almost complete. Need to just setup the port save feature, and port to Marks new string functions

This commit is contained in:
Fish 2003-10-29 11:07:23 +00:00
parent 48daac5382
commit 571f989fa2
6 changed files with 423 additions and 201 deletions

1
.gitattributes vendored
View file

@ -33,6 +33,7 @@ libopm/snprintf.c -text
libopm/snprintf.h -text libopm/snprintf.h -text
libopm/test.c -text libopm/test.c -text
/modconfig.h.in -text /modconfig.h.in -text
/opsb.Settings -text
/opsb.c -text /opsb.c -text
/opsb.h -text /opsb.h -text
/opsb_help.c -text /opsb_help.c -text

10
opsb.Settings Normal file
View file

@ -0,0 +1,10 @@
g = {
OPSB: = {
HTTP (S) = "80 8080 8000 3128";
HTTPPOST (S) = "80 8080 8000 3128";
ROUTER (S) = "23";
SOCKS4 (S) = "1080";
SOCKS5 (S) = "1080";
WINGATE (S) = "23";
}
}

129
opsb.c
View file

@ -53,6 +53,7 @@ extern const char *opsb_help_status[];
extern const char *opsb_help_set[]; extern const char *opsb_help_set[];
extern const char *opsb_help_exclude[]; extern const char *opsb_help_exclude[];
extern const char *opsb_help_remove[]; extern const char *opsb_help_remove[];
extern const char *opsb_help_ports[];
int online; int online;
@ -83,7 +84,23 @@ int findscan(const void *key1, const void *key2) {
return (strcasecmp(chan1->who, key2)); return (strcasecmp(chan1->who, key2));
} }
int ports_sort(const void *key1, const void *key2) {
port_list *pl1 = (port_list *)key1;
port_list *pl2 = (port_list *)key2;
if (pl1->type == pl2->type) {
if (pl1->port == pl2->port) {
return 0;
} else if (pl1->port > pl2->port) {
return 1;
} else {
return -1;
}
} else if (pl1->type > pl2->type) {
return 1;
} else {
return -1;
}
}
int __Bot_Message(char *origin, char **argv, int argc) int __Bot_Message(char *origin, char **argv, int argc)
@ -92,6 +109,7 @@ int __Bot_Message(char *origin, char **argv, int argc)
lnode_t *lnode; lnode_t *lnode;
scaninfo *scandata; scaninfo *scandata;
exemptinfo *exempts; exemptinfo *exempts;
port_list *pl;
int lookuptype, i; int lookuptype, i;
char *buf; char *buf;
@ -118,6 +136,8 @@ int __Bot_Message(char *origin, char **argv, int argc)
privmsg_list(u->nick, s_opsb, opsb_help_status); privmsg_list(u->nick, s_opsb, opsb_help_status);
} else if ((!strcasecmp(argv[2], "set") && UserLevel(u) >= 100)) { } else if ((!strcasecmp(argv[2], "set") && UserLevel(u) >= 100)) {
privmsg_list(u->nick, s_opsb, opsb_help_set); privmsg_list(u->nick, s_opsb, opsb_help_set);
} else if ((!strcasecmp(argv[2], "ports") && UserLevel(u) >= 100)) {
privmsg_list(u->nick, s_opsb, opsb_help_ports);
} else if ((!strcasecmp(argv[2], "exclude") && UserLevel(u) > 100)) { } else if ((!strcasecmp(argv[2], "exclude") && UserLevel(u) > 100)) {
privmsg_list(u->nick, s_opsb, opsb_help_exclude); privmsg_list(u->nick, s_opsb, opsb_help_exclude);
} else if ((!strcasecmp(argv[2], "remove") && UserLevel(u) > 40)) { } else if ((!strcasecmp(argv[2], "remove") && UserLevel(u) > 40)) {
@ -334,6 +354,95 @@ int __Bot_Message(char *origin, char **argv, int argc)
prefmsg(u->nick, s_opsb, "Syntax Error. /msg %s help exclude", s_opsb); prefmsg(u->nick, s_opsb, "Syntax Error. /msg %s help exclude", s_opsb);
return 0; return 0;
} }
} else if (!strcasecmp(argv[1], "PORTS")) {
if (UserLevel(u) < 100) {
prefmsg(u->nick, s_opsb, "Access Denied");
chanalert(s_opsb, "%s tried to use ports, but is not an operator", u->nick);
return 1;
}
if (argc < 3) {
prefmsg(u->nick, s_opsb, "Syntax Error. /msg %s help ports", s_opsb);
return 0;
}
if (!strcasecmp(argv[2], "LIST")) {
lnode = list_first(opsb.ports);
i = 1;
prefmsg(u->nick, s_opsb, "Port List:");
