4 * Trojanscan copyright (C) Chris Porter 2002-2005
5 * Newserv bits copyright (C) David Mansell 2002-2003
8 * - Poke splidge about +r'ing bots, potential problems:
9 * - users might whine about T clone stealing account
10 * - would have to steal one already in use, so if trojans start using /msg q whois they'll see
11 * (though they have to be authed for this, they could use a clone of their own however)
14 #include "trojanscan.h"
15 #include "../lib/strlfunc.h"
16 #include "../lib/version.h"
18 MODULE_VERSION(TROJANSCAN_VERSION
" / $Id: trojanscan.c 694 2006-06-06 19:55:40Z newserv $")
21 trojanscan_cmds
= newcommandtree();
23 addcommandtotree(trojanscan_cmds
, "showcommands", TROJANSCAN_ACL_UNAUTHED
, 0, &trojanscan_showcommands
);
24 addcommandtotree(trojanscan_cmds
, "help", TROJANSCAN_ACL_UNAUTHED
, 1, &trojanscan_help
);
25 addcommandtotree(trojanscan_cmds
, "hello", TROJANSCAN_ACL_UNAUTHED
| TROJANSCAN_ACL_OPER
, 1, &trojanscan_hello
);
27 addcommandtotree(trojanscan_cmds
, "join", TROJANSCAN_ACL_STAFF
, 1, &trojanscan_userjoin
);
28 addcommandtotree(trojanscan_cmds
, "chanlist", TROJANSCAN_ACL_STAFF
, 0, &trojanscan_chanlist
);
29 addcommandtotree(trojanscan_cmds
, "whois", TROJANSCAN_ACL_STAFF
, 1, &trojanscan_whois
);
31 addcommandtotree(trojanscan_cmds
, "changelev", TROJANSCAN_ACL_STAFF
| TROJANSCAN_ACL_OPER
, 2, &trojanscan_changelev
);
32 addcommandtotree(trojanscan_cmds
, "deluser", TROJANSCAN_ACL_TEAMLEADER
| TROJANSCAN_ACL_OPER
, 2, &trojanscan_deluser
);
33 addcommandtotree(trojanscan_cmds
, "mew", TROJANSCAN_ACL_STAFF
, 2, &trojanscan_mew
);
34 addcommandtotree(trojanscan_cmds
, "status", TROJANSCAN_ACL_STAFF
| TROJANSCAN_ACL_OPER
, 0, &trojanscan_status
);
35 addcommandtotree(trojanscan_cmds
, "listusers", TROJANSCAN_ACL_TEAMLEADER
, 0, &trojanscan_listusers
);
37 addcommandtotree(trojanscan_cmds
, "rehash", TROJANSCAN_ACL_WEBSITE
, 0, &trojanscan_rehash
);
39 addcommandtotree(trojanscan_cmds
, "cat", TROJANSCAN_ACL_OPER
, 1, &trojanscan_cat
);
41 addcommandtotree(trojanscan_cmds
, "reschedule", TROJANSCAN_ACL_DEVELOPER
| TROJANSCAN_ACL_OPER
, 0, &trojanscan_reschedule
);
43 srand((int)time(NULL
));
45 trojanscan_connect_schedule
= scheduleoneshot(time(NULL
) + 1, &trojanscan_connect
, NULL
);
50 struct trojanscan_realchannels
*rp
= trojanscan_realchanlist
, *oldrp
;
51 struct trojanscan_rejoinlist
*rj
= trojanscan_schedulerejoins
, *oldrj
;
54 deregisterlocaluser(trojanscan_nick
, NULL
);
56 if (trojanscan_connect_schedule
)
57 deleteschedule(trojanscan_connect_schedule
, &trojanscan_connect
, NULL
);
59 if(trojanscan_schedule
)
60 deleteschedule(trojanscan_schedule
, &trojanscan_dojoin
, NULL
);
62 if(trojanscan_poolschedule
)
63 deleteschedule(trojanscan_poolschedule
, &trojanscan_repool
, NULL
);
65 if(trojanscan_cloneschedule
)
66 deleteschedule(trojanscan_poolschedule
, &trojanscan_registerclones
, NULL
);
69 deleteschedule(rp
->schedule
, &trojanscan_dopart
, (void *)rp
);
76 deleteschedule(rj
->schedule
, &trojanscan_rejoin_channel
, (void *)rj
);
77 freesstring(rj
->channel
);
83 if(trojanscan_initialschedule
)
84 deleteschedule(trojanscan_initialschedule
, &trojanscan_fill_channels
, NULL
);
86 deleteschedule(trojanscan_rehashschedule
, &trojanscan_rehash_schedule
, NULL
);
88 for (i
=0;i
<TROJANSCAN_CLONE_TOTAL
;i
++)
89 if(trojanscan_swarm
[i
].clone
) {
90 deregisterlocaluser(trojanscan_swarm
[i
].clone
, NULL
);
91 trojanscan_swarm
[i
].clone
= NULL
;
93 trojanscan_free_database();
94 trojanscan_free_channels();
96 for (i
=0;i
<trojanscan_hostpoolsize
;i
++)
97 freesstring(trojanscan_hostpool
[i
]);
99 for (i
=0;i
<trojanscan_tailpoolsize
;i
++)
100 freesstring(trojanscan_tailpool
[i
]);
101 trojanscan_database_close();
104 void trojanscan_connect(void *arg
) {
105 sstring
*mnick
, *myident
, *myhost
, *myrealname
, *myauthname
;
106 sstring
*dbhost
, *dbuser
, *dbpass
, *db
, *dbport
, *temp
;
111 trojanscan_connect_schedule
= NULL
;
113 for(i
=0;i
<TROJANSCAN_CLONE_TOTAL
;i
++)
114 trojanscan_swarm
[i
].index
= i
; /* sure this could be done with pointer arithmetic... */
116 trojanscan_hostpoolsize
= 0;
117 trojanscan_tailpoolsize
= 0;
118 trojanscan_hostmode
= 0;
119 trojanscan_poolschedule
= NULL
;
120 trojanscan_cloneschedule
= NULL
;
121 trojanscan_realchanlist
= NULL
;
122 trojanscan_database
.glines
= 0;
123 trojanscan_database
.detections
= 0;
125 mnick
= getcopyconfigitem("trojanscan", "nick", "T", NICKLEN
);
126 myident
= getcopyconfigitem("trojanscan", "ident", "trojanscan", NICKLEN
);
127 myhost
= getcopyconfigitem("trojanscan", "hostname", "trojanscan.slug.netsplit.net", HOSTLEN
);
128 myrealname
= getcopyconfigitem("trojanscan", "realname", "Trojanscan v" TROJANSCAN_VERSION
, REALLEN
);
129 myauthname
= getcopyconfigitem("trojanscan", "authname", "T", ACCOUNTLEN
);
131 dbhost
= getcopyconfigitem("trojanscan", "dbhost", "localhost", HOSTLEN
);
132 dbuser
= getcopyconfigitem("trojanscan", "dbuser", "", NICKLEN
);
133 dbpass
= getcopyconfigitem("trojanscan", "dbpass", "", REALLEN
);
134 db
= getcopyconfigitem("trojanscan", "db", "", NICKLEN
);
136 dbport
= getcopyconfigitem("trojanscan", "dbport", "3306", ACCOUNTLEN
);
138 length
= snprintf(buf
, sizeof(buf
) - 1, "%d", TROJANSCAN_DEFAULT_MAXCHANS
);
139 temp
= getcopyconfigitem("trojanscan", "maxchans", buf
, length
);
141 trojanscan_maxchans
= atoi(temp
->content
);
144 length
= snprintf(buf
, sizeof(buf
) - 1, "%d", TROJANSCAN_DEFAULT_CYCLETIME
);
145 temp
= getcopyconfigitem("trojanscan", "cycletime", buf
, length
);
147 trojanscan_cycletime
= atoi(temp
->content
);
150 length
= snprintf(buf
, sizeof(buf
) - 1, "%d", TROJANSCAN_DEFAULT_PARTTIME
);
151 temp
= getcopyconfigitem("trojanscan", "parttime", buf
, length
);
152 trojanscan_part_time
= atoi(temp
->content
);
155 length
= snprintf(buf
, sizeof(buf
) - 1, "%d", TROJANSCAN_DEFAULT_MAXUSERS
);
156 temp
= getcopyconfigitem("trojanscan", "maxusers", buf
, length
);
157 trojanscan_maxusers
= atoi(temp
->content
);
160 length
= snprintf(buf
, sizeof(buf
) - 1, "%d", TROJANSCAN_MINIMUM_HOSTS_BEFORE_POOL
);
161 temp
= getcopyconfigitem("trojanscan", "minpoolhosts", buf
, length
);
162 trojanscan_min_hosts
= atoi(temp
->content
);
165 if ((trojanscan_cycletime
/ trojanscan_maxchans
) < 1) {
166 Error("trojanscan", ERR_FATAL
, "Cycletime / maxchans < 1, increase cycletime or decrease maxchans else cycling breaks.");
167 return; /* PPA: module failed to load */
170 length
= snprintf(buf
, sizeof(buf
) - 1, "%d", TROJANSCAN_DEFAULT_MINIMUM_CHANNEL_SIZE
);
171 temp
= getcopyconfigitem("trojanscan", "minchansize", buf
, length
);
172 trojanscan_minchansize
= atoi(temp
->content
);
175 trojanscan_nick
= registerlocaluser(mnick
->content
, myident
->content
, myhost
->content
, myrealname
->content
, myauthname
->content
, UMODE_SERVICE
| UMODE_DEAF
|
176 UMODE_OPER
| UMODE_INV
|
178 &trojanscan_handlemessages
);
180 if (trojanscan_database_connect(dbhost
->content
, dbuser
->content
, dbpass
->content
, db
->content
, atoi(dbport
->content
)) < 0) {
181 Error("trojanscan", ERR_FATAL
, "Cannot connect to database host!");
182 return; /* PPA: module failed to load */
185 trojanscan_database_query("CREATE TABLE phrases (id INT(10) PRIMARY KEY AUTO_INCREMENT, wormid INT(10) NOT NULL, phrase TEXT NOT NULL, priority INT(10) DEFAULT 0 NOT NULL, dateadded int(10), disabled BOOL DEFAULT 0 NOT NULL)");
186 trojanscan_database_query("CREATE TABLE worms (id INT(10) PRIMARY KEY AUTO_INCREMENT, wormname TEXT NOT NULL, glinetype INT DEFAULT 0, data text, hitmsgs BOOL DEFAULT 1, hitchans BOOL DEFAULT 0, epidemic BOOL DEFAULT 0, privinfo text)");
187 trojanscan_database_query("CREATE TABLE logs (id INT(10) PRIMARY KEY AUTO_INCREMENT, userid INT(10) NOT NULL, act TEXT NOT NULL, description TEXT NOT NULL, ts TIMESTAMP)");
188 trojanscan_database_query("CREATE TABLE channels (id INT(10) PRIMARY KEY AUTO_INCREMENT, channel VARCHAR(%d) NOT NULL, exempt BOOL DEFAULT 0)", CHANNELLEN
);
189 trojanscan_database_query("CREATE TABLE users (id INT(10) PRIMARY KEY AUTO_INCREMENT, authname VARCHAR(%d) NOT NULL, authlevel TINYINT(4) NOT NULL)", ACCOUNTLEN
);
190 trojanscan_database_query("CREATE TABLE hits (id INT(10) PRIMARY KEY AUTO_INCREMENT, nickname VARCHAR(%d) NOT NULL, ident VARCHAR(%d) NOT NULL, host VARCHAR(%d) NOT NULL, phrase INT(10) NOT NULL, ts TIMESTAMP, messagetype VARCHAR(1) NOT NULL DEFAULT 'm', glined BOOL DEFAULT 1)", NICKLEN
, USERLEN
, HOSTLEN
