Navigation

← Previous Changeset
Next Changeset →

Changeset 339

Timestamp:

02/20/06 10:45:09 (3 years ago)

Author:

common

Message:

[x] nepenthes 0.1.5 commit

once again i unpacked the package, copied it to trunk, svn added missing dirs and files ...

Files:

nepenthes/trunk/CHANGES (modified) (1 diff)
nepenthes/trunk/conf/nepenthes.conf.dist (modified) (1 diff)
nepenthes/trunk/configure (modified) (11 diffs)
nepenthes/trunk/configure.ac (modified) (2 diffs)
nepenthes/trunk/modules/Makefile.am (modified) (1 diff)
nepenthes/trunk/modules/Makefile.in (modified) (2 diffs)
nepenthes/trunk/modules/download-ftp/CTRLDialogue.cpp (modified) (3 diffs)
nepenthes/trunk/modules/download-ftp/CTRLDialogue.hpp (modified) (2 diffs)
nepenthes/trunk/modules/download-http/HTTPDialogue.cpp (modified) (1 diff)
nepenthes/trunk/modules/geolocation-hostip/geolocation-hostip.cpp (modified) (1 diff)
nepenthes/trunk/modules/geolocation-ip2location/Makefile.am (modified) (1 diff)
nepenthes/trunk/modules/geolocation-ip2location/Makefile.in (modified) (1 diff)
nepenthes/trunk/modules/geolocation-ip2location/geolocation-ip2location.conf.dist (added)
nepenthes/trunk/modules/shellcode-generic/sch_generic_bind.cpp (modified) (1 diff)
nepenthes/trunk/modules/shellcode-generic/sch_generic_cmd.cpp (modified) (1 diff)
nepenthes/trunk/modules/shellcode-generic/sch_generic_xor.cpp (modified) (4 diffs)
nepenthes/trunk/modules/shellcode-generic/shellcode-generic.conf.dist (modified) (1 diff)
nepenthes/trunk/modules/shellemu-winnt/Makefile.am (modified) (1 diff)
nepenthes/trunk/modules/shellemu-winnt/Makefile.in (modified) (3 diffs)
nepenthes/trunk/modules/shellemu-winnt/VFS.cpp (modified) (8 diffs)
nepenthes/trunk/modules/shellemu-winnt/VFSCommandFTP.cpp (modified) (6 diffs)
nepenthes/trunk/modules/shellemu-winnt/VFSCommandFTP.hpp (modified) (3 diffs)
nepenthes/trunk/modules/shellemu-winnt/VFSCommandSTART.cpp (added)
nepenthes/trunk/modules/shellemu-winnt/VFSCommandSTART.hpp (added)
nepenthes/trunk/modules/shellemu-winnt/VFSCommandTFTP.cpp (modified) (1 diff)
nepenthes/trunk/modules/vuln-dcom/DCOMDialogue.cpp (modified) (2 diffs)
nepenthes/trunk/modules/vuln-msdtc (added)
nepenthes/trunk/modules/vuln-msdtc/MSDTCDialogue.cpp (added)
nepenthes/trunk/modules/vuln-msdtc/MSDTCDialogue.hpp (added)
nepenthes/trunk/modules/vuln-msdtc/Makefile.am (added)
nepenthes/trunk/modules/vuln-msdtc/Makefile.in (added)
nepenthes/trunk/modules/vuln-msdtc/msdtc-shellcodes.hpp (added)
nepenthes/trunk/modules/vuln-msdtc/vuln-msdtc.conf.dist (added)
nepenthes/trunk/modules/vuln-msdtc/vuln-msdtc.cpp (added)
nepenthes/trunk/modules/vuln-msdtc/vuln-msdtc.hpp (added)
nepenthes/trunk/nepenthes-core/Makefile.in (modified) (1 diff)
nepenthes/trunk/nepenthes-core/include/Makefile.in (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

nepenthes/trunk/CHANGES

r336	r339
	1	Version 0.1.5
	2	=============
	3	Bugfix release/minor features.
	4
	5
	6	Nepenthes
	7	FIXES and ADDITIONS
	8	-----
	9	* none
	10
	11
	12
	13
	14	Modules
	15	FIXES and ADDITIONS
	16	-----
	17	* shellcode-generic
	18	* sch_generic_cmd added \r\n as lineterminator
	19	* shellcode-generic.conf.dist langenfeldConnect pcre added
	20	* sch_generic_xor
	21	* deggendorf & langenfeld xor added,
	22	* removed possible off by n <=3 byte in the 4 byte xor
	23
	24
	25	* vuln-dcom
	26	* made it less aggressive, if it does not look like dcom, dont handle it
	27
	28
	29	* shellemu-winnt
	30	* VFSCommandSTART added
	31	* VFSCommandTFTP proper var checks added
	32	* added handling of the escape var ^ for the shell
	33	* VFSCommandFTP can download >1 file per batch now
	34	* VFSCommandFTP can handle "cd" now
	35
	36	* download-http
	37	* handle downloads with 0 byte bodysize as broken
	38
	39	* download-ftp
	40	* can send CWD now
	41	* fixed missing \r on sending RETR
	42
	43	* geolocation-hostip
	44	* the address to look the address up changed, so we adjusted it
	45
	46
	47	* geolocation-ip2location
	48	* tarball lacked config file
	49
	50
	51	NEW
	52	---
	53	* vuln-msdtc
	54	* emulation for the ms05-051 exploit by swan
	55
	56
1	57	Version 0.1.4
2	58	=============