while (lnode) {
pl = lnode_get(lnode);
prefmsg(u->nick, s_opsb, "%d) %s Port: %d", i, type_of_proxy(pl->type), pl->port);
++i;
lnode = list_next(opsb.ports, lnode);
}
prefmsg(u->nick, s_opsb, "End of List.");
chanalert(s_opsb, "%s requested Port List", u->nick);
} else if (!strcasecmp(argv[2], "ADD")) {
if (argc < 5) {
prefmsg(u->nick, s_opsb, "Syntax Error. /msg %s help ports", s_opsb);
return 0;
}
if (list_isfull(opsb.ports)) {
prefmsg(u->nick, s_opsb, "Error, Ports list is full", s_opsb);
return 0;
}
if (!atoi(argv[4])) {
prefmsg(u->nick, s_opsb, "Port field does not contain a vaild port");
return 0;
}
if (get_proxy_by_name(argv[3]) < 1) {
prefmsg(u->nick, s_opsb, "Unknown Proxy type %s", argv[3]);
return 0;
}
pl = malloc(sizeof(port_list));
pl->type = get_proxy_by_name(argv[3]);
pl->port = atoi(argv[4]);
lnode = lnode_create(pl);
list_append(opsb.ports, lnode);
list_sort(opsb.ports, ports_sort);
#if 0
save_ports();
#endif
add_port(pl->type, pl->port);
prefmsg(u->nick, s_opsb, "Added Port %d for Protocol %s to Ports list", pl->port, argv[3]);
chanalert(s_opsb, "%s added port %d for protocol %s to Ports list", u->nick, pl->port, argv[3]);
} else if (!strcasecmp(argv[2], "DEL")) {
if (argc < 3) {
prefmsg(u->nick, s_opsb, "Syntax Error. /msg %s help ports", s_opsb);
return 0;
}
if (atoi(argv[3]) != 0) {
lnode = list_first(opsb.ports);
i = 1;
while (lnode) {
if (i == atoi(argv[3])) {
/* delete the entry */
pl = lnode_get(lnode);
list_delete(opsb.ports, lnode);
prefmsg(u->nick, s_opsb, "Deleted Port %d of Protocol %s out of Ports list", pl->port, type_of_proxy(pl->type));
prefmsg(u->nick, s_opsb, "You need to Restart OPSB for the changes to take effect");
chanalert(s_opsb, "%s deleted port %d of Protocol %s out of Ports list", u->nick, pl->port, type_of_proxy(pl->type));
free(pl);
/* just to be sure, lets sort the list */
list_sort(opsb.ports, ports_sort);
#if 0
save_ports();
#endif
return 1;
}
++i;
lnode = list_next(opsb.ports, lnode);
}
/* if we get here, then we can't find the entry */
prefmsg(u->nick, s_opsb, "Error, Can't find entry %d. /msg %s ports list", atoi(argv[3]), s_opsb);
return 0;
} else {
prefmsg(u->nick, s_opsb, "Error, Out of Range");
return 0;
}
} else {
prefmsg(u->nick, s_opsb, "Syntax Error. /msg %s help ports", s_opsb);
return 0;
}
} else if (!strcasecmp(argv[1], "SET")) { } else if (!strcasecmp(argv[1], "SET")) {
if (argc < 3) { if (argc < 3) {
prefmsg(u->nick, s_opsb, "Syntax Error. /msg %s help set", s_opsb); prefmsg(u->nick, s_opsb, "Syntax Error. /msg %s help set", s_opsb);
@ -541,16 +650,15 @@ int Online(char **av, int ac) {
SET_SEGV_LOCATION(); SET_SEGV_LOCATION();
init_libopm();
if (init_bot(s_opsb,"opsb",me.name,"Proxy Scanning Bot", "+S", __module_info.module_name) == -1 ) { if (init_bot(s_opsb,"opsb",me.name,"Proxy Scanning Bot", "+S", __module_info.module_name) == -1 ) {
/* Nick was in use!!!! */ /* Nick was in use!!!! */
s_opsb = strcat(s_opsb, "_"); s_opsb = strcat(s_opsb, "_");
init_bot(s_opsb,"opsb",me.name,"Proxy Scanning Bot", "+S", __module_info.module_name); init_bot(s_opsb,"opsb",me.name,"Proxy Scanning Bot", "+S", __module_info.module_name);
} }
loadcache(); loadcache();
if (opsb.confed == 0) add_mod_timer("unconf", "Un_configured_warn", "opsb", 60);
unconf();
if (opsb.confed == 0) { if (opsb.confed == 0) {
add_mod_timer("unconf", "Un_configured_warn", "opsb", 60);
unconf();
getpeername(servsock, (struct sockaddr *)&sa, (socklen_t*)&ulen); getpeername(servsock, (struct sockaddr *)&sa, (socklen_t*)&ulen);
snprintf(opsb.targethost, MAXHOST, "%s", inet_ntoa(sa.sin_addr)); snprintf(opsb.targethost, MAXHOST, "%s", inet_ntoa(sa.sin_addr));