);
191 trojanscan_database_query("CREATE TABLE settings (id INT(10) PRIMARY KEY AUTO_INCREMENT, setting VARCHAR(15) NOT NULL, value VARCHAR(15) NOT NULL)");
192 trojanscan_database_query("CREATE TABLE wwwlogs (id INT(10) PRIMARY KEY AUTO_INCREMENT, authid INT(10) NOT NULL, ip VARCHAR(15), action TEXT, ts TIMESTAMP)");
193 trojanscan_database_query("CREATE TABLE unknownlog (id INT(10) PRIMARY KEY AUTO_INCREMENT, data TEXT, user VARCHAR(%d) NOT NULL, ts TIMESTAMP)", NICKLEN
+USERLEN
+HOSTLEN
+3);
195 trojanscan_database_query("DELETE FROM settings");
196 trojanscan_database_query("INSERT INTO settings (setting, value) VALUES ('rehash','0')");
197 trojanscan_database_query("INSERT INTO settings (setting, value) VALUES ('changed','0')");
199 trojanscan_read_database(1);
201 cp
= findchannel(TROJANSCAN_OPERCHANNEL
);
203 localcreatechannel(trojanscan_nick
, TROJANSCAN_OPERCHANNEL
);
205 if(!localjoinchannel(trojanscan_nick
, cp
))
206 localgetops(trojanscan_nick
, cp
);
209 cp
= findchannel(TROJANSCAN_CHANNEL
);
211 localcreatechannel(trojanscan_nick
, TROJANSCAN_CHANNEL
);
213 if(!localjoinchannel(trojanscan_nick
, cp
))
214 localgetops(trojanscan_nick
, cp
);
217 cp
= findchannel(TROJANSCAN_PEONCHANNEL
);
219 localcreatechannel(trojanscan_nick
, TROJANSCAN_PEONCHANNEL
);
221 if(!localjoinchannel(trojanscan_nick
, cp
))
222 localgetops(trojanscan_nick
, cp
);
226 freesstring(myident
);
228 freesstring(myrealname
);
229 freesstring(myauthname
);
235 trojanscan_registerclones(NULL
);
237 trojanscan_rehashschedule
= scheduleoneshot(time(NULL
) + 60, &trojanscan_rehash_schedule
, NULL
);
241 void trojanscan_rehash_schedule(void *arg
) {
242 trojanscan_rehashschedule
= scheduleoneshot(time(NULL
) + 60, &trojanscan_rehash_schedule
, NULL
);
243 if (!(trojanscan_database_query("SELECT value FROM settings WHERE setting = 'rehash'"))) {
244 trojanscan_database_res
*res
;
245 if ((res
= trojanscan_database_store_result(&trojanscan_sql
))) {
246 if (trojanscan_database_num_rows(res
) > 0) {
247 trojanscan_database_row sqlrow
= trojanscan_database_fetch_row(res
);
248 if (sqlrow
&& (sqlrow
[0][0] == '1')) {
249 trojanscan_mainchanmsg("n: rehash initiated by website. . .");
250 trojanscan_read_database(0);
253 trojanscan_database_free_result(res
);
259 void trojanscan_free_database(void) {
261 for(i
=0;i
<trojanscan_database
.total_channels
;i
++)
262 freesstring(trojanscan_database
.channels
[i
].name
);
263 free(trojanscan_database
.channels
);
264 for(i
=0;i
<trojanscan_database
.total_phrases
;i
++) {
265 if (trojanscan_database
.phrases
[i
].phrase
)
266 pcre_free(trojanscan_database
.phrases
[i
].phrase
);
267 if (trojanscan_database
.phrases
[i
].hint
)
268 pcre_free(trojanscan_database
.phrases
[i
].hint
);
270 free(trojanscan_database
.phrases
);
271 for(i
=0;i
<trojanscan_database
.total_worms
;i
++)
272 freesstring(trojanscan_database
.worms
[i
].name
);
273 free(trojanscan_database
.worms
);
274 trojanscan_database
.total_channels
= 0;
275 trojanscan_database
.total_phrases
= 0;
276 trojanscan_database
.total_worms
= 0;
280 sstring
*trojanscan_getsstring(char *string
, int length
) {
283 for(i
=0;i
<length
;i
++) {
284 if ((string
[i
] == '\r') || (string
[i
] == '\n')) {
285 Error("trojanscan", ERR_WARNING
, "Error reading %s at position %d, set to ERROR!", string
, i
+1);
286 return getsstring("ERROR", sizeof("ERROR"));
290 return getsstring(string
, length
);
293 int trojanscan_strip_codes(char *buf
, size_t max
, char *original
) {
294 int i
, j
, length
= TROJANSCAN_MMIN(strlen(original
), max
-1);
295 char *p2
= original
, *p3
, flag
= 0;
297 for(i
=0;i
<length
+1;i
++) {
306 if ((i
+ 1) > length
)
308 if ((j
== 4) && flag
)
312 if ((j
== 0) && (!((*p2
>= '0') && (*p2
<= '9'))))
317 if ((i
+ 1) > length
)
319 if (!((*(p2
+ 1) >= '0') && (*(p2
+ 1) <= '9')))
322 } else if ((*p2
>= '0') && (*p2
<= '9')) {
330 if (!((*p2
>= '0') && (*p2
<= '9')))
336 if ((i
+ 1) > length
)
338 if (!((*(p2
+ 1) >= '0') && (*(p2
+ 1) <= '9')))
343 if ((j
== 3) && (!((*p2
>= '0') && (*p2
<= '9'))))
345 if ((j
== 4) && (!((*p2
>= '0') && (*p2
<= '9'))))
362 struct trojanscan_worms
*trojanscan_find_worm_by_id(int id
) {
364 for(i
=0;i
<trojanscan_database
.total_worms
;i
++)
365 if ((trojanscan_database
.worms
[i
].id
== id
))
366 return &trojanscan_database
.worms
[i
];
370 void trojanscan_read_database(int first_time
) {
372 int erroroffset
, i
, tempresult
;
374 trojanscan_database_res
*res
;
375 trojanscan_database_row sqlrow
;
378 trojanscan_free_database();
380 trojanscan_database
.total_channels
= 0;
381 trojanscan_database
.total_phrases
= 0;
382 trojanscan_database
.total_worms
= 0;
385 if (!(trojanscan_database_query("SELECT channel, exempt FROM channels"))) {
386 if ((res
= trojanscan_database_store_result(&trojanscan_sql
))) {
387 trojanscan_database
.total_channels
= trojanscan_database_num_rows(res
);
388 if (trojanscan_database
.total_channels
> 0) {
389 if ((trojanscan_database
.channels
= (trojanscan_channels
*)malloc(sizeof(trojanscan_channels
) * trojanscan_database
.total_channels
))) {
390 if ((trojanscan_database
.total_channels
>0) && trojanscan_database
.channels
) {
392 while((sqlrow
= trojanscan_database_fetch_row(res
))) {
393 trojanscan_database
.channels
[i
].name
= trojanscan_getsstring(sqlrow
[0], strlen(sqlrow
[0]));
394 trojanscan_database
.channels
[i
].exempt
= (sqlrow
[1][0] == '1');
400 trojanscan_database_free_result(res
);
404 if (!(trojanscan_database_query("SELECT id, wormname, glinetype, length(data), hitmsgs, hitchans, epidemic FROM worms"))) {
405 if ((res
= trojanscan_database_store_result(&trojanscan_sql
))) {
406 trojanscan_database
.total_worms
= trojanscan_database_num_rows(res
);
407 if (trojanscan_database
.total_worms
> 0) {
408 if ((trojanscan_database
.worms
= (trojanscan_worms
*)malloc(sizeof(trojanscan_worms
) * trojanscan_database
.total_worms
))) {
410 while((sqlrow
= trojanscan_database_fetch_row(res
))) {
411 trojanscan_database
.worms
[i
].id
= atoi(sqlrow
[0]);
412 trojanscan_database
.worms
[i
].name
= trojanscan_getsstring(sqlrow
[1], strlen(sqlrow
[1]));
413 tempresult
= atoi(sqlrow
[2]);
414 trojanscan_database
.worms
[i
].glineuser
= (tempresult
== 0);
415 trojanscan_database
.worms
[i
].glinehost
= (tempresult
== 1);
416 trojanscan_database
.worms
[i
].monitor
= (tempresult
== 2);
418 trojanscan_database
.worms
[i
].datalen
= ((atoi(sqlrow
[3]) == 0) ? 0 : 1);
420 trojanscan_database
.worms
[i
].datalen
= 0;
423 trojanscan_database
.worms
[i
].hitpriv
= (atoi(sqlrow
[4]) == 1);
424 trojanscan_database
.worms
[i
].hitchans
= (atoi(sqlrow
[5]) == 1);
425 trojanscan_database
.worms
[i
].epidemic
= (atoi(sqlrow
[6]) == 1);
431 trojanscan_database_free_result(res
);
435 if (!(trojanscan_database_query("SELECT id, phrase, wormid FROM phrases WHERE disabled = 0 ORDER BY priority DESC"))) {
436 if ((res
= trojanscan_database_store_result(&trojanscan_sql
))) {
437 trojanscan_database
.total_phrases
= trojanscan_database_num_rows(res
);
438 if (trojanscan_database
.total_phrases
> 0) {
439 if ((trojanscan_database
.phrases
= (trojanscan_phrases
*)malloc(sizeof(trojanscan_phrases
) * trojanscan_database
.total_phrases
))) {
441 while((sqlrow
= trojanscan_database_fetch_row(res
))) {
442 trojanscan_database
.phrases
[i
].id
= atoi(sqlrow
[0]);
443 trojanscan_database
.phrases
[i
].worm
= trojanscan_find_worm_by_id(atoi(sqlrow
[2]));
444 if (!(trojanscan_database
.phrases
[i
].phrase
= pcre_compile(sqlrow
[1], PCRE_CASELESS
, &error
, &erroroffset
, NULL
))) {
445 Error("trojanscan", ERR_WARNING
, "Error compiling expression %s at offset %d: %s", sqlrow
[1], erroroffset
, error
);
447 trojanscan_database
.phrases
[i
].hint
= pcre_study(trojanscan_database
.phrases
[i
].phrase
, 0, &error
);
449 Error("trojanscan", ERR_WARNING
, "Error studying expression %s: %s", sqlrow
[1], error
);
450 pcre_free(trojanscan_database
.phrases
[i
].phrase
);
451 trojanscan_database
.phrases
[i
].phrase
= NULL
;
458 trojanscan_database_free_result(res
);
462 trojanscan_database_query("UPDATE settings SET value = '0' where setting = 'rehash'");
466 void trojanscan_log(nick
*np
, char *event
, char *details
, ...) {
468 char eevent
[TROJANSCAN_QUERY_TEMP_BUF_SIZE
], edetails
[TROJANSCAN_QUERY_TEMP_BUF_SIZE
], buf
[513];
471 va_start(va
, details
);
472 vsnprintf(buf
, sizeof(buf
) - 1, details
, va
);
477 nickid
= trojanscan_user_id_by_authname(np
->authname
);
