[X2serv-cvs] CVS: x2/source gatetool.c,NONE,1.1
Brought to you by:
sirvulcan
Menu
▾
▴
[X2serv-cvs] CVS: x2/source gatetool.c,NONE,1.1
|
From: Alex S. <ru...@us...> - 2001-08-27 11:30:44
|
Update of /cvsroot/x2serv/x2/source In directory usw-pr-cvs1:/tmp/cvs-serv15766 Added Files: gatetool.c Log Message: A tool for inspecting wingates from the commandline. --- NEW FILE --- /********************** * Gate Tool - Probe a socks proxy * and print the byte response (if any) it * returns (its signature) * * For help determining triggers for * insecure wingate detectors. * */ #include <stdio.h> #include <sys/types.h> #include <sys/socket.h> #include <arpa/inet.h> #include <stdarg.h> #include <fcntl.h> #include <unistd.h> #include <errno.h> #define SOCKSPORT 1080 /* Got some docs on this key.. * http://www.socks.nec.com/protocol/socks4.protocol * DESC: VN CD DSTPORT DSTIP USERID ... NULL * BYTES: 1 1 2 4 variable * VALUES: 4, 1, 26, 11, 199,2,210,241, "Rubin", 0 * these are the base 10 values.. note that 199.2.210.241 is * agora's ip address. When agora goes down the connections * started to fail, due to no route to host.. and the scan * broke. So it would be better to connect to something * more configurable/reliable. */ /*unsigned char keystring[] = {0x04, 0x01, 0x1A, 0x0B, 0xC7, 0x02, 0xD2, 0xF1, 0x62, 0x6C, *converting to dec..* 0x61, 0x68, 0x74, 0x65, 0x73, 0x74, 0x00}; */ /* NOTE: If the IP below (206.58.8.1) is not routable, the socks check will FAIL! */ /* TODO : Put this IP in the config file somehow. */ /* {PORT} {Agora's IP} {Userid..} */ unsigned char keystring[] = {4, 1, 26,11, 206,58,8,1, 'r','u','b','i','n'}; int sock, c; int MaxSock = 0; char tmpstr[20]; char decstr[200]; int i; char buf[2000]; void BeginGateScan(char *IP); int main(int argc, char *argv[]) { char *IP; if(argc < 1) { printf("USAGE: %s <IP>\n", argv[0]); return; } IP = argv[1]; BeginGateScan(IP); } void BeginGateScan(char *IP) { struct sockaddr_in GateAddr; unsigned long int longip; longip = inet_addr(IP); bzero((char *) &GateAddr, sizeof(GateAddr)); GateAddr.sin_addr.s_addr = longip; GateAddr.sin_family = AF_INET; GateAddr.sin_port = htons(SOCKSPORT); if((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) { printf("ERROR: socket() returned error: %s\n", strerror(errno)); printf("Terminating gate checking due to unrecoverable error\n"); return; } if(sock > MaxSock) MaxSock = sock; fcntl(sock, F_SETFL /*, O_NONBLOCK */); if(connect(sock, (struct sockaddr *) &GateAddr, sizeof(GateAddr)) >= 0) { printf("Called connect() for gate..\n"); } else { if(errno == EINPROGRESS) { /* connect is non blocking, use select to finish..*/ printf("Non blocking connect waiting to finish..\n"); } else { printf("Connect failed. :%s:\n", strerror(errno)); close(sock); return; } } if(sock < 0) { printf("sock is negitive in CheckSend for loop\n"); } printf("Sending magic string\n"); send(sock, keystring, 17, 0); /* Read the incomming response */ c = read(sock, tmpstr, 10); if(c >=0) { strcpy(decstr, ""); for(i=0;i<c;i++) { sprintf(buf, "%d ", tmpstr[i]); strcat(decstr, buf); } printf("Got [%s]\n", decstr); /* Apparently new versions are out that use 05b as a responce, * or maybe because agora is not reachable today.. regardless, * expanding the search a bit so the 2nd byte can be 0x5a or 0x5b. * TODO : add this * 0x04 0x5a 0x57 0x0b : another type of responce gotten.. * Ok, found some socks protocol docs: * http://www.socks.nec.com/protocol/socks4.protocol * Description: VN CD DSTPORT DSTIP * Bytes: 1 1 2 4 * CD is 90=granted - gline them * 91=rejected/failed * 92=rejected due to lack of ident, * 93=rejected coz ident userid's conflicted * -Rubin */ if( ( (tmpstr[0] == 0) || (tmpstr[0] == 4) ) && (tmpstr[1] == 90) ) /* 90 = granted */ { /* We got one! */ printf("Wingate detected\n"); } else { /* Connected but not an insecure gate */ close(sock); printf("Wingate not detected\n"); } } else { printf("Read error to socket. 0 bytes read.\n"); close(sock); return; } } |