nepenthes/trunk/conf/nepenthes.conf.dist

r332	r339
61	61	"vulnlsass.so", "vuln-lsass.conf", ""
62	62	"vulnmsmq.so", "vuln-msmq.conf", ""
	63	"vulnmsdtc.so", "vuln-msdtc.conf", ""
63	64	"vulnmssql.so", "vuln-mssql.conf", ""
64	65	"vulnmydoom.so", "vuln-mydoom.conf", ""

nepenthes/trunk/configure

r336	r339
1	1	#! /bin/sh
2		# From configure.ac Id: configure.ac 2~~195 2005-12-01 20:23:46~~Z common .
	2	# From configure.ac Id: configure.ac 2213 2005-12-18 19:04:59Z common .
3	3	# Guess values for system-dependent variables and create Makefiles.
4		# Generated by GNU Autoconf 2.59 for nepenthes 0.1.4.
	4	# Generated by GNU Autoconf 2.59 for nepenthes 0.1.5.
5	5	#
6	6	# Report bugs to <dornseif@informatik.rwth-aachen.de>.
…	…
425	425	PACKAGE_NAME='nepenthes'
426	426	PACKAGE_TARNAME='nepenthes'
427		PACKAGE_VERSION='0.1.4'
428		PACKAGE_STRING='nepenthes 0.1.4'
	427	PACKAGE_VERSION='0.1.5'
	428	PACKAGE_STRING='nepenthes 0.1.5'
429	429	PACKAGE_BUGREPORT='dornseif@informatik.rwth-aachen.de'
430	430
…	…
957	957	# This message is too long to be a string in the A/UX 3.1 sh.
958	958	cat <<_ACEOF
959		\`configure' configures nepenthes 0.1.4 to adapt to many kinds of systems.
	959	\`configure' configures nepenthes 0.1.5 to adapt to many kinds of systems.
960	960
961	961	Usage: $0 [OPTION]... [VAR=VALUE]...
…	…
1023	1023	if test -n "$ac_init_help"; then
1024	1024	case $ac_init_help in
1025		short \| recursive ) echo "Configuration of nepenthes 0.1.4:";;
	1025	short \| recursive ) echo "Configuration of nepenthes 0.1.5:";;
1026	1026	esac
1027	1027	cat <<\_ACEOF
…	…
1181	1181	if $ac_init_version; then
1182	1182	cat <<\_ACEOF
1183		nepenthes configure 0.1.4
	1183	nepenthes configure 0.1.5
1184	1184	generated by GNU Autoconf 2.59
1185	1185
…	…
1195	1195	running configure, to aid debugging if configure makes a mistake.
1196	1196
1197		It was created by nepenthes $as_me 0.1.4, which was
	1197	It was created by nepenthes $as_me 0.1.5, which was
1198	1198	generated by GNU Autoconf 2.59. Invocation command line was
1199	1199
…	…
1838	1838	# Define the identity of the package.
1839	1839	PACKAGE=nepenthes
1840		VERSION=0.1.4
	1840	VERSION=0.1.5
1841	1841
1842	1842
…	…
25354	25354
25355	25355
25356		ac_config_files="$ac_config_files Makefile nepenthes-core/Makefile nepenthes-core/include/Makefile nepenthes-core/src/Makefile modules/Makefile modules/download-creceive/Makefile modules/download-csend/Makefile modules/download-curl/Makefile modules/download-ftp/Makefile modules/download-link/Makefile modules/download-nepenthes/Makefile modules/download-tftp/Makefile modules/log-download/Makefile modules/log-irc/Makefile modules/module-portwatch/Makefile modules/submit-file/Makefile modules/submit-nepenthes/Makefile modules/submit-norman/Makefile modules/submit-xmlrpc/Makefile modules/shellcode-generic/Makefile modules/shellemu-winnt/Makefile modules/vuln-asn1/Makefile modules/vuln-bagle/Makefile modules/vuln-dcom/Makefile modules/vuln-iis/Makefile modules/vuln-kuang2/Makefile modules/vuln-lsass/Makefile modules/vuln-msmq/Makefile modules/vuln-mssql/Makefile modules/vuln-mydoom/Makefile modules/vuln-netbiosname/Makefile modules/vuln-netdde/Makefile modules/vuln-optix/Makefile modules/vuln-pnp/Makefile modules/vuln-sasserftpd/Makefile modules/vuln-sub7/Makefile modules/vuln-upnp/Makefile modules/vuln-veritas/Makefile modules/vuln-wins/Makefile modules/vuln-dameware/Makefile modules/vuln-ssh/Makefile modules/x-1/Makefile modules/x-2/Makefile modules/x-3/Makefile modules/x-4/Makefile modules/x-5/Makefile modules/x-6/Makefile modules/x-7/Makefile modules/x-8/Makefile modules/geolocation-hostip/Makefile modules/geolocation-geoip/Makefile modules/download-http/Makefile modules/upload-http/Makefile modules/dnsresolve-adns/Makefile modules/geolocation-ip2location/Makefile modules/log-surfnet/Makefile"
	25356	ac_config_files="$ac_config_files Makefile nepenthes-core/Makefile nepenthes-core/include/Makefile nepenthes-core/src/Makefile modules/Makefile modules/download-creceive/Makefile modules/download-csend/Makefile modules/download-curl/Makefile modules/download-ftp/Makefile modules/download-link/Makefile modules/download-nepenthes/Makefile modules/download-tftp/Makefile modules/log-download/Makefile modules/log-irc/Makefile modules/module-portwatch/Makefile modules/submit-file/Makefile modules/submit-nepenthes/Makefile modules/submit-norman/Makefile modules/submit-xmlrpc/Makefile modules/shellcode-generic/Makefile modules/shellemu-winnt/Makefile modules/vuln-asn1/Makefile modules/vuln-bagle/Makefile modules/vuln-dcom/Makefile modules/vuln-iis/Makefile modules/vuln-kuang2/Makefile modules/vuln-lsass/Makefile modules/vuln-msmq/Makefile modules/vuln-mssql/Makefile modules/vuln-mydoom/Makefile modules/vuln-netbiosname/Makefile modules/vuln-netdde/Makefile modules/vuln-optix/Makefile modules/vuln-pnp/Makefile modules/vuln-sasserftpd/Makefile modules/vuln-sub7/Makefile modules/vuln-upnp/Makefile modules/vuln-veritas/Makefile modules/vuln-wins/Makefile modules/vuln-dameware/Makefile modules/vuln-ssh/Makefile modules/x-1/Makefile modules/x-2/Makefile modules/x-3/Makefile modules/x-4/Makefile modules/x-5/Makefile modules/x-6/Makefile modules/x-7/Makefile modules/x-8/Makefile modules/geolocation-hostip/Makefile modules/geolocation-geoip/Makefile modules/download-http/Makefile modules/upload-http/Makefile modules/dnsresolve-adns/Makefile modules/geolocation-ip2location/Makefile modules/log-surfnet/Makefile modules/vuln-msdtc/Makefile"
25357	25357
25358	25358	# modules/module-drone/Makefile
…	…
25764	25764	cat >&5 <<_CSEOF
25765	25765
25766		This file was extended by nepenthes $as_me 0.1.4, which was
	25766	This file was extended by nepenthes $as_me 0.1.5, which was
25767	25767	generated by GNU Autoconf 2.59. Invocation command line was
25768	25768
…	…
25827	25827	cat >>$CONFIG_STATUS <<_ACEOF
25828	25828	ac_cs_version="\\
25829		nepenthes config.status 0.1.4
	25829	nepenthes config.status 0.1.5
25830	25830	configured by $0, generated by GNU Autoconf 2.59,
25831	25831	with options \\"`echo "$ac_configure_args" \| sed 's/[\\""\`\$]/\\\\&/g'`\\"
…	…
25993	25993	"modules/geolocation-ip2location/Makefile" ) CONFIG_FILES="$CONFIG_FILES modules/geolocation-ip2location/Makefile" ;;
25994	25994	"modules/log-surfnet/Makefile" ) CONFIG_FILES="$CONFIG_FILES modules/log-surfnet/Makefile" ;;
	25995	"modules/vuln-msdtc/Makefile" ) CONFIG_FILES="$CONFIG_FILES modules/vuln-msdtc/Makefile" ;;
25995	25996	"depfiles" ) CONFIG_COMMANDS="$CONFIG_COMMANDS depfiles" ;;
25996	25997	"config.h" ) CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;;