479 trojanscan_database_escape_string(eevent
, event
, strlen(event
));
480 trojanscan_database_escape_string(edetails
, buf
, strlen(buf
));
481 trojanscan_database_query("INSERT INTO logs (userid, act, description) VALUES ('%d', '%s', '%s')", nickid
, eevent
, edetails
);
484 void trojanscan_generateclone(void *arg
) {
485 int i
, loops
= 0, modes
= UMODE_XOPER
| UMODE_INV
;
486 char c_nick
[NICKLEN
+1], c_ident
[USERLEN
+1], c_host
[HOSTLEN
+1], c_real
[REALLEN
+1];
491 /* PPA: unlikely to be infinite */
494 if (!loops
&& trojanscan_hostmode
) /* only have one go at this */
495 trojanscan_generatenick(c_nick
, NICKLEN
);
497 trojanscan_gennick(c_nick
, trojanscan_minmaxrand(7, TROJANSCAN_MMIN(13, NICKLEN
)));
499 } while ((getnickbynick(c_nick
) != NULL
));
501 trojanscan_generateident(c_ident
, USERLEN
);
503 trojanscan_genident(c_ident
, trojanscan_minmaxrand(4, TROJANSCAN_MMIN(8, USERLEN
)));
505 if(trojanscan_hostmode
) {
506 trojanscan_generatehost(c_host
, HOSTLEN
, &fakeip
);
508 trojanscan_genhost(c_host
, HOSTLEN
, &fakeip
);
510 trojanscan_genhost(c_host
, HOSTLEN
, &fakeip
);
513 trojanscan_generaterealname(c_real
, REALLEN
);
515 trojanscan_genreal(c_real
, trojanscan_minmaxrand(15, TROJANSCAN_MMIN(50, REALLEN
)));
517 trojanscan_swarm
[i
].clone
= registerlocaluser(c_nick
, c_ident
, c_host
, c_real
, NULL
, modes
, &trojanscan_clonehandlemessages
);
518 trojanscan_swarm
[i
].fakeip
= fakeip
;
520 if(trojanscan_swarm
[i
].clone
&& !trojanscan_swarm_created
) {
521 nick
*np
= trojanscan_selectuser();
522 if(np
) /* select a 'random' sign on time for whois generation */
523 trojanscan_swarm
[i
].clone
->timestamp
= np
->timestamp
;
525 trojanscan_swarm
[i
].remaining
= trojanscan_minmaxrand(5, 100);
527 trojanscan_swarm
[i
].sitting
= 0;
531 void trojanscan_free_channels(void) {
533 if(trojanscan_chans
) {
534 for(i
=0;i
<trojanscan_activechans
;i
++)
535 freesstring(trojanscan_chans
[i
].channel
);
536 free(trojanscan_chans
);
537 trojanscan_chans
= NULL
;
538 trojanscan_activechans
= 0;
542 void trojanscan_repool(void *arg
) {
543 if (trojanscan_generatepool() < TROJANSCAN_MINPOOLSIZE
) {
544 trojanscan_hostmode
= 0;
547 trojanscan_hostmode
= 1;
548 trojanscan_poolschedule
= scheduleoneshot(time(NULL
) + TROJANSCAN_POOL_REGENERATION
, &trojanscan_repool
, NULL
);
552 void trojanscan_registerclones(void *arg
) {
555 if (trojanscan_generatepool() < TROJANSCAN_MINPOOLSIZE
) {
556 trojanscan_hostmode
= 0;
557 trojanscan_cloneschedule
= scheduleoneshot(time(NULL
) + 10, &trojanscan_registerclones
, NULL
);
560 trojanscan_hostmode
= 1;
561 trojanscan_poolschedule
= scheduleoneshot(time(NULL
) + TROJANSCAN_POOL_REGENERATION
, &trojanscan_repool
, NULL
);
562 trojanscan_cloneschedule
= NULL
;
565 for (i
=0;i
<TROJANSCAN_CLONE_TOTAL
;i
++)
566 trojanscan_generateclone((void *)i
);
567 trojanscan_mainchanmsg("n: swarm (%d clones) created.", TROJANSCAN_CLONE_TOTAL
);
568 trojanscan_swarm_created
= 1;
570 trojanscan_initialschedule
= scheduleoneshot(time(NULL
) + 5, &trojanscan_fill_channels
, NULL
);
573 int trojanscan_status(void *sender
, int cargc
, char **cargv
) {
574 nick
*np
= (nick
*)sender
;
575 trojanscan_log(np
, "status", "");
576 trojanscan_reply(np
, "Channels in schedule: %d", trojanscan_activechans
);
577 trojanscan_reply(np
, "Channels in database: %d", trojanscan_database
.total_channels
);
578 trojanscan_reply(np
, "Phrases: %d", trojanscan_database
.total_phrases
);
579 trojanscan_reply(np
, "Worms: %d", trojanscan_database
.total_worms
);
580 trojanscan_reply(np
, "Detections: %d", trojanscan_database
.detections
);
581 trojanscan_reply(np
, "Glines: %d", trojanscan_database
.glines
);
582 trojanscan_reply(np
, "Host/tail pool size: %d", TROJANSCAN_POOLSIZE
);
583 trojanscan_reply(np
, "Cycletime: %d", trojanscan_cycletime
);
584 trojanscan_reply(np
, "Clones: %d", TROJANSCAN_CLONE_TOTAL
);
588 int trojanscan_chanlist(void *sender
, int cargc
, char **cargv
) {
590 nick
*np
= (nick
*)sender
;
591 char buf
[CHANNELLEN
* 2 + 20];
592 trojanscan_reply(np
, "Channel list (%d total):", trojanscan_activechans
);
595 for(i
=0;i
<trojanscan_activechans
;i
++) {
596 if(trojanscan_chans
[i
].channel
->length
+ 3 > sizeof(buf
) - strlen(buf
)) {
597 trojanscan_reply(np
, "%s", buf
);
601 /* if splidge sees this I'm going to die */
602 strlcat(buf
, trojanscan_chans
[i
].channel
->content
, sizeof(buf
));
603 strlcat(buf
, " ", sizeof(buf
));
606 trojanscan_reply(np
, "%s", buf
);
608 trojanscan_reply(np
, "Done.");
612 int trojanscan_whois(void *sender
, int cargc
, char **cargv
) {
614 nick
*np
= (nick
*)sender
, *np2
;
618 trojanscan_reply(np
, "Not enough parameters.");
622 if (cargv
[0][0] == '#') {
623 tochange
= cargv
[0] + 1;
626 np2
= getnickbynick(cargv
[0]);
628 trojanscan_reply(np
, "That nickname is not on the network.");
631 for(i
=0;i
<TROJANSCAN_CLONE_TOTAL
;i
++) {
632 if(trojanscan_swarm
[i
].clone
->nick
&& !ircd_strcmp(trojanscan_swarm
[i
].clone
->nick
, np2
->nick
)) {
633 trojanscan_reply(np
, "Nickname : %s", np2
->nick
);
634 trojanscan_reply(np
, "Swarm : yes", trojanscan_swarm
[i
].clone
->nick
);
638 if (!IsAccount(np2
)) {
639 trojanscan_reply(np
, "User is not authed.");
642 tochange
= np2
->authname
;
645 templevel
= trojanscan_user_level_by_authname(tochange
);
646 if (templevel
== -1) {
647 trojanscan_reply(np
, "User does not exist.");
649 union trojanscan_userlevel flags
;
650 flags
.number
= templevel
;
651 trojanscan_reply(np
, "Authname : %s", tochange
);
652 trojanscan_reply(np
, "Flags : +" TROJANSCAN_FLAG_MASK
, TrojanscanFlagsInfo(flags
));
658 void trojanscan_privmsg_chan_or_nick(channel
*cp
, nick
*np
, char *message
, ...) {
662 if (!trojanscan_nick
)
665 va_start(va
, message
);
666 vsnprintf(buf
, sizeof(buf
) - 1, message
, va
);
670 sendmessagetochannel(trojanscan_nick
, cp
, buf
);
672 sendmessagetouser(trojanscan_nick
, np
, buf
);
677 int trojanscan_mew(void *sender
, int cargc
, char **cargv
) {
678 nick
*np
= (nick
*)sender
, *np2
= NULL
;
682 trojanscan_reply(np
, "Not enough paramaters.");
686 if(cargv
[0][0] == '#') {
687 if (!(cp
= findchannel(cargv
[0]))) {
688 trojanscan_reply(np
, "Channel not found.");
691 trojanscan_log(np
, "mew", "%s %s", cp
->index
->name
->content
, cargv
[1]);
693 if (!(np2
= getnickbynick(cargv
[0]))) {
694 trojanscan_reply(np
, "Nickname is not present on the network.");
697 trojanscan_log(np
, "mew", "%s %s", np2
->nick
, cargv
[1]);
700 trojanscan_privmsg_chan_or_nick(cp
, np2
, "\001ACTION mews hopefully at %s\001", cargv
[1]);
703 trojanscan_reply(np
, "Mewed at %s in %s.", cargv
[1], cp
->index
->name
->content
);
705 trojanscan_reply(np
, "Mewed at %s at %s.", cargv
[1], np2
->nick
);
709 trojanscan_mainchanmsg("n: mew: %s %s (%s/%s)", cargv
[1], cp
?cp
->index
->name
->content
:np2
->nick
, np
->nick
, np
->authname
);
714 int trojanscan_cat(void *sender
, int cargc
, char **cargv
) {
715 nick
*np
= (nick
*)sender
, *np2
= NULL
;
721 trojanscan_reply(np
, "Not enough paramaters.");
725 if(cargv
[0][0] == '#') {
726 if (!(cp
= findchannel(cargv
[0]))) {
727 trojanscan_reply(np
, "Channel not found.");
730 trojanscan_log(np
, "cat", cp
->index
->name
->content
);
732 if (!(np2
= getnickbynick(cargv
[0]))) {
733 trojanscan_reply(np
, "Nickname is not present on the network.");
736 trojanscan_log(np
, "cat", np2
->nick
);
739 if ((!(cat
= fopen(TROJANSCAN_CAT
, "r")))) {
740 trojanscan_reply(np
, "Unable to open cat!");
744 while (fgets(buf
, sizeof(buf
) - 1, cat
)) {
745 if ((p
= strchr(buf
, '\n'))) {
747 trojanscan_privmsg_chan_or_nick(cp
, np2
, "%s", buf
);
748 } else if (feof(cat
)) {
749 trojanscan_privmsg_chan_or_nick(cp
, np2
, "%s", buf
);
756 trojanscan_reply(np
, "Spammed cat in %s.", cp
->index
->name
->content
);
758 trojanscan_reply(np
, "Spammed cat at %s.", np2
->nick
);
764 int trojanscan_reschedule(void *sender
, int cargc
, char **cargv
) {
765 nick
*np
= (nick
*)sender
;
766 trojanscan_log(np
, "reschedule", "");
767 trojanscan_fill_channels(NULL
);
769 trojanscan_reply(np
, "Rescheduled.");
773 int trojanscan_listusers(void *sender
, int cargc
, char **cargv
) {
774 nick
*np
= (nick
*)sender
;
776 trojanscan_log(np
, "listusers", "");
778 trojanscan_reply(np
, "User list:");
780 if (!(trojanscan_database_query("SELECT authname, authlevel FROM users ORDER BY authlevel DESC, authname"))) {
781 trojanscan_database_res
*res
;
782 if ((res
