what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

ddig1.7.c

ddig1.7.c
Posted May 5, 2002
Authored by darkyoda

DarkDig v1.7 is a tool for performing PTR lookups in a quick, stealthy, and efficient manner. Features include portscan-like functionality, ps process hiding, bulk scanning of A/B nets, pattern searching, file output, flexible IP range specification and timeouts.

Changes: Better IP range specification and code cleanup.
tags | tool, scanner
systems | unix
SHA-256 | 6a77564c6b1d7134df1a0cb887d813e0d9f57d1c0002fa6f8928ec8f7bef8091

ddig1.7.c

Change Mirror Download
/* _=_ darkDiG by darky0da _=_ 
* patterned loosely after DiG (Domain Information Groper)
* and other programs of that kind (nslookup, host, etc)
* tested on RH6.1 (x86), Solaris 2.6 (sun4u), OpenBSD 2.8 (x86)
* to compile: gcc -o darkdig darkdig.c
* (Solaris) : gcc -o darkdig darkdig.c -lnsl -lsocket
* please send comments and feedback to darky0da@hushmail.com
* use at your discretion.
*/

#include <stdio.h>
#include <strings.h> /* for strstr() */
#include <netdb.h> /* for gethostbyaddr() */
#include <arpa/inet.h> /* for inet_aton() */
#include <netinet/in.h> /* IPv4 socket addr struct */
#include <unistd.h> /* getopt() */
#include <sys/socket.h> /* for Solaris */
#include <signal.h>
#include <errno.h>
#include <ctype.h>

#define MAXHOST 255 /* do broadcast addr */
#define VERSION "1.7"
#define TIMEOUT 5 /* timeout in seconds
* lower for >= T1
* higher for <= 56K */

volatile sig_atomic_t alive = 1; /* i'm alive, yippee */
FILE *fp = NULL;

/* function protos */

void cheq_ip (int, int, int, int, int, int, int, int);
void usage (void);
void cheq_class (int, int *, int *, int *, int *, int *, int *, int *);
void name_it (char *);
void u_to_l (char *);
void catch_it (int);
void log_it (char *);

void u_to_l (char *str)
{
int i;

for (i=0; i < strlen(str); i++)
if (str[i] >= 'A' && str[i] <= 'Z')
str[i] = (int)str[i] + 'a' - 'A';
}

void cheq_ip (int l1, int l2, int l3, int l4, int u1, int u2, int u3, int u4)
{
if (l1 < 1 || l1 > 223 || l2 < 1 || l2 > 255 || l3 < 1 || l3 > 255
|| l4 < 1 || l4 > 255 || u1 < 1 || u1 > 223 || u2 < 1 || u2 > 255
|| u3 < 1 || u3 > 255 || u4 < 1 || u4 > 255) {
printf("IP address(es) out of range.\n");
exit(1);
}
else if (l1 > u1 || l2 > u2 || l3 > u3 || l4 > u4) {
printf("Some of your lower range IP vals are > upper range vals.\n");
exit(1);
}
}

void usage (void)
{
printf("Usage:\n\n");
printf("to resolve a range: ./darkdig [-fvk[g,x]] -r 1-223.1-255.1-255.1-255\n");
printf("to resolve a class: ./darkdig [-fvk[g,x]] -c <IP>\n");
printf("to resolve a single IP: ./darkdig [-fvk[g,x]] -s <IP>\n");
printf("to perform a reverse lookup: ./darkdig -l <hostname>");
printf("\n\nFlags:\n\n");
printf("-f hides darkdig from sysadminly eyes: ./darkdig -f <fake argv[0]>\n");
printf("-k <n> skips the fourth quad on n consecutive failed lookups.\n");
printf("-o <file> for terse output to a file... good for feeding to nmap.\n");
printf("-g and -x perform pattern searching, ignoring case distinctions.\n");
printf("\t-g greps for an expression (not mutual with -x).\n");
printf("\t-x excludes an expression.\n");
printf("-v for verbose output.\n");
printf("-h for this help.\n\n");
exit(-1);
}