nepenthes/trunk/configure.ac

r336	r339
7	7
8	8	AC_PREREQ(2.59)
9		AC_INIT([nepenthes], [0.1.4], [dornseif@informatik.rwth-aachen.de])
10		AM_INIT_AUTOMAKE([nepenthes], [0.1.4])
	9	AC_INIT([nepenthes], [0.1.5], [dornseif@informatik.rwth-aachen.de])
	10	AM_INIT_AUTOMAKE([nepenthes], [0.1.5])
11	11	AC_REVISION([$Id$])
12	12
…	…
679	679	modules/geolocation-ip2location/Makefile
680	680	modules/log-surfnet/Makefile
	681	modules/vuln-msdtc/Makefile
681	682	])
682	683	# modules/module-drone/Makefile

nepenthes/trunk/modules/Makefile.am

r332	r339
9	9	shellcode-generic shellemu-winnt \
10	10	vuln-asn1 vuln-bagle vuln-dcom vuln-iis vuln-kuang2 vuln-lsass \
11		vuln-msmq vuln-mssql vuln-mydoom \
	11	vuln-msdtc vuln-msmq vuln-mssql vuln-mydoom \
12	12	vuln-netbiosname vuln-netdde vuln-optix vuln-pnp vuln-sasserftpd \
13	13	vuln-sub7 vuln-upnp vuln-veritas vuln-wins vuln-dameware vuln-ssh \

nepenthes/trunk/modules/Makefile.in

r336	r339
171	171	shellcode-generic shellemu-winnt \
172	172	vuln-asn1 vuln-bagle vuln-dcom vuln-iis vuln-kuang2 vuln-lsass \
173		vuln-msmq vuln-mssql vuln-mydoom \
	173	vuln-msdtc vuln-msmq vuln-mssql vuln-mydoom \
174	174	vuln-netbiosname vuln-netdde vuln-optix vuln-pnp vuln-sasserftpd \
175	175	vuln-sub7 vuln-upnp vuln-veritas vuln-wins vuln-dameware vuln-ssh \
…	…
193	193	esac; \
194	194	done; \
195		echo ' cd $(top_srcdir) && $(AUTOMAKE) --~~gnu~~ modules/Makefile'; \
	195	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign modules/Makefile'; \
196	196	cd $(top_srcdir) && \
197		$(AUTOMAKE) --~~gnu~~ modules/Makefile
	197	$(AUTOMAKE) --foreign modules/Makefile
198	198	.PRECIOUS: Makefile
199	199	Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status

