1 |
// Copyright (C) 2003 Stephane Thiell |
2 |
// |
3 |
// This file is part of pxyscand (from pxys) |
4 |
// |
5 |
// This program is free software; you can redistribute it and/or |
6 |
// modify it under the terms of the GNU General Public License |
7 |
// as published by the Free Software Foundation; either version 2 |
8 |
// of the License, or (at your option) any later version. |
9 |
// |
10 |
// This program is distributed in the hope that it will be useful, |
11 |
// but WITHOUT ANY WARRANTY; without even the implied warranty of |
12 |
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
13 |
// GNU General Public License for more details. |
14 |
// |
15 |
// You should have received a copy of the GNU General Public License |
16 |
// along with this program; if not, write to the Free Software |
17 |
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
18 |
// |
19 |
#define RCSID "$Id: PXMCrazyBandit.cc,v 1.2 2004/01/01 02:18:10 mbuna Exp $" |
20 |
|
21 |
// This class scans for "MalayBouncer ver2.0 by CrazyBandit Co. Ltd." |
22 |
// (thanks puppet for the info). It's not a misconfigured proxy but a trojan |
23 |
// (mIRC script) that can act like a proxy. Although there is a generic |
24 |
// password, I decided to not check it as such a bouncer on port 407 shouldn't |
25 |
// really exist anyway. |
26 |
// |
27 |
|
28 |
#define CRAZYBANDIT_SHORTNAME "CrazyBandit" |
29 |
#define CRAZYBANDIT_DESCR "MalayBouncer by CrazyBandit" |
30 |
#define CRAZYBANDIT_PORT 407 |
31 |
|
32 |
#include "PXMCrazyBandit.h" |
33 |
|
34 |
#include <cassert> |
35 |
#include <cerrno> |
36 |
#include <cstring> |
37 |
#include <arpa/inet.h> |
38 |
|
39 |
uint32_t PXMCrazyBandit::sConnCount = 0; |
40 |
uint32_t PXMCrazyBandit::sProxyCount = 0; |
41 |
|
42 |
PXMCrazyBandit::PXMCrazyBandit(PXScan *inScan) |
43 |
: PXScanModule(inScan) |
44 |
{ |
45 |
} |
46 |
|
47 |
PXMCrazyBandit::~PXMCrazyBandit() |
48 |
{ |
49 |
} |
50 |
|
51 |
void |
52 |
PXMCrazyBandit::InitModule() |
53 |
{ |
54 |
RegisterPXM(CRAZYBANDIT_SHORTNAME, CRAZYBANDIT_PORT, |
55 |
&sConnCount, &sProxyCount); |
56 |
} |
57 |
|
58 |
bool |
59 |
PXMCrazyBandit::StartScan() |
60 |
{ |
61 |
peak_task task = peak_task_self(); |
62 |
|
63 |
struct sockaddr_in sin; |
64 |
memset(&sin, 0, sizeof(struct sockaddr_in)); |
65 |
sin.sin_family = AF_INET; |
66 |
sin.sin_addr = this->GetAddress(); |
67 |
sin.sin_port = htons((uint16_t)CRAZYBANDIT_PORT); |
68 |
|
69 |
mStream = peak_stream_socket_create((struct sockaddr *)&sin, sizeof(sin), |
70 |
PEAK_STREAM_OPT_LINEMODE, |
71 |
EventCallback, |
72 |
this); |
73 |
|
74 |
if (!mStream) |
75 |
return false; |
76 |
|
77 |
if (this->IsLocalAddressSet()) |
78 |
{ |
79 |
sockaddr_in local_sin; |
80 |
memset(&local_sin, 0, sizeof(local_sin)); |
81 |
local_sin.sin_family = AF_INET; |
82 |
local_sin.sin_addr = this->GetLocalAddress(); |
83 |
local_sin.sin_port = htons(0); |
84 |
|
85 |
peak_stream_set_address(mStream, (sockaddr*)&local_sin, sizeof(local_sin)); |
86 |
} |
87 |
|
88 |
/* Enable built-in timeout option, this is so useful here. */ |
89 |
peak_stream_set_timeout(mStream, GetTimeout()); |
90 |
|
91 |
/* Connect (don't block) */ |
92 |
if (peak_stream_connect(mStream) == -1) |
93 |
{ |
94 |
this->Cleanup(); |
95 |
this->ProxyNotFound(); |
96 |
} |
97 |
else |
98 |
peak_stream_schedule(mStream, task); |
99 |
return true; |
100 |
} |
101 |
|
102 |
void |
103 |
PXMCrazyBandit::Cleanup() |
104 |
{ |
105 |
peak_release(mStream); |
106 |
} |
107 |
|
108 |
void |
109 |
PXMCrazyBandit::ProcessEvent(peak_stream s, int type) |
110 |
{ |
111 |
char *line; |
112 |
int err; |
113 |
|
114 |
switch (type) |
115 |
{ |
116 |
case PEAK_STREAM_EVT_OPEN: |
117 |
sConnCount++; |
118 |
break; |
119 |
case PEAK_STREAM_EVT_READ: |
120 |
line = peak_stream_get_line(s); |
121 |
|
122 |
// :210.186.115.64 NOTICE AUTH :Sila taip /quote PASS <kata laluan> |
123 |
if (strstr(line, "NOTICE AUTH :Anda perlu taip") |
124 |
|| strstr(line, "NOTICE AUTH :Sila taip")) |
125 |
{ |
126 |
sProxyCount++; |
127 |
this->Cleanup(); |
128 |
this->ProxyFound(OPAS_PROXY_TYPE_IRCBOUNCER, CRAZYBANDIT_PORT, |
129 |
CRAZYBANDIT_DESCR); |
130 |
return; /* done! */ |
131 |
} |
132 |
/* fall through */ |
133 |
case PEAK_STREAM_EVT_ERROR: |
134 |
case PEAK_STREAM_EVT_TIMEDOUT: |
135 |
this->Cleanup(); |
136 |
this->ProxyNotFound(); |
137 |
break; |
138 |
case PEAK_STREAM_EVT_END: |
139 |
this->Cleanup(); |
140 |
err = peak_stream_get_error(s); |
141 |
if (err == ENETUNREACH) |
142 |
this->ScanError(OPAS_ERROR_NETUNREACH); // Can't scan ! |
143 |
else if (err == ENETDOWN) |
144 |
this->ScanError(OPAS_ERROR_NETDOWN); // Even worst ! |
145 |
else |
146 |
this->ProxyNotFound(); |
147 |
break; |
148 |
default: |
149 |
break; |
150 |
} |
151 |
} |
152 |
|
153 |
void |
154 |
PXMCrazyBandit::EventCallback(peak_stream s, int type, void *context) |
155 |
{ |
156 |
PXMCrazyBandit *pxm = reinterpret_cast<PXMCrazyBandit*>(context); |
157 |
pxm->ProcessEvent(s, type); |
158 |
} |