void cheq_class (int l1, int *l2, int *l3, int *l4, int *u1, int *u2, int *u3, int *u4)
{
if (l1 > 0 && l1 <= 127) {
printf("Resolving a Class A network.. CTRL-C to timeout..\n");
*l2 = *l3 = *l4 = 1; *u1 = l1; *u2 = *u3 = *u4 = MAXHOST;
}
if (l1 >= 128 && l1 <= 191) {
printf("Resolving a Class B network..\n");
*l3 = *l4 = 1; *u1 = l1; *u2 = *l2; *u3 = *u4 = MAXHOST;
}
if (l1 >= 192 && l1 <= 223) {
printf("Resolving a Class C network..\n");
*l4 = 1; *u1 = l1; *u2 = *l2; *u3 = *l3; *u4 = MAXHOST;
}
}

void name_it (char *host)
{
struct hostent *who;

if ((who = gethostbyname(host)) == NULL) {
printf("No hostname found.\n\n");
exit(-1);
}

printf("%s is %s\n\n", host, inet_ntoa(*((struct in_addr *)who->h_addr_list[0])));
exit(0);
}

void catch_it (int signo)
{
alive = 0; /* not alive nomo' */
signal(signo, catch_it);
}

void log_it (char *filename)
{
if ((fp = fopen(filename, "w")) == NULL) {
printf("Could not open %s for writing.\n", filename);
exit(-1);
}
}

int main (int argc, char *argv[])
{

int l1 = 0, l2 = 0, l3 = 0, l4 = 0,
u1 = 0, u2 = 0, u3 = 0, u4 = 0;

int match = 0, dontmatch = 0, quash = 0, verbose = 0,
fakelen, arglen, argopt, i=0, j=0, k=0, badblock = 0, timeout, skip_size,
fileio = 0, lookups = 0, total = 0;

register int a, b, c, d;

char whodat[100], regexp[100], noregexp[100], fakearg[100],
skip_str[10], compare[100], myfile[100], *token, *iparray[4],
*iptoken, *ipbits[8];

struct hostent *who;
struct sockaddr_in servaddr;

printf("\ndarkDiG v%s by darky0da@hushmail.com\n\n", VERSION);

if (argc < 2 || argc > 12) {
usage();
}

/* break dotted-decimal format into manageable variables */

while ((argopt = getopt(argc, argv, "vcrshk:g:x:l:f:o:")) != EOF) {
switch(argopt) {
case 'v':
verbose++;
break;
case 'c':
sscanf(argv[argc-1], "%d.%d.%d.%d", &l1, &l2, &l3, &l4);
u1 = 223; u2 = u3 = u4 = 255;
cheq_ip(l1, l2, l3, l4, u1, u2, u3, u4);
cheq_class(l1, &l2, &l3, &l4, &u1, &u2, &u3, &u4);
break;
case 'r':
if (strstr(argv[argc-1], "-")) {
token = (char *)strtok(argv[argc-1], ".");
while ((i < 4) && token != NULL) {
iparray[i++] = token;
token = (char *)strtok(NULL, ".");
}
for (i = 0, j=0; i <4; i++, j++) {
if (strstr(iparray[i], "-")) {
ipbits[j] = (char *)strtok(iparray[i],"-");
ipbits[++j] = (char *)strtok(NULL, "-");
} else {
ipbits[j] = (char *)iparray[i];
ipbits[++j] = (char *)iparray[i];
}
}
for (i=0; i < 8; i++) {
switch(i) {
case 0:
l1 = atoi(ipbits[i]);
break;
case 1:
u1 = atoi(ipbits[i]);
break;
case 2:
l2 = atoi(ipbits[i]);
break;
case 3:
u2 = atoi(ipbits[i]);
break;
case 4:
l3 = atoi(ipbits[i]);
break;
case 5:
u3 = atoi(ipbits[i]);
break;
case 6:
l4 = atoi(ipbits[i]);
break;
case 7:
u4 = atoi(ipbits[i]);
break;
}
}
cheq_ip(l1,l2,l3,l4,u1,u2,u3,u4);
break;
}
sscanf(argv[argc-2], "%d.%d.%d.%d", &l1, &l2, &l3, &l4);
sscanf(argv[argc-1], "%d.%d.%d.%d", &u1, &u2, &u3, &u4);
cheq_ip(l1, l2, l3, l4, u1, u2, u3, u4);
break;
case 's':
sscanf(argv[argc-1], "%d.%d.%d.%d", &l1, &l2, &l3, &l4);
u1 = l1; u2 = l2; u3 = l3; u4 = l4;
cheq_ip(l1, l2, l3, l4, u1, u2 ,u3, u4);
break;
case 'g':
strncpy(regexp, optarg, 100);
u_to_l(regexp);
match++;
break;
case 'x':
strncpy(noregexp, optarg, 100);
u_to_l(noregexp);
dontmatch++;
break;
case 'l':
name_it(optarg);
break;
case 'f':
strncpy(fakearg, optarg, 100);
quash++;
break;
case 'h':
usage();
break;
case 'k':
timeout++;
skip_size = atoi(strncpy(skip_str, optarg, 10));
break;
case 'o':
strncpy(myfile, optarg, 100);
log_it(myfile);
fileio++;
default:
break;
}
}

