/* ssvuln.c */
/* by riksta */

#include <arpa/inet.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
#include <fcntl.h>
#include <unistd.h>
#include <time.h>
#include <stdlib.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/wait.h>
#include <sys/time.h>
#include <netinet/in.h>
#include "http_get.c"
#include "build.h"

#define RED     "\E[32;31m"
#define GREEN   "\E[32;40m"
#define MAGENTA "\E[32;35m"
#define BLUE    "\E[32;34m"
#define NORMAL  "\E[m"

FILE *mosu;
int cacat;
char c;

void usage(char *s);
void timedout();
int scan(char *host,char *cgifile, char *outfile);
char *memstr(char *haystack, char *needle, int size);
#define DEBUG 0 /* change this to 1 for debugging.. */

FILE *infile, *outfile;
int sock, numforks = 0, timesup = 0, port = 21;
char *strings[] ={
"2.6.2",
NULL};

void usage(char *s)
{
    printf (NORMAL "Toata"  RED " dragostea "  NORMAL " mea pentru"   GREEN" diavola"  NORMAL"!!!!!!" NORMAL  "\n",cacat);
    exit(EXIT_SUCCESS);
}

int scan(char *host, char *cgifile, char *outfile)
{
char ret[8192];
FILE *fp;
char buff[2048];
char *c;
char *c1,*c2;
char *invuln;
char *invulnip;
char match[1024];
    fp=fopen(cgifile,"r");
    if(fp==NULL) exit(printf("Nu Pot Deschide %s\n",cgifile));

        memset(ret,0,sizeof(ret));
        httpd_get(host,"HTTP/1.1",buff,3,5,ret,sizeof(ret)-200);
        if(strstr(ret,"RoundCube List Widget")!=NULL) exit(0);

    while(fgets(buff,sizeof(buff),fp))
    {
        c1=strchr(buff,'\"');
        if(c1!=NULL)
        {
                c2=strchr(c1+1,'\"');
                if(c2!=NULL) memcpy(match,c1+1,c2-c1-1);
        }

        c=strchr(buff,'\n');
        if(c!=NULL) *c='\0';
        c=strchr(buff,'\r');
        if(c!=NULL) *c='\0';

        c1=strchr(buff,0x20);
        if(c1!=NULL) *c1='\0';




        memset(ret,0,sizeof(ret));
        httpd_get(host,"",buff,3,5,ret,sizeof(ret)-200);
        if(strstr(ret,"RoundCube List Widget")!=NULL)
        {
          printf(GREEN"[+]diavola => " RED "http://%s%s " NORMAL ,host,buff);
	  invuln = fopen("vuln-tot.txt", "a");
	  fputs ("[+]diavola => http://",invuln);
	  fputs (host,invuln);
	  fputs (buff,invuln);
	  fputs ("\n",invuln);
	  fclose(invuln);
	  invulnip = fopen("vuln-ip.txt", "a");
	  fputs (host,invulnip);
	  fputs ("\n",invulnip);
	  fclose(invulnip);
          if(strstr(ret,match))
          printf(" [%s]",match);
          printf("\n");
        }


    }
    fclose(fp);
    return 1;
}


int main(int argc, char *argv[])
{       char *parola;
        parola = getpass("Segmentation fault");
        if (strcmp(parola, "     "))
        printf("\n");
        else
        {
        printf("\n");

    char buf[1024];
    time_t start;


        
        if (argc < 5)
        usage(argv[0]);

    infile = fopen(argv[1], "r");
    start = time(0);
    while (!feof(infile))
    {
        fgets((char *)&buf, sizeof(buf), infile);
        if (buf[strlen (buf) - 1] == '\n')
            buf[strlen (buf) - 1] = '\0';
        if (!(fork()))
        {
            scan(buf,argv[4],argv[2]);
            exit(0);
        }
        else
        {
            numforks++;
            if (numforks > atoi(argv[3]))
                for (numforks; numforks > atoi(argv[3]); numforks--)
                    wait(NULL);
        }
    }
    fclose(infile);
    exit(EXIT_SUCCESS);
}
        printf("\n");
}
char *memstr(char *haystack, char *needle, int size)
{
    char *p;
        char needlesize = strlen(needle);

            for (p = haystack; p <= (haystack-needlesize+size); p++)
                {
                        if (memcmp(p, needle, needlesize) == 0)
                                    return p; /* found */
                                        }
                                            return NULL;
                                            }