} }
@ -729,7 +837,6 @@ void loadcache() {
if (!fp) { if (!fp) {
nlog(LOG_WARNING, LOG_MOD, "OPSB: Warning, Can not open Cache file for Reading"); nlog(LOG_WARNING, LOG_MOD, "OPSB: Warning, Can not open Cache file for Reading");
chanalert(s_opsb, "Warning, Can not open Cache file for Reading");
return; return;
} }
fgets(buf, 512, fp); fgets(buf, 512, fp);
@ -1124,6 +1231,8 @@ int __ModInit(int modnum, int apiver)
exempt = list_create(MAX_EXEMPTS); exempt = list_create(MAX_EXEMPTS);
opsb.ports = list_create(MAX_PORTS);
online = 0; online = 0;
sprintf(opsb.opmdomain, "%s", "opm.blitzed.org"); sprintf(opsb.opmdomain, "%s", "opm.blitzed.org");
sprintf(opsb.targethost, "%s", me.uplink); sprintf(opsb.targethost, "%s", me.uplink);
@ -1141,6 +1250,16 @@ int __ModInit(int modnum, int apiver)
opsb.opmhits = 1; opsb.opmhits = 1;
snprintf(opsb.lookforstring, 512, "*** Looking up your hostname..."); snprintf(opsb.lookforstring, 512, "*** Looking up your hostname...");
snprintf(opsb.scanmsg, 512, "Your Host is being Scanned for Open Proxies"); snprintf(opsb.scanmsg, 512, "Your Host is being Scanned for Open Proxies");
loadcache();
if (load_ports() != 1) {
nlog(LOG_WARNING, LOG_MOD, "Can't Load opsb. No Ports Defined for Scanned. Did you install Correctly?");
return -1;
}
init_libopm();
return 1; return 1;
} }

22
opsb.h
View file

@ -12,14 +12,14 @@
#define OPSB_H #define OPSB_H
#include "modconfig.h" #include "modconfig.h"
#include "opm_types.h"
typedef struct proxy_types { typedef struct port_list {
char *type; int type;
int port; int port;
int nofound; int nofound;
int noopen; int noopen;
} proxy_types; } port_list;
char *s_opsb; char *s_opsb;
@ -31,7 +31,8 @@ char *s_opsb;
#define MAX_QUEUE MAX_SCANS * 100 #define MAX_QUEUE MAX_SCANS * 100
/* max no of exempt entries */ /* max no of exempt entries */
#define MAX_EXEMPTS 20 #define MAX_EXEMPTS 20
/* max no of ports to scan */
#define MAX_PORTS 50
struct scanq { struct scanq {
char who[MAXHOST]; char who[MAXHOST];
@ -68,6 +69,7 @@ struct opsb {
int doscan; int doscan;
int cachehits; int cachehits;
int opmhits; int opmhits;
list_t *ports;
} opsb; } opsb;
@ -100,6 +102,15 @@ struct exempts {
typedef struct exempts exemptinfo; typedef struct exempts exemptinfo;
typedef struct proxy_type {
int type;
char name[MAXNICK];
} proxy_type;
/* this is the list of exempted hosts/servers */ /* this is the list of exempted hosts/servers */
list_t *exempt; list_t *exempt;
@ -126,5 +137,6 @@ void addtocache(unsigned long ipaddr);
void start_proxy_scan(lnode_t *scannode); void start_proxy_scan(lnode_t *scannode);
void send_status(User *u); void send_status(User *u);
void check_scan_free(scaninfo *scandata); void check_scan_free(scaninfo *scandata);
int init_libopm();
#endif /* OPSB_H */ #endif /* OPSB_H */

View file

@ -23,166 +23,192 @@
#include "stats.h" #include "stats.h"
const char *opsb_help[] = { const char *opsb_help[] = {
"\2Open Proxy Scanning Bot\2 scans the network for insecure", "\2Open Proxy Scanning Bot\2 scans the network for insecure",
"clients. For more info \2/msg opsb info\2", "clients. For more info \2/msg opsb info\2",
"", "",
"The following commands can be used with opsb", "The following commands can be used with opsb",
"", "",
" LOOKUP Lookup DNS record", " LOOKUP Lookup DNS record",
" INFO Information about opsb", " INFO Information about opsb",
NULL NULL
}; };
const char *opsb_help_oper[] = { const char *opsb_help_oper[] = {
"", "",
"Additional commands for Operators", "Additional commands for Operators",
"", "",