nepenthes/trunk/modules/download-ftp/CTRLDialogue.cpp

r332	r339
172	172
173	173	case FTP_TYPE:
174		if (parseType((char *)m_Buffer->getData() + iStart)== true)
	174	if ( parseType((char *)m_Buffer->getData() + iStart)== true )
	175	{
	176	if ( m_Download->getDownloadUrl()->getDir() != "" )
	177	{
	178	sendCWD();
	179	m_State = FTP_CWD;
	180	} else
	181	{
	182	sendPort();
	183	m_State = FTP_PORT;
	184	}
	185	}
	186	break;
	187
	188	case FTP_CWD:
	189	if (parseCWD((char *)m_Buffer->getData() + iStart)== true)
175	190	{
176	191	sendPort();
177	192	m_State = FTP_PORT;
178	193	}
179		break;
	194
180	195
181	196	case FTP_PORT:
…	…
430	445
431	446	char *nmsg;
432		asprintf(&nmsg,"RETR %s\~~n",m_Download->getDownloadUrl()->getPath~~().c_str());
	447	asprintf(&nmsg,"RETR %s\r\n",m_Download->getDownloadUrl()->getFile().c_str());
433	448	logDebug("FTPSEND: '%s'\n",nmsg);
434	449	m_Socket->doRespond(nmsg,strlen(nmsg));
…	…
470	485	}
471	486
	487	void CTRLDialogue::sendCWD()
	488	{
	489	char *nmsg;
	490	asprintf(&nmsg,"CWD %s\r\n",m_Download->getDownloadUrl()->getDir().c_str());
	491	logDebug("FTPSEND: '%s'\n",nmsg);
	492	m_Socket->doRespond(nmsg,strlen(nmsg));
	493	free(nmsg);
	494	}
	495
	496	bool CTRLDialogue::parseCWD(char *msg)
	497	{
	498	if (strncmp(msg,"250 ",4) == 0)
	499	{
	500	logDebug("%s","CWD accepted\n");
	501	return true;
	502	}else
	503	{
	504	return false;
	505	}
	506	}
	507

nepenthes/trunk/modules/download-ftp/CTRLDialogue.hpp

r332	r339
48	48	FTP_PASS,
49	49	FTP_TYPE,
	50	FTP_CWD,
50	51	FTP_PORT,
51	52	// FTP_EPASV,
…	…
82	83	bool parseType(char *msg);
83	84
	85	void sendCWD();
	86	bool parseCWD(char *msg);
	87
84	88	void sendPort();
85	89	bool parsePort(char *msg);

nepenthes/trunk/modules/download-http/HTTPDialogue.cpp

r332	r339
189	189	m_Download->getDownloadBuffer()->cutFront((uint32_t)(end-start)+2);
190	190
191		if (m_Download->getCallback() != NULL)
192		{
193		m_Download->getCallback()->downloadSuccess(m_Download);
194		}else
195		{
196		g_Nepenthes->getSubmitMgr()->addSubmission(m_Download);
	191
	192
	193	if ( m_Download->getDownloadBuffer()->getSize() > 0 )
	194	{
	195
	196	if ( m_Download->getCallback() != NULL )
	197	{
	198	m_Download->getCallback()->downloadSuccess(m_Download);
	199	} else
	200	{
	201	g_Nepenthes->getSubmitMgr()->addSubmission(m_Download);
	202	}
	203	} else
	204	{
	205	logWarn("Download has size %i\n",m_Download->getDownloadBuffer()->getSize());
	206	if ( m_Download->getCallback() != NULL )
	207	{
	208	m_Download->getCallback()->downloadFailure(m_Download);
	209	}
197	210	}
198	211	return CL_DROP;

nepenthes/trunk/modules/geolocation-hostip/geolocation-hostip.cpp

r332	r339
135	135	logSpam("GeoLocationHostIp looking up info for %x %s %x\n",query->getCallback(),inet_ntoa((in_addr )&ip),query->getObject());
136	136
137		string url = "http://~~www.hostip.info/api/get.html~~?ip=";
138		url += inet_ntoa((in_addr )&ip);
	137	string url = "http://api.hostip.info/get_html.php?ip=";
	138	url += inet_ntoa((in_addr )&ip);
139	139	url += "&position=true";
140	140

nepenthes/trunk/modules/geolocation-ip2location/Makefile.am

r336	r339
11	11	pkglib_LTLIBRARIES = geolocationip2location.la
12	12
13		geolocationip2location_la_SOURCES = geolocation-ip2location.cpp geolocation-ip2location.hpp
	13	geolocationip2location_la_SOURCES = geolocation-ip2location.cpp geolocation-ip2location.hpp geolocation-ip2location.conf.dist
14	14
15	15	geolocationip2location_la_LDFLAGS = -module -no-undefined -avoid-version