= trojanscan_database_store_result(&trojanscan_sql
))) {
783 if (trojanscan_database_num_rows(res
)) {
784 trojanscan_database_row sqlrow
;
785 union trojanscan_userlevel flags
;
786 while((sqlrow
= trojanscan_database_fetch_row(res
))) {
787 flags
.number
= atoi(sqlrow
[1]);
788 trojanscan_reply(np
, "%s +" TROJANSCAN_FLAG_MASK
, sqlrow
[0], TrojanscanIsDeveloper(flags
) ? "d" : "", TrojanscanIsTeamLeader(flags
) ? "t" : "", TrojanscanIsStaff(flags
) ? "s" : "", TrojanscanIsWebsite(flags
) ? "w" : "", TrojanscanIsCat(flags
) ? "c" : "");
791 trojanscan_database_free_result(res
);
795 trojanscan_reply(np
, "Done.");
799 int trojanscan_help(void *sender
, int cargc
, char **cargv
) {
800 nick
*np
= (nick
*)sender
;
803 trojanscan_reply(np
, "Not enough parameters.");
807 if (!strcasecmp("help", cargv
[0])) {
808 trojanscan_reply(np
, "Syntax: help <command name>");
809 trojanscan_reply(np
, "Gives help on commands.");
810 } else if (!strcasecmp("status", cargv
[0])) {
811 trojanscan_reply(np
, "Syntax: status");
812 trojanscan_reply(np
, "Gives statistical information about the bot.");
813 } else if (!strcasecmp("join", cargv
[0])) {
814 trojanscan_reply(np
, "Syntax: join <#channel>");
815 trojanscan_reply(np
, "Orders a clone to join supplied channel.");
816 } else if (!strcasecmp("showcommands", cargv
[0])) {
817 trojanscan_reply(np
, "Syntax: showcommands");
818 trojanscan_reply(np
, "Pretty obvious.");
819 } else if (!strcasecmp("hello", cargv
[0])) {
820 trojanscan_reply(np
, "Syntax: hello ?nickname?");
821 trojanscan_reply(np
, "Creates a new user.");
822 } else if (!strcasecmp("rehash", cargv
[0])) {
823 trojanscan_reply(np
, "Syntax: rehash");
824 trojanscan_reply(np
, "Reloads bot database.");
825 } else if (!strcasecmp("changelev", cargv
[0])) {
826 trojanscan_reply(np
, "Syntax: changelev <nickname or #authname> <flags>");
827 trojanscan_reply(np
, "Changes access flags of selected user to supplied input.");
828 trojanscan_reply(np
, "+d -> developer");
829 trojanscan_reply(np
, "+t -> team leader");
830 trojanscan_reply(np
, "+s -> staff");
831 trojanscan_reply(np
, "+w -> web management");
832 trojanscan_reply(np
, "+c -> cat access");
833 } else if (!strcasecmp("deluser", cargv
[0])) {
834 trojanscan_reply(np
, "Syntax: deluser <nickname or #authname>");
835 trojanscan_reply(np
, "Deletes selected user from my database.");
836 } else if (!strcasecmp("mew", cargv
[0])) {
837 trojanscan_reply(np
, "Syntax: mew <#channel or nickname> <nickname>");
838 trojanscan_reply(np
, "Gracefully mews at target in selected channel or query.");
839 } else if (!strcasecmp("cat", cargv
[0])) {
840 trojanscan_reply(np
, "Syntax: cat <#channel or nickname>");
841 trojanscan_reply(np
, "Shows the almightly cat.");
842 } else if (!strcasecmp("reschedule", cargv
[0])) {
843 trojanscan_reply(np
, "Syntax: reschedule");
844 trojanscan_reply(np
, "Recalculates bots schedule.");
845 } else if (!strcasecmp("chanlist", cargv
[0])) {
846 trojanscan_reply(np
, "Syntax: chanlist");
847 trojanscan_reply(np
, "Displays bots current channel list.");
848 } else if (!strcasecmp("whois", cargv
[0])) {
849 trojanscan_reply(np
, "Syntax: whois <nickname or #authname>");
850 trojanscan_reply(np
, "Displays information on given user.");
851 } else if (!strcasecmp("whois", cargv
[0])) {
852 trojanscan_reply(np
, "Syntax: listusers <flags>");
853 trojanscan_reply(np
, "Displays users with listusersing flags.");
855 trojanscan_reply(np
, "Command not found.");
862 int trojanscan_hello(void *sender
, int cargc
, char **cargv
) {
863 nick
*np
= (nick
*)sender
, *toadd
;
864 char eaccount
[TROJANSCAN_QUERY_TEMP_BUF_SIZE
];
868 toadd
= getnickbynick(cargv
[0]);
870 trojanscan_reply(np
, "That nickname is not on the network.");
873 if (!IsAccount(toadd
)) {
874 trojanscan_reply(np
, "That user is not authed with the network.");
878 if (!IsAccount(np
)) {
879 trojanscan_reply(np
, "You are not authed with the network, auth before creating your user.");
885 if (trojanscan_user_level_by_authname(toadd
->authname
)!=-1) {
886 trojanscan_reply(np
, "Authname (%s) is already on file.", toadd
->authname
);
890 trojanscan_log(np
, "hello", toadd
->authname
);
892 if (!(trojanscan_database_query("SELECT id FROM users LIMIT 1"))) {
893 trojanscan_database_res
*res
;
894 if ((res
= trojanscan_database_store_result(&trojanscan_sql
))) {
895 if (trojanscan_database_num_rows(res
) == 0)
896 level
= TROJANSCAN_ACL_DEVELOPER
| TROJANSCAN_ACL_STAFF
| TROJANSCAN_ACL_WEBSITE
| TROJANSCAN_ACL_CAT
;
897 trojanscan_database_free_result(res
);
901 trojanscan_database_escape_string(eaccount
, toadd
->authname
, strlen(toadd
->authname
));
902 trojanscan_database_query("INSERT INTO users (authname, authlevel) VALUES ('%s', %d)", eaccount
, level
);
903 trojanscan_reply(np
, "Account added to database, account %s%s.", toadd
->authname
, level
>0?" (first user so developer access)":"");
908 int trojanscan_user_level_by_authname(char *authname
) {
909 int result
= -1, sl
= strlen(authname
);
910 char eaccount
[TROJANSCAN_QUERY_TEMP_BUF_SIZE
];
912 trojanscan_database_escape_string(eaccount
, authname
, sl
);
913 if (!(trojanscan_database_query("SELECT authlevel, authname FROM users WHERE authname = '%s'", eaccount
))) {
914 trojanscan_database_res
*res
;
915 if ((res
= trojanscan_database_store_result(&trojanscan_sql
))) {
916 if (trojanscan_database_num_rows(res
) > 0) {
917 trojanscan_database_row sqlrow
= trojanscan_database_fetch_row(res
);
918 result
= atoi(sqlrow
[0]);
919 strlcpy(authname
, sqlrow
[1], sl
+ 1);
921 trojanscan_database_free_result(res
);
927 int trojanscan_user_id_by_authname(char *authname
) {
929 char eaccount
[TROJANSCAN_QUERY_TEMP_BUF_SIZE
];
931 trojanscan_database_escape_string(eaccount
, authname
, strlen(authname
));
932 if (!(trojanscan_database_query("SELECT id FROM users WHERE authname = '%s'", eaccount
))) {
933 trojanscan_database_res
*res
;
934 if ((res
= trojanscan_database_store_result(&trojanscan_sql
))) {
935 if (trojanscan_database_num_rows(res
) > 0) {
936 trojanscan_database_row sqlrow
= trojanscan_database_fetch_row(res
);
937 result
= atoi(sqlrow
[0]);
939 trojanscan_database_free_result(res
);
945 struct trojanscan_clones
*trojanscan_selectclone(char type
) {
946 struct trojanscan_clones
*rc
;
947 int randomclone
, hits
= 0, minlimit
, maxlimit
;
949 if(type
== TROJANSCAN_WATCH_CLONES
) {
950 minlimit
= TROJANSCAN_CLONE_MAX
;
951 maxlimit
= minlimit
+ TROJANSCAN_WATCHCLONE_MAX
- 1;
954 maxlimit
= TROJANSCAN_CLONE_MAX
- 1;
958 randomclone
= trojanscan_minmaxrand(minlimit
, maxlimit
);
961 rc
= &trojanscan_swarm
[randomclone
];
962 if ((type
== TROJANSCAN_NORMAL_CLONES
) && (rc
->sitting
== 0) && (rc
->remaining
== 0))
965 } while (rc
->remaining
== 0);
967 if(type
== TROJANSCAN_NORMAL_CLONES
) {
968 if ((rc
->sitting
== 0) && (rc
->remaining
== 0)) {
969 if ((!rc
->remaining
) && (!rc
->sitting
)) {
971 deregisterlocaluser(rc
->clone
, NULL
);
974 trojanscan_generateclone((void *)rc
->index
);
984 int trojanscan_nickbanned(trojanscan_clones
*np
, channel
*cp
) {
986 long realip
= np
->clone
->ipaddress
;
988 np
->clone
->ipaddress
= np
->fakeip
;
990 ret
= nickbanned(np
->clone
, cp
);
992 np
->clone
->ipaddress
= realip
;
997 struct trojanscan_realchannels
*trojanscan_allocaterc(char *chan
) {
998 struct trojanscan_realchannels
*rc
;
999 struct trojanscan_clones
*clonep
;
1001 int attempts_left
= 10;
1004 trojanscan_errorcode
= 1; /* sorry splidge ;( */
1008 if(chan
[0] != '#') {
1009 trojanscan_errorcode
= 2;
1013 if (strlen(chan
) > 1) {
1014 if(strrchr(chan
, ',')) {
1015 trojanscan_errorcode
= 3;
1019 if(strrchr(chan
, ' ')) {
1020 trojanscan_errorcode
= 4;
1025 cp
= findchannel(chan
);
1027 trojanscan_errorcode
= 5;
1032 clonep
= trojanscan_selectclone(TROJANSCAN_NORMAL_CLONES
);
1034 trojanscan_errorcode
= 6;
1037 if(!trojanscan_nickbanned(clonep
, cp
))
1039 } while (--attempts_left
> 0);
1041 if (!attempts_left
) {
1042 trojanscan_errorcode
= 7;
1046 rc
= (struct trojanscan_realchannels
*)malloc(sizeof(struct trojanscan_realchannels
));
1056 void trojanscan_join(struct trojanscan_realchannels
*rc
) {
1057 struct trojanscan_realchannels
*rp
= trojanscan_realchanlist
;
1059 if (rc
->clone
&& rc
->clone
->clone
) {
1060 if (!localjoinchannel(rc
->clone
->clone
, rc
->chan
)) {
1061 rc
->clone
->remaining
--;
1062 rc
->clone
->sitting
++;
1063 if (trojanscan_minmaxrand(1, TROJANSCAN_NICKCHANGE_ODDS