/* ripped from nmap.c */

/* only seems to work well with linux, and even then, top or lsof will
* defeat it.. */

if (quash){

arglen = strlen(argv[0]);
fakelen = strlen(fakearg);

/* The fake argument needs to be shorter than "darkdig\0" */

if (arglen < fakelen) {
printf("\nSupply an argv shorter than %d chars.\n", arglen);
exit(-1);
}
strncpy(argv[0], fakearg, fakelen);
for (i = fakelen; i < arglen; i++)
argv[0][i] = '\0';

/* null out argv[1]..argv[n] */

for (i = 1; i < argc; i++) {
arglen = strlen(argv[i]);
for (j = 0; j <= arglen; j++)
argv[i][j] = '\0';
}
}

printf("\nPatience, dark jedi..\n\n");

/* w/o temp variables a-d, condition will break without looping */

for (a = l1; a <= u1; a++) {
for (b = l2; b <= u2; b++) {
for (c = l3; c <= u3; c++) {
for (d = l4; d <= u4; d++) {

signal (SIGALRM, catch_it);
snprintf(whodat, sizeof(whodat), "%d.%d.%d.%d", a, b, c, d);
bzero(&servaddr, sizeof(servaddr));
servaddr.sin_addr.s_addr = inet_addr(whodat);
alarm(TIMEOUT);
if ((who = gethostbyaddr((void *)&servaddr.sin_addr, sizeof(who), AF_INET)) == NULL) {

if (!alive) {
if (verbose) printf("%s: <timeout>\n", whodat);
badblock++;
alive++;
continue;
}
if (verbose) {
switch(h_errno) {
case 1:
printf("%s: No hostname\n", whodat);
break;
case 2:
printf("%s: Network error\n", whodat);
break;
case 3:
printf("%s: Unexpected error\n", whodat);
break;
case 4:
printf("%s: No address available\n", whodat);
break;
default:
break;
}
}
if (timeout) {
badblock++;
if (badblock >= skip_size) {
if (verbose) printf("_=_ Skipping %d.%d.%d.%d-255\n", a, b, c, ++d);
d = MAXHOST;
badblock = 0;
}
}
continue;
}
if (!alive) {
if (verbose) printf("%s: <timeout>\n", whodat);
badblock++;
alive++;
continue;
}
if (!match && !dontmatch) {
printf("%s is %s\n", whodat, who->h_name);
lookups++;
if (fileio) {
fprintf(fp, "%s\n", whodat);
if (fflush(fp)) {
perror("fflush");
exit(-1);
}
}
badblock = 0;
}
else if (match && !dontmatch) {
u_to_l(who->h_name);
if (strstr(who->h_name, regexp)) {
printf("%s is %s\n", whodat, who->h_name);
lookups++;
if (fileio) {
fprintf(fp, "%s\n", whodat);
if (fflush(fp)) {
perror("fflush");
exit(-1);
}
}
}
else if (verbose)
printf("%s: pattern not found\n", whodat);
badblock = 0;
}
else if (dontmatch && !match) {
u_to_l(who->h_name);
if (!strstr(who->h_name, noregexp)) {
printf("%s is %s\n", whodat, who->h_name);
lookups++;
if (fileio) {
fprintf(fp, "%s\n", whodat);
if (fflush(fp)) {
perror("fflush");
exit(-1);
}
}
}
else if (verbose)
printf("%s: no match\n", whodat);
badblock = 0;
}

/* it doesn't make too much sense to use -g and -x simultaneously
* since -g returns a unique list that only intersects with -x
* if both expressions are present.
*/

else if (match && dontmatch) {
printf("Specify -g *or* -x.\n\n");
exit(-1);
}
}
}
}
}

total = ((u1-l1)+1)*((u2-l2)+1)*((u3-l3)+1)*((u4-l4)+1);
printf("\nDone. Resolved %d of %d hostnames.\n\n", lookups, total);
if (fileio) {
fclose (fp);
}
exit(0);
}
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    17 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close