nepenthes/trunk/modules/geolocation-ip2location/Makefile.in

r336	r339
196	196	AM_LDFLAGS = $IP2LOCATION_LIBS
197	197	pkglib_LTLIBRARIES = geolocationip2location.la
198		geolocationip2location_la_SOURCES = geolocation-ip2location.cpp geolocation-ip2location.hpp
	198	geolocationip2location_la_SOURCES = geolocation-ip2location.cpp geolocation-ip2location.hpp geolocation-ip2location.conf.dist
199	199	geolocationip2location_la_LDFLAGS = -module -no-undefined -avoid-version
200	200	all: all-am

nepenthes/trunk/modules/shellcode-generic/sch_generic_bind.cpp

r332	r339
148	148	pcre_get_substring((char *) shellcode, output, result, 1, &match);
149	149
150		port = ntohs((uint32_t ) match);
	150	port = ntohs((uint16_t ) match);
151	151	logInfo("Detected Generic listenshell shellcode #%s, :%u \n",(*it)->m_Name.c_str(), port);
152	152	pcre_free_substring(match);

nepenthes/trunk/modules/shellcode-generic/sch_generic_cmd.cpp

r336	r339
64	64	bool GenericCMD::Init()
65	65	{
66		const char createprocesspcre = ".(cmd.* /.~~\\x00~~).";
	66	const char createprocesspcre = ".(cmd.* /.(\\x00\|\\x0D\\x0A)).";
67	67	const char * pcreEerror;
68	68	int32_t pcreErrorPos;

nepenthes/trunk/modules/shellcode-generic/sch_generic_xor.cpp

r336	r339
87	87	int32_t pcreErrorPos;
88	88
89		XORPcreHelper test[7]=
	89	XORPcreHelper test[9]=
90	90	{
91	91	{
…	…
120	120	},
121	121	{
	122	"(.)(\\xEB\\x10\\x5A\\x4A\\x31\\xC9\\x66\\xB9\(..)\\x80\\x34\\x0A(.)\\xE2\\xFA\\xEB\\x05\\xE8\\xEB\\xFF\\xFF\\xFF)(.)$",
	123	"deggendorf xor",
	124	27
	125	},
	126	{
	127	"(.)(\\xEB\\x0F\\x5B\\x33\\xC9\\x66\\xB9(..)\\x80\\x33(.)\\x43\\xE2\\xFA\\xEB\\x05\\xE8\\xEC\\xFF\\xFF\\xFF)(.)$",
	128	"langenfeld xor",
	129	21
	130	},
	131	{
122	132	"(.)(\\xEB.\\xEB.\\xE8.\\xB1(.).\\x80..(.).\\xE2.)(.*)$",
123	133	"generic mwcollect",
…	…
127	137	};
128	138
129		for( uint32_t i = 0; i <= 6; i++ )
	139	for( uint32_t i = 0; i <= 8; i++ )
130	140	{
131	141	pcre *mypcre;
…	…
264	274	// LogSpam("codesize %i totalsize %i", codesize, totalsize);
265	275
266		for( uint32_t j = 0; j < codesize && j*4 < totalsize; j++ )
	276	for( uint32_t j = 0; j < codesize && (j+1)*4 < totalsize; j++ )
267	277	(uint32_t )(decodedMessage+(j*4) ) ^= longkey;
268	278	// g_Nepenthes->getUtilities()->hexdump(l_crit, decodedMessage, totalsize);