)%TROJANSCAN_NICKCHANGE_ODDS
== 0)
1064 trojanscan_donickchange((void *)rc
->clone
);
1066 rc
->schedule
= scheduleoneshot(time(NULL
)+trojanscan_part_time
, &trojanscan_dopart
, (void *)rc
);
1069 for(;rp
->next
;rp
=rp
->next
);
1072 trojanscan_realchanlist
= rc
;
1079 int trojanscan_userjoin(void *sender
, int cargc
, char **cargv
) {
1080 nick
*np
= (nick
*)sender
;
1081 struct trojanscan_realchannels
*rc
;
1084 trojanscan_reply(np
, "Not enough paramaters");
1088 if (!trojanscan_swarm_created
) {
1089 trojanscan_reply(np
, "My swarm is currently empty.");
1093 if((rc
= trojanscan_allocaterc(cargv
[0]))) {
1094 trojanscan_log(np
, "join", cargv
[0]);
1095 trojanscan_join(rc
);
1096 trojanscan_reply(np
, "Clone has joined channel.");
1098 trojanscan_mainchanmsg("n: join: %s (%s/%s)", cargv
[0], np
->nick
, np
->authname
);
1100 if (trojanscan_errorcode
== 5) {
1101 trojanscan_reply(np
, "Not joining empty channel, check you entered the correct channel name.");
1103 trojanscan_reply(np
, "Clone could not join channel (error code %d)!", trojanscan_errorcode
);
1109 int trojanscan_rehash(void *sender
, int cargc
, char **cargv
) {
1110 nick
*np
= (void *)sender
;
1111 trojanscan_read_database(0);
1112 trojanscan_log(np
, "rehash", "");
1113 trojanscan_reply(np
, "Done.");
1117 int trojanscan_changelev(void *sender
, int cargc
, char **cargv
) {
1118 nick
*np
= (nick
*)sender
, *np2
;
1120 char eaccount
[TROJANSCAN_QUERY_TEMP_BUF_SIZE
], *tochange
, *p
, mode
= 1, error
= 0, clast
= 0, specialcase
;
1121 union trojanscan_userlevel flags1
, flags2
;
1124 trojanscan_reply(np
, "Not enough parameters.");
1128 templevel
= trojanscan_user_level_by_authname(np
->authname
);
1130 if (templevel
== -1) {
1131 trojanscan_reply(np
, "You do not have an account.");
1135 flags1
.number
= templevel
;
1137 if (cargv
[0][0] == '#') {
1138 tochange
= cargv
[0] + 1;
1140 np2
= getnickbynick(cargv
[0]);
1142 trojanscan_reply(np
, "That nickname is not on the network.");
1145 if (!IsAccount(np2
)) {
1146 trojanscan_reply(np
, "That user is not authed with the network.");
1149 tochange
= np2
->authname
;
1152 templevel
= trojanscan_user_level_by_authname(tochange
);
1154 if (templevel
== -1) {
1155 trojanscan_reply(np
, "User does not exist.");
1159 flags2
.number
= templevel
;
1161 if (!ircd_strcmp(np
->authname
, tochange
)) {
1167 for (p
=cargv
[1];*p
;p
++) {
1174 if (!TrojanscanIsDeveloper(flags1
))
1176 flags2
.values
.developer
= mode
;
1179 if (!TrojanscanIsDeveloper(flags1
))
1181 flags2
.values
.teamleader
= mode
;
1184 if (!TrojanscanIsLeastTeamLeader(flags1
))
1186 flags2
.values
.staff
= mode
;
1189 if (!TrojanscanIsDeveloper(flags1
))
1191 flags2
.values
.website
= mode
;
1194 if (!TrojanscanIsDeveloper(flags1
))
1196 flags2
.values
.cat
= mode
;
1204 if (specialcase
&& !mode
) { /* allow user to remove their own flags */
1215 trojanscan_reply(np
, "Unknown mode: %c%c.", mode
?'+':'-', *p
);
1217 trojanscan_reply(np
, "You have insufficient privilidges to add/remove one or more flags specified.");
1222 trojanscan_log(np
, "changelev", "%s %s", tochange
, cargv
[1]);
1223 trojanscan_database_escape_string(eaccount
, tochange
, strlen(tochange
));
1224 trojanscan_database_query("UPDATE users SET authlevel = %d WHERE authname = '%s'", flags2
.number
, eaccount
);
1226 trojanscan_reply(np
, "Flags changed.");
1231 int trojanscan_deluser(void *sender
, int cargc
, char **cargv
) {
1232 nick
*np
= (nick
*)sender
, *to
;
1234 char eaccount
[TROJANSCAN_QUERY_TEMP_BUF_SIZE
], *account
;
1235 union trojanscan_userlevel flags1
, flags2
;
1238 trojanscan_reply(np
, "Not enough parameters.");
1242 if (cargv
[0][0] == '#') {
1243 account
= cargv
[0] + 1;
1245 to
= getnickbynick(cargv
[0]);
1247 trojanscan_reply(np
, "That nickname is not on the network.");
1250 if (!IsAccount(to
)) {
1251 trojanscan_reply(np
, "That user is not authed with the network.");
1254 account
= to
->authname
;
1257 flags1
.number
= trojanscan_user_level_by_authname(np
->authname
);
1258 templevel
= trojanscan_user_level_by_authname(account
);
1260 if (templevel
== -1) {
1261 trojanscan_reply(np
, "Auth %s does not exist.", account
);
1265 flags2
.number
= templevel
;
1267 if (!TrojanscanIsDeveloper(flags1
) && TrojanscanIsLeastTeamLeader(flags2
)) {
1268 trojanscan_reply(np
, "Your cannot delete %s as his/her flags equal or surpass your own.", account
);
1272 trojanscan_log(np
, "deluser", account
);
1273 trojanscan_database_escape_string(eaccount
, account
, strlen(account
));
1274 trojanscan_database_query("DELETE FROM users WHERE authname = '%s'", eaccount
);
1275 trojanscan_reply(np
, "User deleted.");
1280 int trojanscan_add_ll(struct trojanscan_prechannels
**head
, struct trojanscan_prechannels
*newitem
) {
1281 struct trojanscan_prechannels
*position
, *lastitem
= NULL
, *location
= NULL
;
1284 newitem
->next
= NULL
;
1285 if (newitem
->exempt
) {
1291 /* if its exempt, we don't give a monkeys where it is... */
1292 if (newitem
->exempt
) {
1293 newitem
->next
= *head
;
1298 for(position
=*head
;position
;lastitem
=position
,position
=position
->next
) {
1299 if (!ircd_strcmp(position
->name
->content
, newitem
->name
->content
)) {
1303 if (!location
&& (position
->size
< newitem
->size
)) {
1307 location
= lastitem
;
1312 newitem
->next
= NULL
;
1313 lastitem
->next
= newitem
;
1315 newitem
->next
= location
->next
;
1316 location
->next
= newitem
;
1318 if(newitem
->exempt
) {
1325 void trojanscan_watch_clone_update(struct trojanscan_prechannels
*hp
, int count
) {
1327 struct trojanscan_prechannels
*lp
;
1328 struct trojanscan_templist
*markedlist
= NULL
;
1331 markedlist
= (struct trojanscan_templist
*)calloc(count
, sizeof(struct trojanscan_templist
));
1336 for(i
=0;i
<trojanscan_activechans
;i
++) {
1339 for(lp
=hp
,j
=0;j
<count
&&lp
;j
++,lp
=lp
->next
) {
1340 if(!markedlist
[j
].active
&& !lp
->exempt
&& !ircd_strcmp(lp
->name
->content
, trojanscan_chans
[i
].channel
->content
)) { /* we're already on the channel */
1341 if(trojanscan_chans
[i
].watch_clone
) {
1342 markedlist
[j
].active
= 1;
1343 markedlist
[j
].watch_clone
= trojanscan_chans
[i
].watch_clone
;
1344 lp
->watch_clone
= trojanscan_chans
[i
].watch_clone
;
1351 if(!marked
&& trojanscan_chans
[i
].watch_clone
) {
1352 channel
*cp
= findchannel(trojanscan_chans
[i
].channel
->content
);
1354 localpartchannel(trojanscan_chans
[i
].watch_clone
->clone
, cp
);
1361 for(j
=0,lp
=hp
;j
<count
&&lp
;j
++,lp
=lp
->next
) {
1362 if((!markedlist
[j
].active
|| !markedlist
[j
].watch_clone
) && !lp
->exempt
) {
1363 channel
*cp
= findchannel(lp
->name
->content
);
1367 lp
->watch_clone
= trojanscan_selectclone(TROJANSCAN_WATCH_CLONES
);
1368 if(!lp
->watch_clone
)
1370 if(!trojanscan_nickbanned(lp
->watch_clone
, cp
)) {
1371 if(localjoinchannel(lp
->watch_clone
->clone
, cp
))
1372 lp
->watch_clone
= NULL
;
1375 } while(--attempts
> 0);
1377 lp
->watch_clone
= NULL
;
1386 void trojanscan_fill_channels(void *arg
) {
1387 struct trojanscan_prechannels
*head
= NULL
, *lp
, *last
= NULL
;
1388 int i
, count
, tempctime
= 0;
1392 for (count
=i
=0;i
<trojanscan_database
.total_channels
;i
++) {
1393 lp
= (trojanscan_prechannels
*)malloc(sizeof(trojanscan_prechannels
));
1394 lp
->name
= trojanscan_database
.channels
[i
].name
;
1396 lp
->exempt
= trojanscan_database
.channels
[i
].exempt
;
1397 lp
->watch_clone
= NULL
;
1398 if (trojanscan_add_ll(&head
, lp
))
1402 for (i
=0;i
<CHANNELHASHSIZE
;i
++) {
1403 for(chn
=chantable
[i
];chn
;chn
=chn
->next
) {
1404 if (chn
->channel
&& !IsKey(chn
->channel
) && !IsInviteOnly(chn
->channel
) && !IsRegOnly(chn
->channel
) && (chn
->channel
->users
->totalusers
>= trojanscan_minchansize
)) {
1405 lp
= (trojanscan_prechannels
*)malloc(sizeof(trojanscan_prechannels
));
1406 lp
->name
= chn
->name
;
1407 lp
->size
= chn
->channel
->users
->totalusers
;
1409 lp
->watch_clone
= NULL
;
1410 if (trojanscan_add_ll(&head
, lp
))
1416 count
= TROJANSCAN_MMIN(count
, trojanscan_maxchans
);
1418 trojanscan_watch_clone_update(head
, count
);
1420 trojanscan_free_channels();
1421 trojanscan_chans
= (struct trojanscan_inchannel
*)calloc(count
, sizeof(struct trojanscan_inchannel
));
1422 trojanscan_activechans
= count
;
1425 for(lp
=head
;lp
;last
=lp
,lp
=lp
->next
) {
1426 if (!(lp
->exempt
) && (i
< count
)) {
1427 trojanscan_chans
[i
].channel
= getsstring(lp
->name
->content
, lp
->name
->length
);
1428 trojanscan_chans
[i
