|
| 74 |
|
|
if (!mStream) |
| 75 |
|
|
return false; |
| 76 |
|
|
|
| 77 |
|
|
if (this->IsLocalAddressSet()) |
| 78 |
|
|
{ |
| 79 |
|
|
sockaddr_in local_sin; |
| 80 |
|
|
memset(&local_sin, 0, sizeof(local_sin)); |
| 81 |
|
|
local_sin.sin_family = AF_INET; |
| 82 |
|
|
local_sin.sin_addr = this->GetLocalAddress(); |
| 83 |
|
|
local_sin.sin_port = htons(0); |
| 84 |
|
|
|
| 85 |
|
|
peak_stream_set_address(mStream, (sockaddr*)&local_sin, sizeof(local_sin)); |
| 86 |
|
|
} |
| 87 |
|
|
|
| 88 |
|
|
/* Enable built-in timeout option, this is so useful here. */ |
| 89 |
|
|
peak_stream_set_timeout(mStream, GetTimeout()); |
| 90 |
|
|
|
| 91 |
|
|
/* Connect (don't block) */ |
| 92 |
|
|
if (peak_stream_connect(mStream) == -1) |
| 93 |
|
|
{ |
| 94 |
|
|
this->Cleanup(); |
| 95 |
|
|
this->ProxyNotFound(); |
| 96 |
|
|
} |
| 97 |
|
|
else |
| 98 |
|
|
peak_stream_schedule(mStream, task); |
| 99 |
|
|
return true; |
| 100 |
|
|
} |
| 101 |
|
|
|
| 102 |
|
|
void |
| 103 |
|
|
PXMCrazyBandit::Cleanup() |
| 104 |
|
|
{ |
| 105 |
|
|
peak_release(mStream); |
| 106 |
|
|
} |
| 107 |
|
|
|
| 108 |
|
|
void |
| 109 |
|
|
PXMCrazyBandit::ProcessEvent(peak_stream s, int type) |
| 110 |
|
|
{ |
| 111 |
|
|
char *line; |
| 112 |
|
|
int err; |
| 113 |
|
|
|
| 114 |
|
|
switch (type) |
| 115 |
|
|
{ |
| 116 |
|
|
case PEAK_STREAM_EVT_OPEN: |
| 117 |
|
|
sConnCount++; |
| 118 |
|
|
break; |
| 119 |
|
|
case PEAK_STREAM_EVT_READ: |
| 120 |
|
|
line = peak_stream_get_line(s); |
| 121 |
|
|
|
| 122 |
|
|
// :210.186.115.64 NOTICE AUTH :Sila taip /quote PASS <kata laluan> |
| 123 |
|
|
if (strstr(line, "NOTICE AUTH :Anda perlu taip") |
| 124 |
|
|
|| strstr(line, "NOTICE AUTH :Sila taip")) |
| 125 |
|
|
{ |
| 126 |
|
|
sProxyCount++; |
| 127 |
|
|
this->Cleanup(); |
| 128 |
|
|
this->ProxyFound(OPAS_PROXY_TYPE_IRCBOUNCER, CRAZYBANDIT_PORT, |
| 129 |
|
|
CRAZYBANDIT_DESCR); |
| 130 |
|
|
return; /* done! */ |
| 131 |
|
|
} |
| 132 |
|
|
/* fall through */ |
| 133 |
|
|
case PEAK_STREAM_EVT_ERROR: |
| 134 |
|
|
case PEAK_STREAM_EVT_TIMEDOUT: |
| 135 |
|
|
this->Cleanup(); |
| 136 |
|
|
this->ProxyNotFound(); |
| 137 |
|
|
break; |
| 138 |
|
|
case PEAK_STREAM_EVT_END: |
| 139 |
|
|
this->Cleanup(); |
| 140 |
|
|
err = peak_stream_get_error(s); |
| 141 |
|
|
if (err == ENETUNREACH) |
| 142 |
|
|
this->ScanError(OPAS_ERROR_NETUNREACH); // Can't scan ! |
| 143 |
|
|
else if (err == ENETDOWN) |
| 144 |
|
|
this->ScanError(OPAS_ERROR_NETDOWN); // Even worst ! |
| 145 |
|
|
else |
| 146 |
|
|
this->ProxyNotFound(); |
| 147 |
|
|
break; |
| 148 |
|
|
default: |
| 149 |
|
|
break; |
| 150 |
|
|
} |
| 151 |
|
|
} |
| 152 |
|
|
|
| 153 |
|
|
void |
| 154 |
|
|
PXMCrazyBandit::EventCallback(peak_stream s, int type, void *context) |
| 155 |
|
|
{ |
| 156 |
|
|
PXMCrazyBandit *pxm = reinterpret_cast<PXMCrazyBandit*>(context); |
| 157 |
|
|
pxm->ProcessEvent(s, type); |
| 158 |
|
|
} |
Parent Directory
| 
Revision Log