nepenthes/trunk/modules/shellcode-generic/shellcode-generic.conf.dist

r336	r339
30	30	"theEggHunter",
31	31	"\\x41\\x42\\x41\\x42\\x41\\x42\\x41\\x42\\x90\\x90\\x90\\x90\\x90\\x90\\x90\\x90\\x90\\xFC\\x6A\\xEB\\x52\\xE8\\xF9\\xFF\\xFF\\xFF\\x60\\x8B\\x6C\\x24\\x24\\x8B\\x45\\x3C\\x8B\\x7C\\x05\\x78\\x01\\xEF\\x83\\xC7\\x01\\x8B\\x4F\\x17\\x8B\\x5F\\x1F\\x01\\xEB\\xE3\\x30\\x49\\x8B\\x34\\x8B\\x01\\xEE\\x31\\xC0\\x99\\xAC\\x84\\xC0\\x74\\x07\\xC1\\xCA\\x0D\\x01\\xC2\\xEB\\xF4\\x3B\\x54\\x24\\x28\\x75\\xE3\\x8B\\x5F\\x23\\x01\\xEB\\x66\\x8B\\x0C\\x4B\\x8B\\x5F\\x1B\\x01\\xEB\\x03\\x2C\\x8B\\x89\\x6C\\x24\\x1C\\x61\\xC3\\x31\\xC0\\x64\\x8B\\x40\\x30\\x8B\\x40\\x0C\\x8B\\x70\\x1C\\xAD\\x8B\\x40\\x08\\x5E\\x68\\x8E\\x4E\\x0E\\xEC\\x50\\xFF\\xD6\\x31\\xDB\\x66\\x53\\x66\\x68\\x33\\x32\\x68\\x77\\x73\\x32\\x5F\\x54\\xFF\\xD0\\x68\\xCB\\xED\\xFC\\x3B\\x50\\xFF\\xD6\\x5F\\x89\\xE5\\x66\\x81\\xED\\x08\\x02\\x55\\x6A\\x02\\xFF\\xD0\\x68\\xD9\\x09\\xF5\\xAD\\x57\\xFF\\xD6\\x53\\x53\\x53\\x53\\x43\\x53\\x43\\x53\\xFF\\xD0\\x68(....)\\x66\\x68(..)\\x66\\x53\\x89\\xE1\\x95\\x68\\xEC\\xF9\\xAA\\x60\\x57\\xFF\\xD6\\x6A\\x10\\x51\\x55\\xFF\\xD0\\x66\\x6A\\x64\\x66\\x68\\x63\\x6D\\x6A\\x50\\x59\\x29\\xCC\\x89\\xE7\\x6A\\x44\\x89\\xE2\\x31\\xC0\\xF3\\xAA\\x95\\x89\\xFD\\xFE\\x42\\x2D\\xFE\\x42\\x2C\\x8D\\x7A\\x38\\xAB\\xAB\\xAB\\x68\\x72\\xFE\\xB3\\x16\\xFF\\x75\\x28\\xFF\\xD6\\x5B\\x57\\x52\\x51\\x51\\x51\\x6A\\x01\\x51\\x51\\x55\\x51\\xFF\\xD0\\x68\\xAD\\xD9\\x05\\xCE\\x53\\xFF\\xD6\\x6A\\xFF\\xFF\\x37\\xFF\\xD0\\x68\\xE7\\x79\\xC6\\x79\\xFF\\x75\\x04\\xFF\\xD6\\xFF\\x77\\xFC\\xFF\\xD0\\x68\\xEF\\xCE\\xE0\\x60\\x53\\xFF\\xD6\\xFF\\xD0"
	32
	33	"langenfeldConnect"
	34	"\\xE9\\xF4\\x00\\x00\\x00\\x5A\\xB8\\x0C\\xF0\\xFD\\x7F\\x8B\\x00\\x8B\\x70\\x1C\\xAD\\x8B\\x40\\x08\\x8B\\xD8\\x8B\\x73\\x3C\\x03\\xF3\\x8B\\x76\\x78\\x03\\xF3\\x8B\\x7E\\x20\\x03\\xFB\\x8B\\x4E\\x14\\x33\\xED\\x56\\x57\\x51\\x8B\\x3F\\x03\\xFB\\x8B\\xF2\\x6A\\x0E\\x59\\xF3\\xA6\\x74\\x08\\x59\\x5F\\x83\\xC7\\x04\\x45\\xE2\\xE9\\x59\\x5F\\x5E\\x8B\\xCD\\x8B\\x46\\x24\\x03\\xC3\\xD1\\xE1\\x03\\xC1\\x33\\xC9\\x66\\x8B\\x08\\x8B\\x46\\x1C\\x03\\xC3\\xC1\\xE1\\x02\\x03\\xC1\\x8B\\x00\\x03\\xC3\\x8B\\xFA\\x8B\\xF7\\x83\\xC6\\x0E\\x8B\\xD0\\x6A\\x03\\x59\\xE8\\x70\\x00\\x00\\x00\\x83\\xC6\\x0D\\x52\\x56\\xFF\\x57\\xFC\\x5A\\x8B\\xD8\\x6A\\x02\\x59\\xE8\\x5D\\x00\\x00\\x00\\x83\\xEC\\x44\\x8B\\xF4\\x6A\\x10\\x59\\x89\\x04\\x8E\\xE2\\xFB\\x50\\x50\\x50\\x50\\x6A\\x01\\x6A\\x02\\xFF\\x57\\xF8\\x8B\\xD8\\x89\\x5E\\x38\\x89\\x5E\\x3C\\x89\\x5E\\x40\\x66\\xC7\\x46\\x2C\\x01\\x01\\x8D\\x47\\x10\\x50\\x56\\x33\\xC0\\x50\\x50\\x50\\x6A\\x01\\x50\\x50\\x8D\\x57\\x3C\\xC7\\x02\\x63\\x6D\\x64\\x00\\x52\\x50\\xFF\\x57\\xEC\\xC7\\x07\\x02\\x00(..)\\xC7\\x47\\x04(....)\\x6A\\x10\\x57\\x53\\xFF\\x57\\xFC\\x50\\xFF\\x57\\xF0"
32	35	);
33	36

