/* gatecheck.c By BigDawg - [ http://www.rootshell.com/ ]
 * Use: put a list of ips (one per line) in ips.in then run gatecheck. 
 * The list of unsecure wingate servers will be saved to ips.out
 * Compile: gcc gatecheck.c -o gatecheck
 * 
 * [20:01] <Skeeter> put my name in the source ;) 
 * 
 * I'd like to say thanks to all who have helped me throughout the past years.
*/
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <sys/stat.h>
#include <netinet/in.h>
#include <netdb.h>
#include <fcntl.h>
#include <errno.h>
#include <signal.h>
#include <stdio.h>
#include <time.h>
#include <stdarg.h>
#include <ctype.h>
#include <arpa/inet.h>
extern int hexstr;
static int sockfd2;
static int sockfd;
static int gatenum = 0;
static int toscan = 0;
#define DEF_FILE "ips.in"
#define OUT_FILE "ips.out"
#define socktimeout 10
#define longtime 3000
#define getthetime()            time((void *)0)
int sigalrm_handler(int sig)
{
    close(sockfd);
   return;
}
int main()
{
   
    FILE *in;
        FILE *server_file;
        int i;
	 time_t  ct;
        char *sockfile;
        char sockip[1024];
        sockfile = DEF_FILE;  
     printf("========================\n");
     printf("gatecheck 0.3 by BigDawg\n");
     printf("========================\n");
      in = fopen(sockfile,"r"); 
     while(fgets(sockip,80,in))
     {
          if(sockip[0] == '\0')
{
                fclose(in);
                exit(1);
}
     sockip[strlen(sockip) -1] = '\0';
     toscan++;
}

fclose(in);
     printf("Loaded %i gates to scan\n",toscan);
     printf("\n");
     in = fopen(sockfile,"r");
     while(fgets(sockip,80,in))
     {
          if(sockip[0] == '\0')
{
                fclose(in);
                exit(1);
}
          sockip[strlen(sockip) -1] = '\0';
      signal(SIGALRM, sigalrm_handler);
      alarm(socktimeout);
     toscan--;
     printf("Scanning %s (%i more to go)\r",sockip,toscan);
      fflush(stdout);
    printf("                                                                  \r");
    wingate(sockip);
     signal(SIGALRM, sigalrm_handler);
    alarm(longtime);
}
printf("Done checking!\n");
printf("%i wingates found\n",gatenum);
fclose(in);
exit(1);
}


int wingate(char *host)
{
        int wgsock;
        int e;
        int d;
        FILE *ips;
        int numbytes;
        char buf[1024];
        struct in_addr MyHostAddr;
        struct hostent *he;
        struct sockaddr_in sin;
        fd_set gateset;
        struct timeval tv;
        sockfd = socket(AF_INET, SOCK_STREAM, 0);
        sin.sin_family = AF_INET;
        sin.sin_port = htons(23);
        sin.sin_addr.s_addr = inet_addr(host);
        if(sin.sin_addr.s_addr == INADDR_NONE)
        {
                he = gethostbyname(host);
                if(!he)
                {
                        close(sockfd);
                        return;
                }
                memcpy(&sin.sin_addr, he->h_addr, he->h_length);
        }
       e = connect(sockfd, (struct sockaddr *)&sin, sizeof(sin));
         if (e < 0)
        {
                close(sockfd);
                return;
      }
  FD_ZERO(&gateset);
  FD_SET(sockfd, &gateset);
  tv.tv_sec = 10;
  tv.tv_usec = 0;
  d = select(sockfd+4, NULL, &gateset, NULL, &tv);
   if(d == 0)
   {
     close(sockfd);
     return;
   }
        numbytes = read(sockfd, buf, sizeof(buf));
        buf[numbytes] = '\0';
         if(numbytes == 9) {
                        numbytes = read(sockfd, buf, sizeof(buf));
                        buf[numbytes] = '\0';
                               if (strcmp(buf, "WinGate>") == 0) {    
    
	        	close(sockfd);
                        gatenum++;
        	        printf("Open wingate server found on %s (gate #%i) (%i left to scan)\n",host,gatenum,toscan);
         		ips = fopen(OUT_FILE,"a");
               		fputs(host, ips);
                	fputs("\n", ips);
                	fclose(ips);
          		return;
}
}
}