" CHECK Scan a selected user", " CHECK Scan a selected user",
" STATUS View opsb state information", " STATUS View opsb state information",
" SET Change opsb configuration options", " SET Change opsb configuration options",
" EXCLUDE Exclude a host from scanning", " EXCLUDE Exclude a host from scanning",
" REMOVE Remove an akill set by opsb", " REMOVE Remove an akill set by opsb",
NULL NULL
}; };
const char *opsb_help_on_help[] = { const char *opsb_help_on_help[] = {
"", "",
"To use a command, type", "To use a command, type",
" \2/msg opsb command\2", " \2/msg opsb command\2",
"For for more information on a command, type", "For for more information on a command, type",
" \2/msg opsb HELP command\2.", " \2/msg opsb HELP command\2.",
NULL NULL
}; };
const char *opsb_help_lookup[] = { const char *opsb_help_lookup[] = {
"Syntax: \2LOOKUP <ip|hostname> <flag>\2", "Syntax: \2LOOKUP <ip|hostname> <flag>\2",
"", "",
"This command allows you to lookup DNS records on the", "This command allows you to lookup DNS records on the",
"Internet. Different types of records can be looked up", "Internet. Different types of records can be looked up",
"by specifying different flags", "by specifying different flags",
"", "",
"The Flags are:", "The Flags are:",
" txt - Lookup Text Records", " txt - Lookup Text Records",
" rp - Lookup the Responsible Person for this record", " rp - Lookup the Responsible Person for this record",
" ns - Lookup the Name Servers for this record", " ns - Lookup the Name Servers for this record",
" soa - Lookup the SOA for this Record", " soa - Lookup the SOA for this Record",
"", "",
"If you do not specify a flag, it defaults to looking up", "If you do not specify a flag, it defaults to looking up",
"either the IP address for Hostnames, or the Hostname for", "either the IP address for Hostnames, or the Hostname for",
"IP addresses", "IP addresses",
NULL NULL
}; };
const char *opsb_help_info[] = { const char *opsb_help_info[] = {
"\2Open Proxy Scanning Bot Information\2", "\2Open Proxy Scanning Bot Information\2",
"", "",
"This bot is intended to scan clients connecting to this", "This bot is intended to scan clients connecting to this",
"network for insecure proxies. Insecure proxies are often", "network for insecure proxies. Insecure proxies are often",
"used to attack networks or channel with \2clone\2 bots", "used to attack networks or channel with \2clone\2 bots",
"This check scans the following ports:", "This check scans the following ports:",
" 3128, 8080, 80 23 and 1080", " 3128, 8080, 80 23 and 1080",
"If you have Firewall, or IDS software, please ignore any", "If you have Firewall, or IDS software, please ignore any",
"errors that this scan may generate", "errors that this scan may generate",
"", "",
"If you have any further questions, please contact network", "If you have any further questions, please contact network",
"administration staff", "administration staff",
NULL NULL
}; };
const char *opsb_help_check[] = { const char *opsb_help_check[] = {
"Syntax: \2CHECK <nickname/IP/hostname>\2", "Syntax: \2CHECK <nickname/IP/hostname>\2",
"", "",
"This option will scan either a user connected to your", "This option will scan either a user connected to your",
"network, an IP address, or Hostname for Insecure proxies,", "network, an IP address, or Hostname for Insecure proxies,",
"and report the status to you. If an Insecure proxy is", "and report the status to you. If an Insecure proxy is",
"found, the host will be banned from the network", "found, the host will be banned from the network",
NULL NULL
}; };
