1 /* 2 * Medusa Parallel Login Auditor 3 * 4 * Copyright (C) 2006 Joe Mondloch 5 * JoMo-Kun / jmk@foofus.net 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License version 2, 9 * as published by the Free Software Foundation 10 * 11 * This program is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 * GNU General Public License for more details. 15 * 16 * http://www.gnu.org/licenses/gpl.txt 17 * 18 * This program is released under the GPL with the additional exemption 19 * that compiling, linking, and/or using OpenSSL is allowed. 20 * 21 */ 22 23 #ifndef _MEDUSA_H 24 #define _MEDUSA_H 25 26 #include <stdio.h> 27 #include <stdarg.h> 28 #include <unistd.h> 29 #include <stdlib.h> 30 #include <pthread.h> 31 #include <semaphore.h> 32 #include <string.h> 33 #include <strings.h> 34 #include <errno.h> 35 #include <time.h> 36 #include <math.h> 37 38 #include "medusa-trace.h" 39 #include "medusa-net.h" 40 #include "medusa-thread-pool.h" 41 #include "medusa-thread-ssl.h" 42 43 #ifdef HAVE_CONFIG_H 44 #include <config.h> 45 #endif 46 47 #ifdef HAVE_LIBSSL 48 #include <openssl/crypto.h> 49 #endif 50 51 #define PROGRAM "Medusa" 52 #ifndef VERSION 53 #define VERSION "1.0" 54 #endif 55 #define AUTHOR "JoMo-Kun / Foofus Networks" 56 #define EMAIL "<jmk@foofus.net>" 57 #define WWW "http://www.foofus.net" 58 59 #define SUCCESS 0 60 #define FAILURE -1 61 62 #define FALSE 0 63 #define TRUE 1 64 65 /* GLOBAL VARIABLES */ 66 FILE *pOutputFile; 67 pthread_mutex_t ptmFileMutex; 68 int iVerboseLevel; // Global control over general message verbosity 69 int iErrorLevel; // Global control over error debugging verbosity 70 71 //#define MAX_BUF (16 * 1024) 72 #define MAX_BUF 16384 73 74 /* Older Solaris doesn't seem to define INADDR_NONE */ 75 #ifndef INADDR_NONE 76 #define INADDR_NONE ((unsigned long) -1 77 #endif 78 79 /* Cygwin doesn't seem to define INET_ADDRSTRLEN */ 80 #ifndef INET_ADDRSTRLEN 81 #define INET_ADDRSTRLEN 16 82 #endif 83 84 // Number of seconds that idle threads can linger before exiting, when no tasks 85 // come in. The idle threads can only exit if they are extra threads, above the 86 // number of minimum threads. 87 #define POOL_THREAD_LINGER 1 88 89 #define FREE(x) \ 90 if (x != NULL) { \ 91 free(x); \ 92 x = NULL; \ 93 } 94 95 #define L_UNSET 0 96 #define L_SINGLE 1 97 #define L_FILE 2 98 #define L_COMBO 3 99 #define L_PWDUMP 4 100 101 typedef struct __sPass { 102 struct __sPass *psPassNext; 103 char *pPass; 104 } sPass; 105 106 /* Used in __sUser to define progress of an individual username audit */ 107 #define PL_UNSET 0 108 #define PL_NULL 1 109 #define PL_USERNAME 2 110 #define PL_LOCAL 3 111 #define PL_GLOBAL 4 112 #define PL_DONE 5 113 #define PASS_AUDIT_COMPLETE 6 114 115 typedef struct __sUser { 116 struct __sUser *psUserNext; 117 char *pUser; 118 struct __sPass *psPass; 119 struct __sPass *psPassCurrent; 120 struct __sPass *psPassPrevTmp; 121 char *pPass; 122 int iPassCnt; 123 int iLoginsDone; 124 int iPassStatus; 125 int iId; 126 } sUser; 127 128 /* Used in __sHost to define progress of the audit of the host's users */ 129 #define UL_UNSET 0 130 #define UL_NORMAL 1 131 #define UL_MISSED 2 132 #define UL_DONE 3 133 #define UL_ERROR 4 134 135 typedef struct __sHost { 136 struct __sHost *psHostNext; 137 char *pHost; 138 int iUseSSL; // use SSL 139 int iPortOverride; // use this port instead of the module's default port 140 int iTimeout; // Number of seconds to wait before a connection times out 141 int iRetryWait; // Number of seconds to wait between retries 142 int iRetries; // Number of retries to attempt 143 sUser *psUser; 144 sUser *psUserCurrent; 145 sUser *psUserPrevTmp; 146 int iUserCnt; 147 int iUserPassCnt; 148 int iUsersDone; // number of users tested 149 int iUserStatus; 150 int iId; 151 } sHost; 152 153 /* Used in __sCredentialSet to relay information to module regarding user */ 154 #define CREDENTIAL_SAME_USER 1 155 #define CREDENTIAL_NEW_USER 2 156 #define CREDENTIAL_DONE 3 157 158 typedef struct __sCredentialSet { 159 struct __sCredentialSet *psCredentialSetNext; 160 struct __sUser *psUser; 161 char *pPass; 162 int