++].watch_clone
= lp
->watch_clone
;
1437 if (trojanscan_activechans
> 0) {
1438 tempctime
= trojanscan_cycletime
/ trojanscan_activechans
;
1441 trojanscan_mainchanmsg("d: just escaped a divide by zero error (no activechans!), rescheduling in 60 seconds");
1444 if(trojanscan_schedule
)
1445 deleteschedule(trojanscan_schedule
, &trojanscan_dojoin
, NULL
);
1447 trojanscan_channumber
= 0;
1449 trojanscan_schedule
= schedulerecurring(time(NULL
) + tempctime
, trojanscan_activechans
+ 1, tempctime
, trojanscan_dojoin
, NULL
);
1453 void trojanscan_dojoin(void *arg
) {
1454 struct trojanscan_realchannels
*rc
;
1455 if (trojanscan_channumber
>= trojanscan_activechans
) {
1456 trojanscan_schedule
= NULL
;
1457 trojanscan_fill_channels(NULL
);
1459 if ((rc
= trojanscan_allocaterc(trojanscan_chans
[trojanscan_channumber
++].channel
->content
)))
1460 trojanscan_join(rc
);
1465 void trojanscan_dopart(void *arg
) {
1466 struct trojanscan_realchannels
*rc
= (struct trojanscan_realchannels
*)arg
, *rp
, *past
= NULL
;
1468 if (rc
->kickedout
) { /* there's a join scheduled, wait for it (reschedule) */
1469 rc
->schedule
= scheduleoneshot(time(NULL
)+5, &trojanscan_dopart
, (void *)rc
);
1473 if (rc
->clone
->clone
&& (!(rc
->donotpart
)))
1474 localpartchannel(rc
->clone
->clone
, rc
->chan
);
1476 rc
->clone
->sitting
--;
1478 for(rp
=trojanscan_realchanlist
;rp
;rp
=rp
->next
) {
1481 trojanscan_realchanlist
= rp
->next
;
1483 past
->next
= rp
->next
;
1493 void trojanscan_donickchange(void *arg
) { /* just incase I choose to make this schedule at some point */
1494 struct trojanscan_clones
*clone
= (trojanscan_clones
*)arg
;
1495 if (clone
&& clone
->clone
) {
1496 char c_nick
[NICKLEN
+1];
1498 /* PPA: unlikely to be infinite */
1500 if ((loops
++ < 10) && trojanscan_hostmode
) {
1501 trojanscan_generatenick(c_nick
, NICKLEN
);
1503 trojanscan_gennick(c_nick
, trojanscan_minmaxrand(7, TROJANSCAN_MMIN(13, NICKLEN
)));
1505 } while (c_nick
&& (getnickbynick(c_nick
) != NULL
));
1507 renamelocaluser(clone
->clone
, c_nick
);
1512 int trojanscan_keysort(const void *v1
, const void *v2
) {
1513 return ((*(trojanscan_prechannels
**)v2
)->size
- (*(trojanscan_prechannels
**)v1
)->size
);
1516 int trojanscan_showcommands(void *sender
, int cargc
, char **cargv
) {
1517 nick
*np
= (nick
*)sender
;
1518 Command
*cmdlist
[100];
1522 n
= getcommandlist(trojanscan_cmds
, cmdlist
, 100);
1524 trojanscan_reply(np
, "The following commands are registered at present:");
1527 if (cmdlist
[i
]->level
& TROJANSCAN_ACL_STAFF
) {
1529 } else if (cmdlist
[i
]->level
& TROJANSCAN_ACL_DEVELOPER
) {
1531 } else if (cmdlist
[i
]->level
& TROJANSCAN_ACL_TEAMLEADER
) {
1533 } else if (cmdlist
[i
]->level
& TROJANSCAN_ACL_CAT
) {
1535 } else if (cmdlist
[i
]->level
& TROJANSCAN_ACL_WEBSITE
) {
1537 } else if (cmdlist
[i
]->level
& TROJANSCAN_ACL_UNAUTHED
) {
1541 trojanscan_reply(np
, "%s (+%c)", cmdlist
[i
]->command
->content
, level
);
1543 trojanscan_reply(np
, "%s", cmdlist
[i
]->command
->content
);
1546 trojanscan_reply(np
, "End of list.");
1550 void trojanscan_handlemessages(nick
*target
, int messagetype
, void **args
) {
1553 int cargc
, templevel
;
1555 union trojanscan_userlevel level
;
1557 switch(messagetype
) {
1560 /* If it's a message, first arg is nick and second is message */
1561 sender
= (nick
*)args
[0];
1563 if(strncmp(TROJANSCAN_VERSION_DETECT
, args
[1], sizeof(TROJANSCAN_VERSION_DETECT
)-1)==0) {
1564 char p
= ((char *)args
[1])[sizeof(TROJANSCAN_VERSION_DETECT
)-1];
1565 if((p
== ' ') || (p
== '\0') || (p
== 1)) {
1566 trojanscan_reply(sender
, "\001VERSION Trojanscan (or Tigger) Newserv module version %s by Chris Porter (slug), Newserv by David Mansell (splidge). Compiled " __DATE__
" " __TIME__
".\001", TROJANSCAN_VERSION
);
1571 /* Split the line into params */
1572 cargc
= splitline((char *)args
[1], cargv
, 50, 0);
1574 cmd
=findcommandintree(trojanscan_cmds
, cargv
[0], 1);
1576 trojanscan_reply(sender
, "Unknown command.");
1580 if ((cmd
->level
& TROJANSCAN_ACL_OPER
) && !IsOper(sender
)) {
1581 trojanscan_reply(sender
, "You need to be opered to use this command.");
1585 /* bit grim code... */
1587 if (!(cmd
->level
& TROJANSCAN_ACL_UNAUTHED
)) {
1588 if (!IsAccount(sender
)) {
1589 trojanscan_reply(sender
, "You must be authed with the network to access this command!");
1592 templevel
= trojanscan_user_level_by_authname(sender
->authname
);
1594 if (templevel
== -1) {
1595 trojanscan_reply(sender
, "You do not have an account.");
1599 level
.number
= templevel
;
1601 if ((cmd
->level
& TROJANSCAN_ACL_DEVELOPER
) && !TrojanscanIsDeveloper(level
)) {
1602 trojanscan_reply(sender
, "Access denied.");
1605 if ((cmd
->level
& TROJANSCAN_ACL_TEAMLEADER
) && !TrojanscanIsLeastTeamLeader(level
)) {
1606 trojanscan_reply(sender
, "Access denied.");
1609 if ((cmd
->level
& TROJANSCAN_ACL_STAFF
) && !TrojanscanIsLeastStaff(level
)) {
1610 trojanscan_reply(sender
, "Access denied.");
1613 if ((cmd
->level
& TROJANSCAN_ACL_CAT
) && !TrojanscanIsCat(level
)) {
1614 trojanscan_reply(sender
, "Access denied.");
1617 if ((cmd
->level
& TROJANSCAN_ACL_WEBSITE
) && !TrojanscanIsLeastWebsite(level
)) {
1618 trojanscan_reply(sender
, "Access denied.");
1623 /* Check the maxargs */
1624 if (cmd
->maxparams
<(cargc
-1)) {
1625 /* We need to do some rejoining */
1626 rejoinline(cargv
[cmd
->maxparams
], cargc
-(cmd
->maxparams
));
1627 cargc
= (cmd
->maxparams
) + 1;
1630 (cmd
->handler
)((void *)sender
, cargc
- 1, &(cargv
[1]));
1634 /* someone killed me? Bastards */
1635 trojanscan_connect_schedule
= scheduleoneshot(time(NULL
) + 1, &trojanscan_connect
, NULL
);
1636 trojanscan_nick
= NULL
;
1644 char trojanscan_getmtfrommessagetype(int input
) {
1646 case LU_PRIVMSG
: return 'm';
1647 case LU_PRIVNOTICE
: return 'n';
1648 case LU_SECUREMSG
: return 's';
1649 case LU_CHANMSG
: return 'M';
1650 case LU_CHANNOTICE
: return 'N';
1651 default: return '?';
1655 void trojanscan_clonehandlemessages(nick
*target
, int messagetype
, void **args
) {
1656 char *pretext
= NULL
, etext
[TROJANSCAN_QUERY_TEMP_BUF_SIZE
], enick
[TROJANSCAN_QUERY_TEMP_BUF_SIZE
], eident
[TROJANSCAN_QUERY_TEMP_BUF_SIZE
], ehost
[TROJANSCAN_QUERY_TEMP_BUF_SIZE
], text
[513], detected
= 0;
1658 struct trojanscan_realchannels
*rp
;
1659 struct trojanscan_rejoinlist
*rj
;
1660 unsigned int i
, len
;
1661 struct trojanscan_worms
*worm
;
1663 char mt
= trojanscan_getmtfrommessagetype(messagetype
);
1666 switch(messagetype
) {
1671 pretext
= (char *)args
[1];
1676 sender
= (nick
*)args
[0];
1677 if (strlen(sender
->nick
) < 2)
1681 pretext
= (char *)args
[2];
1683 if(strncmp(TROJANSCAN_VERSION_DETECT
, pretext
, sizeof(TROJANSCAN_VERSION_DETECT
)-1)==0) {
1684 char p
= pretext
[sizeof(TROJANSCAN_VERSION_DETECT
)-1];
1685 if((p
== ' ') || (p
== '\0') || (p
== 1)) {
1687 if (IsOper(sender
)) {
1690 if (IsAccount(sender
)) {
1691 int templevel
= trojanscan_user_level_by_authname(sender
->authname
);
1692 if (templevel
!= -1) {
1693 union trojanscan_userlevel level
;
1694 level
.number
= templevel
;
1695 if (TrojanscanIsLeastStaff(level
))
1701 if(trojanscan_nick
) {
1702 sendnoticetouser(target
, sender
, "\001VERSION T clone, check T for confirmation.\001");
1703 sendnoticetouser(trojanscan_nick
, sender
, "\001VERSION %s is part of my swarm.\001", target
->nick
);
1705 sendnoticetouser(target
, sender
, "\001VERSION T clone, though since T is currently gone you'll have to version me again in a minute for confirmation.\001");
1708 sendnoticetouser(target
, sender
, "\001VERSION " TROJANSCAN_CLONE_VERSION_REPLY
"\001");
1715 trojanscan_strip_codes(text
, sizeof(text
) - 1, pretext
);
1719 for(i
=0;i
<trojanscan_database
.total_phrases
;i
++) {
1722 (worm
= trojanscan_database
.phrases
[i
].worm
)
1727 (messagetype
== LU_PRIVMSG
) || (messagetype
== LU_SECUREMSG
) || (messagetype
== LU_PRIVNOTICE
)
1730 (trojanscan_database
.phrases
[i
].worm
->hitpriv
)
1735 (messagetype
== LU_CHANMSG
) || (messagetype
== LU_CHANNOTICE
)
1738 (trojanscan_database
.phrases
[i
].worm
->hitchans
)
1742 (trojanscan_database
.phrases
[i
].phrase
)
1744 int pre
= pcre_exec(trojanscan_database
.phrases
[i
].phrase
, trojanscan_database
.phrases
[i
].hint
, text
, len
, 0, 0, vector
, 30);
1746 char glinemask
[HOSTLEN
+ USERLEN
+ NICKLEN
+ 4];
1749 unsigned int j
, usercount
, frequency
;
1750 char ip
[TROJANSCAN_IPLEN
];
1752 channel
*chp
= (channel
*)args
[1];