const char *opsb_help_status[] = { const char *opsb_help_status[] = {
"Syntax: \2STATUS\2", "Syntax: \2STATUS\2",
"", "",
"View detailed information about the state of the Open", "View detailed information about the state of the Open",
"Proxy Scanning Bot", "Proxy Scanning Bot",
NULL NULL
}; };
const char *opsb_help_set[] = { const char *opsb_help_set[] = {
"Syntax: \2SET <OPTION> <SETTING>\2", "Syntax: \2SET <OPTION> <SETTING>\2",
"", "",
"This command will set various options relating to OPSB.", "This command will set various options relating to OPSB.",
"You can view the settings by typing \2SET LIST\2", "You can view the settings by typing \2SET LIST\2",
"The Settings take effect straight away", "The Settings take effect straight away",
"The Options are:", "The Options are:",
" \2TARGETIP\2 - Change the IP address we try to", " \2TARGETIP\2 - Change the IP address we try to",
" make the proxies connect to", " make the proxies connect to",
" This should be set to an IP address", " This should be set to an IP address",
" of one of your IRC Servers.", " of one of your IRC Servers.",
" \2TARGETPORT\2 - Change the Port number we try to", " \2TARGETPORT\2 - Change the Port number we try to",
" make proxies connect to. This must", " make proxies connect to. This must",
" be a port that runs on your IRCD", " be a port that runs on your IRCD",
" \2CACHETIME\2 - Amount of time (in seconds) that", " \2CACHETIME\2 - Amount of time (in seconds) that",
" an entry will be cached", " an entry will be cached",
" \2DISABLESCAN\2 - Disables the proxy scan and only", " \2DISABLESCAN\2 - Disables the proxy scan and only",
" do a lookup in the DNS blacklist", " do a lookup in the DNS blacklist",
" to see if this host is listed as", " to see if this host is listed as",
" an open proxy", " an open proxy",
"\2Advanced Settings\2 - These settings should not be changed", "\2Advanced Settings\2 - These settings should not be changed",
" unless you know the effects in full", " unless you know the effects in full",
" \2OPMDOMAIN\2 - Change the Domain we use to lookup", " \2OPMDOMAIN\2 - Change the Domain we use to lookup",
" for Blacklists.", " for Blacklists.",
" \2MAXBYTES\2 - Maximum number of bytes we receive", " \2MAXBYTES\2 - Maximum number of bytes we receive",
" from a proxy before disconnecting", " from a proxy before disconnecting",
" \2TIMEOUT\2 - Time we wait for a proxy to respond", " \2TIMEOUT\2 - Time we wait for a proxy to respond",
" to our servers before disconnecting,", " to our servers before disconnecting,",
" and assuming its not an open Proxy", " and assuming its not an open Proxy",
" \2OPENSTRING\2 - The string we expect to see if", " \2OPENSTRING\2 - The string we expect to see if",
" there is an Open Proxy", " there is an Open Proxy",
" \2SPLITTIME\2 - This is used to determine if users", " \2SPLITTIME\2 - This is used to determine if users",
" connecting to the network are part", " connecting to the network are part",
" of a Net join", " of a Net join",
" (when two servers link together)", " (when two servers link together)",
" \2SCANMSG\2 - This is the message sent to a user", " \2SCANMSG\2 - This is the message sent to a user",
" when we scan their hosts", " when we scan their hosts",
" \2BANTIME\2 - This is how long the user will be", " \2BANTIME\2 - This is how long the user will be",
" banned from the network for", " banned from the network for",
NULL NULL
}; };
const char *opsb_help_exclude[] = { const char *opsb_help_exclude[] = {
"Syntax: \2EXCLUDE <LIST>\2", "Syntax: \2EXCLUDE <LIST>\2",