nepenthes/trunk/modules/shellemu-winnt/Makefile.am

r321	r339
11	11	pkglib_LTLIBRARIES = shellemuwinnt.la
12	12
13		shellemuwinnt_la_SOURCES = VFS.hpp VFSCommand.hpp VFSCommandCMD.hpp VFSCommandDir.hpp VFSCommandECHO.hpp VFSCommandFTP.hpp VFSCommandREDIR.hpp VFSCommandRREDIR.hpp VFSCommandTFTP.hpp VFSDir.hpp VFSFile.hpp VFSNode.hpp WinNTShellDialogue.hpp shellemu-winnt.hpp VFS.cpp VFSCommandCMD.cpp VFSCommandDir.cpp VFSCommandECHO.cpp VFSCommandFTP.cpp VFSCommandREDIR.cpp VFSCommandRREDIR.cpp VFSCommandTFTP.cpp VFSDir.cpp VFSFile.cpp WinNTShellDialogue.cpp shellemu-winnt.cpp
	13
	14	shellemuwinnt_la_SOURCES = VFS.cpp VFS.hpp
	15	shellemuwinnt_la_SOURCES += shellemu-winnt.cpp shellemu-winnt.hpp
	16	shellemuwinnt_la_SOURCES += VFSCommand.hpp
	17	shellemuwinnt_la_SOURCES += VFSNode.hpp
	18	shellemuwinnt_la_SOURCES += VFSDir.cpp VFSDir.hpp
	19	shellemuwinnt_la_SOURCES += VFSFile.cpp VFSFile.hpp
	20	shellemuwinnt_la_SOURCES += WinNTShellDialogue.cpp WinNTShellDialogue.hpp
	21	shellemuwinnt_la_SOURCES += VFSCommandCMD.cpp VFSCommandCMD.hpp
	22	shellemuwinnt_la_SOURCES += VFSCommandDir.cpp VFSCommandDir.hpp
	23	shellemuwinnt_la_SOURCES += VFSCommandECHO.cpp VFSCommandECHO.hpp
	24	shellemuwinnt_la_SOURCES += VFSCommandFTP.cpp VFSCommandFTP.hpp
	25	shellemuwinnt_la_SOURCES += VFSCommandREDIR.cpp VFSCommandREDIR.hpp
	26	shellemuwinnt_la_SOURCES += VFSCommandRREDIR.cpp VFSCommandRREDIR.hpp
	27	shellemuwinnt_la_SOURCES += VFSCommandTFTP.cpp VFSCommandTFTP.hpp
	28	shellemuwinnt_la_SOURCES += VFSCommandSTART.cpp VFSCommandSTART.hpp
	29
14	30
15	31	shellemuwinnt_la_LDFLAGS = -module -no-undefined -avoid-version

nepenthes/trunk/modules/shellemu-winnt/Makefile.in

r330	r339
60	60	LTLIBRARIES = $(pkglib_LTLIBRARIES)
61	61	shellemuwinnt_la_LIBADD =
62		am_shellemuwinnt_la_OBJECTS = VFS.lo VFSCommandCMD.lo VFSCommandDir.lo \
63		VFSCommandECHO.lo VFSCommandFTP.lo VFSCommandREDIR.lo \
64		VFSCommandRREDIR.lo VFSCommandTFTP.lo VFSDir.lo VFSFile.lo \
65		WinNTShellDialogue.lo shellemu-winnt.lo
	62	am_shellemuwinnt_la_OBJECTS = VFS.lo shellemu-winnt.lo VFSDir.lo \
	63	VFSFile.lo WinNTShellDialogue.lo VFSCommandCMD.lo \
	64	VFSCommandDir.lo VFSCommandECHO.lo VFSCommandFTP.lo \
	65	VFSCommandREDIR.lo VFSCommandRREDIR.lo VFSCommandTFTP.lo \
	66	VFSCommandSTART.lo
66	67	shellemuwinnt_la_OBJECTS = $(am_shellemuwinnt_la_OBJECTS)
67	68	DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)
…	…
198	199	AM_LDFLAGS = -lpcre
199	200	pkglib_LTLIBRARIES = shellemuwinnt.la
200		shellemuwinnt_la_SOURCES = VFS.hpp VFSCommand.hpp VFSCommandCMD.hpp VFSCommandDir.hpp VFSCommandECHO.hpp VFSCommandFTP.hpp VFSCommandREDIR.hpp VFSCommandRREDIR.hpp VFSCommandTFTP.hpp VFSDir.hpp VFSFile.hpp VFSNode.hpp WinNTShellDialogue.hpp shellemu-winnt.hpp VFS.cpp VFSCommandCMD.cpp VFSCommandDir.cpp VFSCommandECHO.cpp VFSCommandFTP.cpp VFSCommandREDIR.cpp VFSCommandRREDIR.cpp VFSCommandTFTP.cpp VFSDir.cpp VFSFile.cpp WinNTShellDialogue.cpp shellemu-winnt.cpp
	201	shellemuwinnt_la_SOURCES = VFS.cpp VFS.hpp shellemu-winnt.cpp \
	202	shellemu-winnt.hpp VFSCommand.hpp VFSNode.hpp VFSDir.cpp \
	203	VFSDir.hpp VFSFile.cpp VFSFile.hpp WinNTShellDialogue.cpp \
	204	WinNTShellDialogue.hpp VFSCommandCMD.cpp VFSCommandCMD.hpp \
	205	VFSCommandDir.cpp VFSCommandDir.hpp VFSCommandECHO.cpp \
	206	VFSCommandECHO.hpp VFSCommandFTP.cpp VFSCommandFTP.hpp \
	207	VFSCommandREDIR.cpp VFSCommandREDIR.hpp VFSCommandRREDIR.cpp \
	208	VFSCommandRREDIR.hpp VFSCommandTFTP.cpp VFSCommandTFTP.hpp \
	209	VFSCommandSTART.cpp VFSCommandSTART.hpp
201	210	shellemuwinnt_la_LDFLAGS = -module -no-undefined -avoid-version
202	211	all: all-am
…	…
276	285	@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/VFSCommandREDIR.Plo@am__quote@
277	286	@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/VFSCommandRREDIR.Plo@am__quote@
	287	@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/VFSCommandSTART.Plo@am__quote@
278	288	@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/VFSCommandTFTP.Plo@am__quote@
279	289	@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/VFSDir.Plo@am__quote@