1754 nick
*np
= NULL
; /* sigh at warnings */
1758 trojanscan_database
.detections
++;
1760 if (!(hp
=findhost(sender
->host
->name
->content
))) {
1761 trojanscan_mainchanmsg("w: user %s!%s@%s triggered infection monitor, yet no hosts found at stage 1 -- worm: %s", sender
->nick
, sender
->ident
, sender
->host
->name
->content
, worm
->name
->content
);
1765 usercount
= 0; /* stupid warnings */
1766 if (worm
->monitor
) {
1769 } else if (worm
->glinehost
&& (hp
->clonecount
<= TROJANSCAN_MAX_HOST_GLINE
)) {
1770 snprintf(glinemask
, sizeof(glinemask
) - 1, "*@%s", trojanscan_iptostr(ip
, sizeof(ip
) - 1, sender
->ipaddress
));
1771 usercount
= hp
->clonecount
;
1773 else if (worm
->glineuser
|| (worm
->glinehost
&& hp
->clonecount
> TROJANSCAN_MAX_HOST_GLINE
)) {
1774 userbit
= sender
->ident
;
1775 if(userbit
[0] == '~')
1777 snprintf(glinemask
, sizeof(glinemask
) - 1, "*%s@%s", userbit
, trojanscan_iptostr(ip
, sizeof(ip
) - 1, sender
->ipaddress
));
1778 for (j
=0;j
<NICKHASHSIZE
;j
++) {
1779 for (np
=nicktable
[j
];np
;np
=np
->next
) {
1780 if ((np
->host
==hp
) && (!ircd_strcmp(np
->ident
,sender
->ident
)))
1787 trojanscan_mainchanmsg("w: user %s!%s@%s triggered infection monitor, yet no hosts found at stage 2 -- worm: %s", sender
->nick
, sender
->ident
, sender
->host
->name
->content
, worm
->name
->content
);
1791 if (glining
&& (usercount
> trojanscan_maxusers
)) {
1792 trojanscan_mainchanmsg("w: not glining %s!%s@%s due to too many users (%d) with mask: *!%s -- worm: %s)", sender
->nick
, sender
->ident
, sender
->host
->name
->content
, usercount
, glinemask
, worm
->name
->content
);
1796 if (glining
&& !worm
->datalen
) {
1797 trojanscan_mainchanmsg("w: not glining %s!%s@%s due to too lack of removal data with mask: *!%s (%d users) -- worm: %s)", sender
->nick
, sender
->ident
, sender
->host
->name
->content
, glinemask
, usercount
, worm
->name
->content
);
1801 trojanscan_database_escape_string(enick
, sender
->nick
, strlen(sender
->nick
));
1802 trojanscan_database_escape_string(eident
, sender
->ident
, strlen(sender
->ident
));
1803 trojanscan_database_escape_string(ehost
, sender
->host
->name
->content
, sender
->host
->name
->length
);
1807 if (!(trojanscan_database_query("SELECT COUNT(*) FROM hits WHERE glined = %d AND host = '%s'", glining
, ehost
))) {
1808 trojanscan_database_res
*res
;
1809 if ((res
= trojanscan_database_store_result(&trojanscan_sql
))) {
1810 trojanscan_database_row sqlrow
;
1811 if ((trojanscan_database_num_rows(res
) > 0) && (sqlrow
= trojanscan_database_fetch_row(res
)))
1812 frequency
= atoi(sqlrow
[0]) + 1;
1813 trojanscan_database_free_result(res
);
1820 matchbuf
[512] = 0; /* hmm */
1823 if (pcre_copy_substring(text
, vector
, pre
, 1, matchbuf
, sizeof(matchbuf
) - 1) <= 0)
1826 trojanscan_mainchanmsg("m: t: %c u: %s!%s@%s%s%s w: %s p: %d %s%s", mt
, sender
->nick
, sender
->ident
, sender
->host
->name
->content
, mt
=='N'||mt
=='M'?" #: ":"", mt
=='N'||mt
=='M'?chp
->index
->name
->content
:"", worm
->name
->content
, trojanscan_database
.phrases
[i
].id
, matchbuf
[0]?" --: ":"", matchbuf
[0]?matchbuf
:"");
1827 /* trojanscan_peonchanmsg("m: t: %c u: %s!%s@%s%s%s%s w: %s %s%s", mt, sender->nick, sender->ident, (IsHideHost(sender)&&IsAccount(sender))?sender->authname:sender->host->name->content, (IsHideHost(sender)&&IsAccount(sender))?"."HIS_HIDDENHOST:"", mt=='N'||mt=='M'?" #: ":"", mt=='N'||mt=='M'?chp->index->name->content:"", worm->name->content, matchbuf[0]?" --: ":"", matchbuf[0]?matchbuf:""); */
1829 int glinetime
= TROJANSCAN_FIRST_OFFENSE
* frequency
* (worm
->epidemic
?TROJANSCAN_EPIDEMIC_MULTIPLIER
:1);
1830 if(glinetime
> 7 * 24)
1831 glinetime
= 7 * 24; /* can't set glines over 7 days with normal non U:lined glines */
1833 trojanscan_database_query("INSERT INTO hits (nickname, ident, host, phrase, messagetype, glined) VALUES ('%s', '%s', '%s', %d, '%c', %d)", enick
, eident
, ehost
, trojanscan_database
.phrases
[i
].id
, mt
, glining
);
1834 trojanscan_database
.glines
++;
1836 irc_send("%s GL * +%s %d :You (%s!%s@%s) are infected with a trojan (%s/%d), see %s%d for details - banned for %d hours\r\n", mynumeric
->content
, glinemask
, glinetime
* 3600, sender
->nick
, sender
->ident
, sender
->host
->name
->content
, worm
->name
->content
, trojanscan_database
.phrases
[i
].id
, TROJANSCAN_URL_PREFIX
, worm
->id
, glinetime
);
1838 trojanscan_mainchanmsg("g: *!%s t: %c u: %s!%s@%s%s%s c: %d w: %s%s p: %d f: %d", glinemask
, mt
, sender
->nick
, sender
->ident
, sender
->host
->name
->content
, mt
=='N'||mt
=='M'?" #: ":"", mt
=='N'||mt
=='M'?chp
->index
->name
->content
:"", usercount
, worm
->name
->content
, worm
->epidemic
?"(E)":"", trojanscan_database
.phrases
[i
].id
, frequency
);
1845 if (!detected
&& (mt
!= 'N') && (mt
!= 'M')) {
1846 trojanscan_database_escape_string(etext
, text
, len
);
1847 trojanscan_database_escape_string(enick
, sender
->nick
, strlen(sender
->nick
));
1848 trojanscan_database_escape_string(eident
, sender
->ident
, strlen(sender
->ident
));
1849 trojanscan_database_escape_string(ehost
, sender
->host
->name
->content
, sender
->host
->name
->length
);
1850 trojanscan_database_query("INSERT INTO unknownlog (data, user) VALUES ('%s','%s!%s@%s')", etext
, enick
, eident
, ehost
);
1854 /* someone killed me? Bastards */
1856 /* PPA: we do NOT rejoin channels at this moment in time, it is possible to do this though */
1857 for (i
=0;i
<TROJANSCAN_CLONE_TOTAL
;i
++) {
1858 if (trojanscan_swarm
[i
].clone
== target
) {
1860 scheduleoneshot(time(NULL
)+1, &trojanscan_generateclone
, (void *)i
);
1861 if(i
>= TROJANSCAN_CLONE_MAX
) {
1863 for(j
=0;j
<trojanscan_activechans
;j
++)
1864 if(trojanscan_chans
[j
].watch_clone
== &trojanscan_swarm
[i
])
1865 trojanscan_chans
[j
].watch_clone
= NULL
;
1867 for(rp
=trojanscan_realchanlist
;rp
;rp
=rp
->next
)
1868 if ((rp
->clone
== &(trojanscan_swarm
[i
])))
1871 trojanscan_swarm
[i
].clone
= NULL
;
1872 trojanscan_swarm
[i
].remaining
= 0; /* bah */
1879 channel_name
= ((channel
*)args
[1])->index
->name
->content
;
1880 for (i
=0;i
<trojanscan_activechans
;i
++) {
1881 if (!trojanscan_chans
[i
].watch_clone
)
1883 if ((trojanscan_chans
[i
].watch_clone
->clone
== target
) && (!strcmp(trojanscan_chans
[i
].channel
->content
, channel_name
)))
1886 if(i
!= trojanscan_activechans
) {
1888 for(j
=0;j
<TROJANSCAN_CLONE_TOTAL
;j
++) {
1889 if(&trojanscan_swarm
[j
] == trojanscan_chans
[i
].watch_clone
) {
1890 trojanscan_chans
[i
].watch_clone
= NULL
;
1896 trojanscan_mainchanmsg("k: %s on %s by %s", target->nick, ((channel *)args[1])->index->name->content, (((nick *)args[0])->nick)?(((nick *)args[0])->nick):"(server)");
1898 rj
= (struct trojanscan_rejoinlist
*)malloc(sizeof(struct trojanscan_rejoinlist
));
1901 for(rp
=trojanscan_realchanlist
;rp
;rp
=rp
->next
)
1902 if ((rp
->clone
->clone
== target
) && (rp
->chan
== args
[1])) {
1912 rj
->channel
= getsstring(((channel
*)args
[1])->index
->name
->content
, ((channel
*)args
[1])->index
->name
->length
);
1914 trojanscan_mainchanmsg("d: unable to allocate memory for channel: %s upon rejoin", ((channel
*)args
[1])->index
->name
->content
);
1919 rj
->clone
= rp
->clone
;
1920 rj
->next
= trojanscan_schedulerejoins
;
1921 trojanscan_schedulerejoins
= rj
;
1923 rj
->schedule
= scheduleoneshot(time(NULL
)+1, &trojanscan_rejoin_channel
, (void *)rj
);
1932 void trojanscan_rejoin_channel(void *arg
) {
1933 struct trojanscan_rejoinlist
*rj2
, *lrj
, *rj
= (struct trojanscan_rejoinlist
*)arg
;
1935 channel
*cp
= findchannel(rj
->channel
->content
);
1936 freesstring(rj
->channel
);
1939 rj
->rp
->kickedout
--;
1941 rj
->rp
->donotpart
= 1; /* we were the last user on the channel, so we need to be VERY careful freeing it */
1943 if(!rj
->rp
->donotpart
&& !rj
->rp
->kickedout
) { /* check we're allowed to join channels (not killed), and we're the last one to join */
1944 if (trojanscan_nickbanned(rj
->clone
, cp
)) {
1945 rj
->rp
->donotpart
= 1;
1947 localjoinchannel(rj
->clone
->clone
, cp
);
1953 rj2
= trojanscan_schedulerejoins
;
1957 trojanscan_schedulerejoins
= rj
->next
;
1960 for(rj2
=trojanscan_schedulerejoins
;rj2
;lrj
=rj2
,rj2
=rj2
->next
) {
1962 lrj
->next
= rj2
->next
;
1971 void trojanscan_reply(nick
*target
, char *message
, ... ) {
1975 if (!trojanscan_nick
)
1978 va_start(va
, message
);
1979 vsnprintf(buf
, sizeof(buf
) - 1, message
, va
);
1982 sendnoticetouser(trojanscan_nick
