/* Copyright 2003 Ferruh Mavituna This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Details : http://www.gnu.org/licenses/gpl.txt */ /********************************************************************/ /* 06.08.2003 // Use at own Risk, Educational Purposes Only ! /********************************************************************/ /********************************************************************/ // [+]Credits : /********************************************************************/ // by Ferruh Mavituna // ferruh {at} mavituna {dot} com // http://ferruh.mavituna.com /********************************************************************/ // [+]Info /********************************************************************/ // http://ferruh.mavituna.com/article.asp?254 // A massive scan tool Based on Internet Security Systems scanms // If you have not scanms.exe download it, // http://www.iss.net/support/product_utilities/ms03-026rpc.php // Put it to the same directory //Compiled in Visual C++ 6.0 /********************************************************************/ // [+]Usage : /********************************************************************/ // fm_scan // ex : fm_scan ip.txt > vuln.txt /********************************************************************/ // Sample txt file for mass scan /********************************************************************/ /* 127.0.0.1-127.0.0.10 195.174.96.1-195.174.96.255 */ // OR /* 127.0.0.1 127.0.0.3 195.174.96.1 195.174.96.2 195.174.96.3 195.174.96.132 */ /********************************************************************/ // [+]About DCom // Check out MS03-026 vuln. // Genrally DCOM Versions: // 5.6 - Win2K // 0.0 - WinXP /********************************************************************/ /********************************************************************/ // [+]Thanx // Internet Security Systems for scanms.exe /********************************************************************/ #include #include #include #define SCANMS_NAME "scanms.exe "; void scanms(char iprange[]); void usage(void); void credits(void); int main(int argc, char* argv[]) { char ipbuffer[256]; FILE *ipfile; credits(); // Check Arguments if(argv[1]==NULL)usage(); //Open IP File if( (ipfile = fopen( argv[1], "r" )) == NULL ){ printf( "\"%s\" couldn\'t opened ! \n",argv[1]); exit(1); }else{ printf("File Opened, Scanning....\n"); } //Get Content of File while(fgets(ipbuffer, 256, ipfile) != NULL){ char execute[255]=SCANMS_NAME; if(ipbuffer[strlen(ipbuffer)-1]=='\n')ipbuffer[strlen(ipbuffer)-1]=0; strcat(execute,ipbuffer); //printf("%s\n",execute); scanms(execute); } fclose(ipfile); printf("***********************************************\n"); printf("Scan Finished !"); return 0; } void scanms(char iprange[75]){ if(strlen(iprange)>15){ // Check empty printf("***********************************************\n"); FILE *chkdsk; char psBuffer[128]; //Execute Program and return it to chkdsk if((chkdsk = _popen(iprange, "rt" )) == NULL){ printf("scanms.exe couldn\'t found, download it from http://www.iss.net/support/product_utilities/ms03-026rpc.php\n"); printf("\nIf you have scanms.exe put it the same directory with this application"); exit(1); } //Loop it while(!feof(chkdsk)) { if(fgets(psBuffer, 128, chkdsk)!=NULL) printf(psBuffer); } // Close pipe _pclose(chkdsk); } } void usage(void){ printf("[Info & source]\nhttp://ferruh.mavituna.com/article.asp?254 \n"); printf("A massive scan tool Based on Internet Security Systems \"scanms.exe\" \n\n"); printf("[Usage]\n"); printf("fmcan \n"); printf("ex: fm_scan ip.txt > scanresults.txt\n\n"); exit(1); } void credits(void){ printf("***********************************************\n"); printf("[FM.Lab] - DCom Vuln. Mass Scanner\n"); printf("Ferruh Mavituna | ferruh(at)mavituna.com\n"); printf("http://ferruh.mavituna.com\n"); printf("***********************************************\n"); }