nepenthes/trunk/modules/shellemu-winnt/VFS.cpp

r332	r339
36	36	#include "VFSCommandFTP.hpp"
37	37	#include "VFSCommandCMD.hpp"
	38	#include "VFSCommandSTART.hpp"
38	39
39	40	#include "Nepenthes.hpp"
…	…
105	106	VFSCommand *vccmd = new VFSCommandCMD(sdir, this);
106	107	sdir->createCommand(vccmd);
	108
	109	VFSCommand *vcstart = new VFSCommandSTART(sdir, this);
	110	sdir->createCommand(vcstart);
107	111
108	112
…	…
148	152	if ( m_StdIn[i] == '>' )
149	153	{
150		if ( haschar == true )
151		{
152		break;
153		} else
154		{
155		hasredir = true;
	154	if (escaped == false)
	155	{
	156	if ( haschar == true )
	157	{
	158	logDebug("breaking here %i line %i \n",i,__LINE__);
	159	break;
	160	} else
	161	{
	162	hasredir = true;
	163	}
	164	}else
	165	{
	166	escaped = false;
156	167	}
157	168
…	…
161	172
162	173	i++;
163		logDebug("breaking here %i ~~\n",i~~);
	174	logDebug("breaking here %i line %i \n",i,__LINE__);
164	175	break;
165	176	}
…	…
167	178	if ( ( m_StdIn[i] == ';' && hasredir == true ) \|\| m_StdIn[i] == '&')
168	179	{
169		i++;
170		break;
	180	if (escaped == false)
	181	{
	182	i++;
	183	logDebug("breaking here %i line %i \n",i,__LINE__);
	184	break;
	185	}else
	186	{
	187	escaped = false;
	188	}
171	189	}
172	190	else
173	191	if (m_StdIn[i] == '^')
174	192	{
175		escaped = true;
	193	if (escaped == false)
	194	{
	195	escaped = true;
	196	}else
	197	{
	198	escaped = false;
	199	}
176	200	}
177	201	else
…	…
193	217	line[line.size()-1] = '\0';
194	218
	219	string newline;
	220	escaped = false;
	221
	222	i=0;
	223	int j=0;
	224	while (i<line.size())
	225	{
	226	if ( escaped == true)
	227	{
	228	escaped = false;
	229	newline += line[i];
	230	j++;
	231	}else
	232	{
	233	if (line[i] == '^')
	234	{
	235	escaped = true;
	236	}else
	237	{
	238	newline += line[i];
	239	escaped = false;
	240	}
	241	}
	242	i++;
	243	}
195	244
	245	logSpam("LINE %s\n",line.c_str());
	246	logSpam("ESCL %s\n",newline.c_str());
	247
	248	line = newline;
196	249
197	250	/* beispiel fuer den block 'befehl suchen'
…	…
320	373
321	374	string altercommand = command + ".exe";
322		if ((cfile)->getType() == VFS_EXE && ((cfile)->getName() == command \|\| (*cfile)->getName() == altercommand ) )
	375	if ((*cfile)->getType() == VFS_EXE &&
	376	( strcasecmp((*cfile)->getName().c_str(),command.c_str()) == 0 \|\|
	377	strcasecmp((*cfile)->getName().c_str(),altercommand.c_str()) == 0 )
	378	)
323	379	{
324	380	logSpam("found command '%s' <-> '%s' \n",(*cfile)->getName().c_str(), command.c_str());
…	…
337	393	for ( cfile = dirlist.begin(); cfile != dirlist.end() && foundcommand == false; cfile++ )
338	394	{
339		// printf("FILE '%s' '%s' \n",command.c_str(), (*cfile)->getName().c_str());
	395	// printf("FILE '%s' '%s' \n",command.c_str(), (*cfile)->getName().c_str());
340	396	string altercommand = command + ".bat";
341		if ( (cfile)->getType() == VFS_FILE && ((cfile)->getName() == command \|\| (*cfile)->getName() == altercommand ) )
	397	if (
	398	(*cfile)->getType() == VFS_FILE &&
	399	( strcasecmp((*cfile)->getName().c_str(),command.c_str()) == 0 \|\|
	400	strcasecmp((*cfile)->getName().c_str(),altercommand.c_str()) == 0 )
	401	)
342	402	{
343	403	logSpam("found command '%s' <-> '%s' \n",(*cfile)->getName().c_str(), command.c_str());

nepenthes/trunk/modules/shellemu-winnt/VFSCommandFTP.cpp

r332	r339
114	114	string pass = "guest";
115	115	string getfile = "nofileyet";
	116	string path = "";
116	117	uint8_t downloadflags=0;
117	118
…	…
278	279	default:
279	280	getfile = paramlist[1];
280		logDebug("ftp://%s:%s@%s:%s/%s\n",user.c_str(),pass.c_str(),host.c_str(),port.c_str(),getfile.c_str());
	281	// logDebug("ftp://%s:%s@%s:%s/%s\n",user.c_str(),pass.c_str(),host.c_str(),port.c_str(),getfile.c_str());
	282	startDownload(host,port,user,pass,path,getfile,downloadflags);
281	283	}
282	284	}else
283		if ( strncasecmp((char )&jt->c_str(),"binary",6) == 0 )
	285	if ( strncasecmp((char )&jt->c_str(),"binary",6) == 0 \|\|
	286	strncasecmp((char )&jt->c_str(),"bin",3) == 0)
284	287	{
285	288	downloadflags \|= DF_TYPE_BINARY;
	289	}else
	290	if ( strncasecmp((char )&jt->c_str(),"cd",2) == 0 )
	291	{
	292	switch ( paramlist.size() )
	293	{
	294	case 1:
	295	state = NEXT_IS_PATH;
	296	break;
	297
	298	&nb