, target
, "%s", buf
);
1986 void trojanscan_mainchanmsg(char *message
, ...) {
1991 if (!trojanscan_nick
)
1993 if (!(cp
= findchannel(TROJANSCAN_CHANNEL
)))
1996 va_start(va
, message
);
1997 vsnprintf(buf
, sizeof(buf
) - 1, message
, va
);
2000 sendmessagetochannel(trojanscan_nick
, cp
, "%s", buf
);
2003 void trojanscan_peonchanmsg(char *message
, ...) {
2008 if (!trojanscan_nick
)
2010 if (!(cp
= findchannel(TROJANSCAN_PEONCHANNEL
)))
2013 va_start(va
, message
);
2014 vsnprintf(buf
, sizeof(buf
) - 1, message
, va
);
2017 sendmessagetochannel(trojanscan_nick
, cp
, "%s", buf
);
2020 int trojanscan_minmaxrand(float min
, float max
) {
2021 return (int)((max
-min
+1)*rand()/(RAND_MAX
+min
))+min
;
2024 char *trojanscan_iptostr(char *buf
, int buflen
, unsigned int ip
) {
2025 snprintf(buf
, buflen
, "%d.%d.%d.%d", ip
>> 24, (ip
>> 16) & 255, (ip
>> 8) & 255, ip
& 255);
2029 char trojanscan_genchar(int ty
) {
2030 /* hostname and realname characters*/
2032 if (!(trojanscan_minmaxrand(0, 40) % 10)) {
2033 return trojanscan_minmaxrand(48, 57);
2035 return trojanscan_minmaxrand(97, 122);
2037 /* ident characters - without numbers*/
2038 } else if (ty
== 1) {
2039 return trojanscan_minmaxrand(97, 122);
2040 /* ident characters - with numbers*/
2041 } else if (ty
== 2) {
2042 ty
= trojanscan_minmaxrand(97, 125);
2043 if (ty
> 122) return trojanscan_minmaxrand(48, 57);
2045 /* nick characters - with and without numbers*/
2046 } else if (ty
== 3 || ty
== 4) {
2047 if (!(trojanscan_minmaxrand(0, 59) % 16)) {
2048 char weirdos
[6] = { '\\', '|', '[', '{', ']', '}' };
2049 return weirdos
[trojanscan_minmaxrand(0, 5)];
2052 ty
= trojanscan_minmaxrand(65, 93);
2053 if (ty
> 90) return trojanscan_minmaxrand(48, 57);
2055 ty
= trojanscan_minmaxrand(65, 90);
2057 if (!(trojanscan_minmaxrand(0, 40) % 8)) return ty
;
2065 void trojanscan_gennick(char *ptc
, char size
) {
2067 for (i
=0;i
<size
;i
++) {
2069 ptc
[i
] = trojanscan_genchar(3);
2071 ptc
[i
] = trojanscan_genchar(4);
2077 void trojanscan_genident(char *ptc
, char size
) {
2079 for (i
=0;i
<size
;i
++) {
2081 ptc
[i
] = trojanscan_genchar(1);
2083 ptc
[i
] = trojanscan_genchar(2);
2089 void trojanscan_genhost(char *ptc
, char size
, long *fakeip
) {
2090 int dots
= trojanscan_minmaxrand(2, 5), i
, dotexist
= 0, cur
;
2093 for (i
=0;i
<size
;i
++) {
2094 ptc
[i
] = trojanscan_genchar(0);
2095 if ((i
> 5) && (i
< (size
-4))) {
2096 if ((ptc
[i
-1] != '.') && (ptc
[i
-1] != '-')) {
2097 cur
= trojanscan_minmaxrand(1,size
/ dots
);
2112 *fakeip
= (trojanscan_minmaxrand(0, 65535) << 16) | trojanscan_minmaxrand(0, 65535);
2115 void trojanscan_genreal(char *ptc
, char size
) {
2116 int spaces
= trojanscan_minmaxrand(2, 4), i
;
2117 for (i
=0;i
<size
;i
++) {
2118 ptc
[i
] = trojanscan_genchar(0);
2119 if ((i
> 5) && (i
< (size
-4))) {
2120 if (ptc
[i
-1] != ' ') {
2121 if (trojanscan_minmaxrand(1,size
/ spaces
) == 1) ptc
[i
] = ' ';
2128 int trojanscan_is_not_octet(char *begin
, int length
) {
2132 for(i
=0;i
<length
;i
++) {
2133 if (!((*begin
>= '0') && (*begin
<= '9')))
2140 int trojanscan_generatepool(void) {
2141 int i
, k
= 0, j
= 0, loops
= 0;
2145 for (i
=0;i
<NICKHASHSIZE
;i
++)
2146 for (np
=nicktable
[i
];np
;np
=np
->next
)
2149 if(j
< trojanscan_min_hosts
)
2152 if(TROJANSCAN_HOST_MODE
== TROJANSCAN_STEAL_HOST
)
2153 return TROJANSCAN_MINPOOLSIZE
;
2157 for (j
=trojanscan_minmaxrand(0, NICKHASHSIZE
-1);j
<NICKHASHSIZE
;j
++) {
2159 for(p
=nicktable
[j
]->host
->name
->content
, pp
=p
;*p
;) {
2161 if (!trojanscan_is_not_octet(pp
, p
-pp
)) {
2162 if (i
< TROJANSCAN_POOLSIZE
) {
2163 if (i
< trojanscan_hostpoolsize
)
2164 freesstring(trojanscan_hostpool
[i
]);
2165 trojanscan_hostpool
[i
] = getsstring(pp
, p
-pp
);
2168 if (k
>= TROJANSCAN_POOLSIZE
)
2175 if (!trojanscan_is_not_octet(pp
, p
-pp
)) {
2176 if (k
< TROJANSCAN_POOLSIZE
) {
2177 if (k
< trojanscan_tailpoolsize
)
2178 freesstring(trojanscan_tailpool
[k
]);
2179 trojanscan_tailpool
[k
] = getsstring(pp
, p
-pp
);
2182 if (i
>= TROJANSCAN_POOLSIZE
)
2189 } while ((loops
< 5) && ((i
< TROJANSCAN_POOLSIZE
) || (k
< TROJANSCAN_POOLSIZE
)));
2191 trojanscan_hostpoolsize
= i
;
2192 trojanscan_tailpoolsize
= k
;
2196 nick
*trojanscan_selectuser(void) {
2197 int target
= trojanscan_minmaxrand(0, 500), loops
= 150, j
;
2200 for (j
=trojanscan_minmaxrand(0, NICKHASHSIZE
-1);j
<NICKHASHSIZE
;j
++)
2201 for(np
=nicktable
[j
];np
;np
=np
->next
)
2204 } while(--loops
> 0);
2208 host
*trojanscan_selecthost(void) {
2209 int target
= trojanscan_minmaxrand(0, 500), loops
= 150, j
;
2212 for (j
=trojanscan_minmaxrand(0, HOSTHASHSIZE
-1);j
<HOSTHASHSIZE
;j
++)
2213 for(hp
=hosttable
[j
];hp
;hp
=hp
->next
)
2216 } while(--loops
> 0);
2221 void trojanscan_generatehost(char *buf
, int maxsize
, long *fakeip
) {
2222 if(TROJANSCAN_HOST_MODE
== TROJANSCAN_STEAL_HOST
) {
2229 hp
= trojanscan_selecthost();
2230 if(hp
&& (hp
->clonecount
<= TROJANSCAN_MAX_CLONE_COUNT
) && !trojanscan_isip(hp
->name
->content
)) {
2231 strlcpy(buf
, hp
->name
->content
, maxsize
+ 1);
2233 *fakeip
= hp
->nicks
->ipaddress
;
2235 *fakeip
= (trojanscan_minmaxrand(0, 65535) << 16) | trojanscan_minmaxrand(0, 65535);
2239 } while(--loops
> 0);
2242 int pieces
= trojanscan_minmaxrand(2, 4), totallen
= 0, a
= 0, i
;
2243 int *choices
= malloc(sizeof(int) * (pieces
+ 1));
2244 int *lengths
= malloc(sizeof(int) * (pieces
+ 1));
2246 choices
[pieces
] = trojanscan_minmaxrand(0, trojanscan_tailpoolsize
-1);
2247 lengths
[pieces
] = strlen(trojanscan_tailpool
[choices
[pieces
]]->content
) + 1;
2248 totallen
+= lengths
[pieces
];
2250 for (i
=0;i
<pieces
;i
++) {
2251 choices
[i
] = trojanscan_minmaxrand(0, trojanscan_hostpoolsize
-1);
2252 lengths
[i
] = strlen(trojanscan_hostpool
[choices
[i
]]->content
) + 1;
2253 if (totallen
+lengths
[i
] > maxsize
) {
2254 choices
[i
] = choices
[pieces
];
2255 lengths
[i
] = lengths
[pieces
];
2259 totallen
+= lengths
[i
];
2262 for (i
=0;i
<pieces
;i
++) {
2263 for (cpos
=trojanscan_hostpool
[choices
[i
]]->content
; *cpos
;)
2268 for (cpos
=trojanscan_tailpool
[choices
[i
]]->content
; *cpos
;) {
2276 *fakeip
= (trojanscan_minmaxrand(0, 65535) << 16) | trojanscan_minmaxrand(0, 65535);
2280 void trojanscan_generatenick(char *buf
, int maxsize
) {
2281 int bits
= trojanscan_minmaxrand(2, 3), loops
= 0, wanttocopy
, len
= 0, i
, d
= 0, newmaxsize
= maxsize
- trojanscan_minmaxrand(0, 7);
2285 maxsize
= newmaxsize
;
2288 np
= trojanscan_selectuser();
2290 wanttocopy
= trojanscan_minmaxrand(1, (strlen(np
->nick
) / 2) + 3);
2291 for(i
=0;((i
<wanttocopy
) && (len
<maxsize
));i
++)
2292 buf
[len
++] = np
->nick
[i
];
2298 } while (++loops
< 10);
2302 void trojanscan_generateident(char *buf
, int maxsize
) {
2303 nick
*np
= trojanscan_selectuser();
2306 strlcpy(buf
, np
->ident
, maxsize
+ 1);
2309 void trojanscan_generaterealname(char *buf
, int maxsize
) {
2310 nick
*np
= trojanscan_selectuser();
2313 strlcpy(buf
, np
->realname
->name
->content
, maxsize
+ 1);
2316 void trojanscan_database_close(void) {
2317 mysql_close(&trojanscan_sql
);
2320 int trojanscan_database_connect(char *dbhost
, char *dbuser
, char *dbpass
, char *db
, unsigned int port
) {
2321 mysql_init(&trojanscan_sql
);
2322 if (!mysql_real_connect(&trojanscan_sql
, dbhost
, dbuser
, dbpass
, db
, port
, NULL
, 0))
2327 void trojanscan_database_escape_string(char *dest
, char *source
, size_t length
) {
2328 mysql_escape_string(dest
, source
, length
);
2331 int trojanscan_database_query(char *format
, ...) {
2332 char trojanscan_sqlquery
[TROJANSCAN_QUERY_BUF_SIZE
];
2335 va_start(va
, format
);
2336 vsnprintf(trojanscan_sqlquery
, sizeof(trojanscan_sqlquery
) - 1, format
, va
);
2338 return mysql_query(&trojanscan_sql
, trojanscan_sqlquery
);
2341 int trojanscan_database_num_rows(trojanscan_database_res
*res
) {
2342 return mysql_num_rows(res
);
2345 trojanscan_database_res
*trojanscan_database_store_result() {
2346 return mysql_store_result(&trojanscan_sql
);
2349 trojanscan_database_row
trojanscan_database_fetch_row(trojanscan_database_res
*res
) {
2350 return mysql_fetch_row(res
);
2353 void trojanscan_database_free_result(trojanscan_database_res
*res
) {
2354 mysql_free_result(res
);
2357 int trojanscan_isip(char *host
) {
2358 char *p
= host
, components
= 0, length
= 0;
2362 if(((!length
) || (length
= 0)) || (++components
> 3))
2365 if ((++length
> 3) || !isdigit(*p
))
2369 return components
== 3;