iStatus; 163 } sCredentialSet; 164 165 typedef struct __sServer { 166 struct __sAudit *psAudit; 167 struct __sHost *psHost; 168 char *pHostIP; 169 int iValidPairFound; 170 int iId; 171 int iLoginCnt; // total number of logins performed concurrently against specific server 172 int iLoginsDone; // number of logins performed by all threads under this server 173 174 sCredentialSet *psCredentialSetMissed; 175 sCredentialSet *psCredentialSetMissedCurrent; 176 sCredentialSet *psCredentialSetMissedTail; 177 int iCredentialsMissed; 178 179 pthread_mutex_t ptmMutex; 180 } sServer; 181 182 #define LOGIN_RESULT_UNKNOWN 1 183 #define LOGIN_RESULT_SUCCESS 2 184 #define LOGIN_RESULT_FAIL 3 185 #define LOGIN_RESULT_ERROR 4 186 187 typedef struct __sLogin { 188 struct __sServer *psServer; 189 struct __sUser *psUser; 190 int iResult; 191 char *pErrorMsg; 192 int iId; 193 int iLoginsDone; // number of logins performed by this thread 194 } sLogin; 195 196 197 #define AUDIT_IN_PROGRESS 0 198 #define AUDIT_COMPLETE 1 199 #define LIST_IN_PROGRESS 0 200 #define LIST_COMPLETE 1 201 202 #define FOUND_PAIR_EXIT_HOST 1 203 #define FOUND_PAIR_EXIT_AUDIT 2 204 205 #define PARALLEL_LOGINS_USER 1 206 #define PARALLEL_LOGINS_PASSWORD 2 207 208 #define AUDIT_ABORT 1 209 210 typedef struct __sAudit { 211 char *pOptHost; // user specified host or host file 212 char *pOptUser; // user specified username or username file 213 char *pOptPass; // user specified password or password file 214 char *pOptCombo; // user specified combo host/username/password file 215 char *pOptOutput; // user specified output file 216 char *pOptResume; // user specified resume command 217 218 char *pModuleName; // current module name 219 220 char *pGlobalHost; 221 char *pGlobalUser; 222 char *pGlobalPass; 223 char *pGlobalCombo; 224 char *pHostFile; 225 char *pUserFile; 226 char *pPassFile; 227 char *pComboFile; 228 229 int iHostCnt; // total number of hosts supplied for testing 230 int iUserCnt; // total number of users supplied for testing 231 int iPassCnt; // total number of passwords supplied for testing 232 int iComboCnt; // total number of entries in combo file 233 int iServerCnt; // total number of hosts scanned concurrently 234 int iLoginCnt; // total number of logins performed concurrently 235 236 int iHostsDone; // number of hosts tested 237 238 int iPortOverride; // use this port instead of the module's default port 239 int iUseSSL; // enable SSL 240 int iTimeout; // Number of seconds to wait before a connection times out 241 int iRetryWait; // Number of seconds to wait between retries 242 int iRetries; // Number of retries to attempt 243 int iSocketWait; // Number of usec to wait when module calls medusaCheckSocket function 244 int HostType; 245 int UserType; 246 int PassType; 247 int iShowModuleHelp; // Flag used to show individual module help 248 249 char *pComboEntryTmp; // used to managed processing of user supplied files 250 int iHostListFlag; 251 int iUserListFlag; 252 253 int iAuditFlag; /* Tracks loading of user supplied information */ 254 255 int iPasswordBlankFlag; /* Submit a blank password for each user account */ 256 int iPasswordUsernameFlag; /* Submit a password matching the username for each user account */ 257 int iFoundPairExitFlag; /* When a valid login pair is found, end scan of host or of complete audit */ 258 int iParallelLoginFlag; /* Parallel logins by user or password */ 259 int iValidPairFound; 260 int iStatus; /* Flag to indicate to threads that audit is aborting */ 261 262 sHost *psHostRoot; 263 264 thr_pool_t *server_pool; 265 266 pthread_mutex_t ptmMutex; 267 } sAudit; 268 269 typedef struct __sModuleStart 270 { 271 char* szModuleName; 272 sLogin* pLogin; 273 int argc; 274 char** argv; 275 } sModuleStart; 276 277 278 void listModules(char* arrPaths[], int nTerminateNow); 279 int invokeModule(char* pModuleName, sLogin* pLogin, int argc, char* argv[]); 280 281 int getNextCredSet(sLogin *_psLogin, sCredentialSet *_psCredSet); 282 void setPassResult(sLogin *_psLogin, char *_pPass); 283 int addMissedCredSet(sLogin *_psLogin, sCredentialSet *_psCredSet); 284 285 #endif 286