" \2EXCLUDE <ADD> <hostname> <type> <reason>\2", " \2EXCLUDE <ADD> <hostname> <type> <reason>\2",
" \2EXCLUDE <DEL> <index>\2", " \2EXCLUDE <DEL> <index>\2",
"", "",
"This command lets you view or manipulate the exception", "This command lets you view or manipulate the exception",
"list. Exception lists are used to exclude users, or", "list. Exception lists are used to exclude users, or",
"servers from scanning. You should at least add a server", "servers from scanning. You should at least add a server",
"entry for your services IRC name, to stop OPSB from", "entry for your services IRC name, to stop OPSB from",
"scanning Nickserv, Chanserv etc", "scanning Nickserv, Chanserv etc",
"", "",
"\2LIST\2 will list the current exceptions together with an", "\2LIST\2 will list the current exceptions together with an",
"ID number for use in removing entries.", "ID number for use in removing entries.",
"", "",
"\2ADD\2 will add an entry of <hostname> to the exception" "\2ADD\2 will add an entry of <hostname> to the exception"
"list. Flag should be 1 to indicate a server name", "list. Flag should be 1 to indicate a server name",
"(eg, services.irc-chat.net) or 0 to indicate a hostname", "(eg, services.irc-chat.net) or 0 to indicate a hostname",
"(eg, *.adsl.home.com). Reason allows you to set a" "(eg, *.adsl.home.com). Reason allows you to set a"
"reason for the exclusion for future reference", "reason for the exclusion for future reference",
"Wildcards such as * and ? may be used in the hostname.", "Wildcards such as * and ? may be used in the hostname.",
"", "",
"\2DEL\2 will delete entry <index> from the list of", "\2DEL\2 will delete entry <index> from the list of",
"exclusions. Use the LIST command to find the index.", "exclusions. Use the LIST command to find the index.",
NULL NULL
}; };
const char *opsb_help_remove[] = { const char *opsb_help_ports[] = {
"Syntax: \2REMOVE <ip|hostname>\2", "Syntax: \2EXCLUDE <LIST>\2",
"", " \2EXCLUDE <ADD> <hostname> <type> <reason>\2",
"Remove akills that have been set by opsb.", " \2EXCLUDE <DEL> <index>\2",
"", "",
"<ip|hostname> is the hostname listed in your akill list", "This command lets you view or manipulate the exception",
"(usually found with /stats a)", "list. Exception lists are used to exclude users, or",
NULL "servers from scanning. You should at least add a server",
}; "entry for your services IRC name, to stop OPSB from",
"scanning Nickserv, Chanserv etc",
"",
"\2LIST\2 will list the current exceptions together with an",
"ID number for use in removing entries.",
"",
"\2ADD\2 will add an entry of <hostname> to the exception"
"list. Flag should be 1 to indicate a server name",
"(eg, services.irc-chat.net) or 0 to indicate a hostname",
"(eg, *.adsl.home.com). Reason allows you to set a"
"reason for the exclusion for future reference",
"Wildcards such as * and ? may be used in the hostname.",
"",
"\2DEL\2 will delete entry <index> from the list of",
"exclusions. Use the LIST command to find the index.",
NULL
};
const char *opsb_help_remove[] = {
"Syntax: \2REMOVE <ip|hostname>\2",
"",
"Remove akills that have been set by opsb.",
"",
"<ip|hostname> is the hostname listed in your akill list",
"(usually found with /stats a)",
NULL
};

110
proxy.c
View file

@ -35,6 +35,7 @@
#include "stats.h" #include "stats.h"
#include "opsb.h" #include "opsb.h"
#include "log.h" #include "log.h"
#include "conf.h"
#include "opm.h" #include "opm.h"
#include "opm_types.h" #include "opm_types.h"
#include "opm_error.h" #include "opm_error.h"
@ -46,9 +47,6 @@ void timeout(OPM_T *scanner, OPM_REMOTE_T *remote, int notused, void *unused);
void scan_end(OPM_T *scanner, OPM_REMOTE_T *remote, int notused, void *unused); void scan_end(OPM_T *scanner, OPM_REMOTE_T *remote, int notused, void *unused);
void scan_error(OPM_T *scanner, OPM_REMOTE_T *remote, int opmerr, void *unused); void scan_error(OPM_T *scanner, OPM_REMOTE_T *remote, int opmerr, void *unused);
#ifndef MSG_NOSIGNAL #ifndef MSG_NOSIGNAL
#define MSG_NOSIGNAL 0 #define MSG_NOSIGNAL 0
#endif #endif
@ -56,9 +54,71 @@ void scan_error(OPM_T *scanner, OPM_REMOTE_T *remote, int opmerr, void *unused);
OPM_T *scanner; OPM_T *scanner;
proxy_type proxy_list[] = {
{ OPM_TYPE_HTTP, "HTTP" },
{ OPM_TYPE_SOCKS4, "SOCKS4" },
{ OPM_TYPE_SOCKS5, "SOCKS5" },
{ OPM_TYPE_WINGATE, "WINGATE" },
{ OPM_TYPE_ROUTER, "ROUTER"},
{ OPM_TYPE_HTTPPOST, "HTTPPOST" },
{ 0, "" }
};
char *type_of_proxy(int type) {
return proxy_list[type-1].name;
}
int get_proxy_by_name(const char *name) {
int i;
for (i=0; proxy_list[i].type != 0; i++) {
if (!strcasecmp(proxy_list[i].name, name)) {
return proxy_list[i].type;
}
}
return 0;
}
void add_port(int type, int port) {
opm_addtype(scanner, type, port);
}
int load_ports() {
char *portname, **av;
int i, j, ac, ok;
port_list *prtlst;
lnode_t *pn;
ok = 0;
for (i = 0; proxy_list[i].type != 0; i++) {
if (GetConf((void *)&portname, CFGSTR, proxy_list[i].name) <= 0) {
nlog(LOG_WARNING, LOG_MOD, "Warning, No Ports defined for Protocol %s", proxy_list[i].name);
} else {
ac = split_buf(portname, &av, 0);
for (j = 0; j < ac; j++) {
if (atoi(av[j]) == 0) {
nlog(LOG_WARNING, LOG_MOD, "Invalid Port %s for Proxy Type %s", av[j], proxy_list[i].name);
continue;
}
if (list_isfull(opsb.ports)) {
nlog(LOG_MOD, LOG_WARNING, "Ports List is Full.");
break;
}
prtlst = malloc(sizeof(port_list));
prtlst->type = proxy_list[i].type;
prtlst->port = atoi(av[j]);
prtlst->noopen = 0;
pn = lnode_create(prtlst);
list_append(opsb.ports, pn);
nlog(LOG_DEBUG1, LOG_MOD, "Added Port %d for Protocol %s", prtlst->port, proxy_list[i].name);
ok = 1;
}
}
}
return ok;
}
int init_libopm() { int init_libopm() {
int i, portcount;
lnode_t *pn;
port_list *pl;
scanner = opm_create(); scanner = opm_create();
/* setup the callbacks to our code */ /* setup the callbacks to our code */
@ -83,21 +143,15 @@ int init_libopm() {
/* max bytes read */ /* max bytes read */
opm_config(scanner, OPM_CONFIG_MAX_READ, &opsb.maxbytes); opm_config(scanner, OPM_CONFIG_MAX_READ, &opsb.maxbytes);
opm_addtype(scanner, OPM_TYPE_HTTP, 8080);
opm_addtype(scanner, OPM_TYPE_HTTP, 80);
opm_addtype(scanner, OPM_TYPE_HTTP, 3128); /* read the proxy types directly from keeper :) */
opm_addtype(scanner, OPM_TYPE_HTTP, 31); pn = list_first(opsb.ports);
opm_addtype(scanner, OPM_TYPE_HTTP, 8000); while (pn) {
opm_addtype(scanner, OPM_TYPE_HTTPPOST, 8080); pl = lnode_get(pn);
opm_addtype(scanner, OPM_TYPE_HTTPPOST, 80); opm_addtype(scanner, pl->type, pl->port);
opm_addtype(scanner, OPM_TYPE_HTTPPOST, 3128); pn = list_next(opsb.ports, pn);
opm_addtype(scanner, OPM_TYPE_HTTPPOST, 31); }
opm_addtype(scanner, OPM_TYPE_HTTPPOST, 8000);
opm_addtype(scanner, OPM_TYPE_WINGATE, 23);
opm_addtype(scanner, OPM_TYPE_ROUTER, 23);
opm_addtype(scanner, OPM_TYPE_SOCKS4, 1080);
opm_addtype(scanner, OPM_TYPE_SOCKS5, 1080);
/* add the sock poll interface into neo */ /* add the sock poll interface into neo */
@ -120,12 +174,12 @@ void open_proxy(OPM_T *scanner, OPM_REMOTE_T *remote, int notused, void *unused)
++opsb.open; ++opsb.open;
nlog(LOG_CRITICAL, LOG_MOD, "OPSB: Banning %s (%s) for Open Proxy - %d(%d)", scandata->who, remote->ip, remote->protocol, remote->port); nlog(LOG_CRITICAL, LOG_MOD, "OPSB: Banning %s (%s) for Open Proxy - %s(%d)", scandata->who, remote->ip, type_of_proxy(remote->protocol), remote->port);
chanalert(s_opsb, "Banning %s (%s) for Open Proxy - %d(%d)", scandata->who, remote->ip, remote->protocol, remote->port); chanalert(s_opsb, "Banning %s (%s) for Open Proxy - %s(%d)", scandata->who, remote->ip, type_of_proxy(remote->protocol), remote->port);
globops(s_opsb, "Banning %s (%s) for Open Proxy - %d(%d)", scandata->who, remote->ip, remote->protocol, remote->port); globops(s_opsb, "Banning %s (%s) for Open Proxy - %s(%d)", scandata->who, remote->ip, type_of_proxy(remote->protocol), remote->port);
if (scandata->u) prefmsg(scandata->u->nick, s_opsb, "Banning %s (%s) for Open Proxy - %d(%d)", scandata->who, remote->ip, remote->protocol, remote->port); if (scandata->u) prefmsg(scandata->u->nick, s_opsb, "Banning %s (%s) for Open Proxy - %s(%d)", scandata->who, remote->ip, type_of_proxy(remote->protocol), remote->port);
#if 0 #if 0
sakill_cmd(remote->ip, "*", s_opsb, opsb.bantime, "Open Proxy found on your host. %d(%d)", remote->protocol, remote->port); sakill_cmd(remote->ip, "*", s_opsb, opsb.bantime, "Open Proxy found on your host. %s(%d)", type_of_proxy(remote->protocol), remote->port);
/* write out to a logfile */ /* write out to a logfile */
if ((fp = fopen("logs/openproxies.log", "a")) == NULL) return; if ((fp = fopen("logs/openproxies.log", "a")) == NULL) return;
@ -157,7 +211,7 @@ void negfailed(OPM_T *scanner, OPM_REMOTE_T *remote, int notused, void *unused)
scandata = remote->data; scandata = remote->data;
if (scandata->u) { if (scandata->u) {
prefmsg(scandata->u->nick, s_opsb, "Negitiation failed for protocol %d (%d)", remote->protocol, remote->port); prefmsg(scandata->u->nick, s_opsb, "Negitiation failed for protocol %s(%d)", type_of_proxy(remote->protocol), remote->port);
} }
} }
@ -168,7 +222,7 @@ void timeout(OPM_T *scanner, OPM_REMOTE_T *remote, int notused, void *unused) {
scandata = remote->data; scandata = remote->data;
if (scandata->u) { if (scandata->u) {
prefmsg(scandata->u->nick, s_opsb, "Timeout on Protocol %d (%d)", remote->protocol, remote->port); prefmsg(scandata->u->nick, s_opsb, "Timeout on Protocol %s(%d)", type_of_proxy(remote->protocol), remote->port);
} }
} }
@ -179,7 +233,7 @@ void scan_end(OPM_T *scanner, OPM_REMOTE_T *remote, int notused, void *unused) {
scandata = remote->data; scandata = remote->data;
if (scandata->u) { if (scandata->u) {
prefmsg(scandata->u->nick, s_opsb, "scan finished %d %d", remote->protocol, remote->port); prefmsg(scandata->u->nick, s_opsb, "scan finished on %s", scandata->who);
} }
if (scandata->state != GOTOPENPROXY) scandata->state = FIN_SCAN; if (scandata->state != GOTOPENPROXY) scandata->state = FIN_SCAN;
check_scan_free(scandata); check_scan_free(scandata);
@ -203,7 +257,7 @@ void scan_error(OPM_T *scanner, OPM_REMOTE_T *remote, int opmerr, void *unused)
#endif #endif
scandata = remote->data; scandata = remote->data;
if (scandata->u) { if (scandata->u) {
prefmsg(scandata->u->nick, s_opsb, "scan error on Protocol %d (%d) - %d", remote->protocol, remote->port, opmerr); prefmsg(scandata->u->nick, s_opsb, "scan error on Protocol %s (%d) - %d", type_of_proxy(remote->protocol), remote->port, opmerr);
} }
/*XXX cleanup */ /*XXX cleanup */
@ -322,4 +376,4 @@ void check_scan_free(scaninfo *scandata) {
nlog(LOG_WARNING, LOG_MOD, "Damn, Can't find ScanNode %s. Something is fubar", scandata->who); nlog(LOG_WARNING, LOG_MOD, "Damn, Can't find ScanNode %s. Something is fubar", scandata->who);
} }
checkqueue(); checkqueue();
} }