/*
C socket stuff(c) 1999-11
*/
#include <sys/types.h>
#include <sys/time.h>
#include <fcntl.h>
#include <time.h>
#include <sys/stat.h>

#include <sys/types.h>
#if defined(WIN32)
#include <winsock.h>
#include <io.h>
#else /* !defined(WIN32) */
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>
#include <pwd.h>
#include <unistd.h>
#include <stdarg.h>
#endif	/* defined(WIN32) */
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <string.h>
#include <ctype.h>
#include <sys/stat.h>
#include <setjmp.h>
#include <signal.h>
#include <limits.h>

#define _LINUX 2
#define _FREEBSD 3
#define _SOLARIS 4
#define _OPENBSD 5
#define _IRIX 6
#define _WINGATE 7
#define _UNKNOWN 8
#define _REDHAT 9
#define _SLACKWARE 10
#define _AIX 11

// for finger()

#define IRIX_LP_CHECK 2
#define ALL_USERS 3

struct opts {
char rdns, zone, host, nogetips; /* flags for method of getting ip's */
char statd, xwin, wingate, router, verbose, imapd, all, exports;
char cgi, named, file, truncate, pop, finger;
char singleip;
char network[32];
}opts;

struct cgi {
   char phf, php, handler, test, nphtest, queryhit, webdist;
}cgi;

struct box {
char statd, xwin, wingate, router, verbose, imapd, named, all;
char exports[12][32];
struct cgi cgi;
}box;

struct portscan_ {
char smtp, httpd, telnet, rpc, xwin, finger, imapd, pop, named, rlogin;
}portscan_;

char ipfile[64]; // file to store IP's in.

char *host2ip (char *serv);



void probe (register char const *sockip);

extern int hexstr;
static int sockfd2;
int toscan = 0;
int gatenum = 0;
#define DEF_FILE "gatein.txt"
#define OUT_FILE "gateout.txt"
#define socktimeout 10
#define longtime 3000

#define getthetime() 
static int sockfd;

static char const tcp[] = "tcp";
static char const whois_service[] = "whois";

static char const arin_server[] = "whois.arin.net";
static char const ripe_server[] = "whois.ripe.net";
static char const apnic_server[] = "whois.apnic.net";
static char const aunic_server[] = "whois.aunic.net";

static char const arin_handle[] = "ARIN:";
static char const ripe_handle[] = "RIPE:";
static char const apnic_handle[] = "APNIC:";
static char const aunic_handle[] = "AUNIC:";

#ifdef __cplusplus
#define argname(x)
#else
#define argname(x) x
#endif

#if !defined(__GNUC__) && !defined(__GNUG__)
#define __attribute__(x)
#endif

#if defined(SunOS4)
extern int printf (const char *, ...);
extern int fprintf (FILE *, const char *, ...);
extern int socket (int, int, int);
extern int connect (int, struct sockaddr *, int);
extern int _filbuf (FILE *);
extern int _flsbuf (int, FILE *);

extern char *sys_errlist[];

static char *
strerror (int err)
{
  return sys_errlist[err];
}
#endif /* defined(SunOS4) */

typedef enum Bool { False, True } Bool;

typedef struct in_addr in_addr;
  
typedef struct in_addr_range { 
    in_addr     start;
    in_addr     end;
} in_addr_range;

static char *pname;
static Bool wingate_mode = True;
static Bool sock_mode = False;
static Bool verbose_mode = False;
static Bool lookup_mode = False;
static Bool addr_mode = False;
static Bool handle_mode = False;
static Bool add_handle_prefixes = False;
static jmp_buf recovery;
static struct protoent *protocol;
static struct servent *service;
static unsigned timeout = 0; /* Default */

#if !defined(RANGE_FUNC)
/* Getopt & inet_aton code borrowed from BSD; ANSIfied and also reformatted 
   to meet GNU coding conventions.  Also modified to meet RFG coding style. */


static int my_opterr = 1;	/* if error message should be printed */
static int my_optind = 1;	/* index into parent argv vector */
static int my_optopt;		/* character checked for validity */
static int optreset;		/* reset getopt */
static char *my_optarg;		/* argument associated with option */

#define	BADCH	(int)'?'
#define	BADARG	(int)':'
#define	EMSG	""

struct hostent *ip2name( char *ip, struct hostent *host)
{
  if ((host=gethostbyname(ip))==NULL)
	{
     	if ((host=gethostbyaddr(ip,4,AF_INET))==NULL) 
            return(host);
       }

  return(host);
}


char *myinet(char *s)
{
return s; 
}

/*
 * getopt --
 *      Parse argc/argv argument vector.
 */
static int
my_getopt (register int const nargc, register char *const *const nargv,
	   register const char *const ostr)
{
  static char *place = EMSG;	/* option letter processing */
  register char *oli = NULL;	/* option letter list index */

  if (optreset || ! *place)
    {				/* update scanning pointer */
      optreset = 0;
      if (my_optind >= nargc || *(place = nargv[my_optind]) != '-')
	{
	  place = EMSG;
	  return -1;
	}
      if (place[1] && * ++place == '-')
	{			/* found "--" */
	  ++my_optind;
	  place = EMSG;
	  return -1;
	}
    }				/* option letter okay? */
  if ((my_optopt = (int) *place++) == (int) ':'
      || ! (oli = strchr (ostr, my_optopt)))
    {
      /*
       * if the user didn't specify '-' as an option,
       * assume it means -1.
       */
      if (my_optopt == (int) '-')
	return -1;
      if ( ! *place)
	++my_optind;
      if (my_opterr && *ostr != ':')
	fprintf (stderr, "%s: illegal option -- %c\n", pname, my_optopt);
      return BADCH;
    }
  if (* ++oli != ':')
    {				/* don't need argument */
      my_optarg = NULL;
      if ( ! *place)
	++my_optind;
    }
  else
    {				/* need an argument */
      if (*place)		/* no white space */
	my_optarg = place;
      else if (nargc <= ++my_optind)
	{			/* no arg */
	  place = EMSG;
	  if (*ostr == ':')
	    return BADARG;
	  if (my_opterr)
	    fprintf (stderr, "%s: option requires an argument -- %c\n",
		     pname, my_optopt);
	  return BADCH;
	}
      else			/* white space */
	my_optarg = nargv[my_optind];
      place = EMSG;
      ++my_optind;
    }
  return my_optopt;		/* dump back option letter */
}
#endif /* !defined(RANGE_FUNC) */


/*
static char sccsid[] = "@(#)inet_addr.c	8.1 (Berkeley) 6/17/93";
*/

/* 
 * Check whether "cp" is a valid ascii representation
 * of an Internet address and convert to a binary address.
 * Returns 1 if the address is valid, 0 if not.
 * This replaces inet_addr, the return value from which
 * cannot distinguish between failure and a local broadcast address.
 */
static int
my_inet_aton (register const char *cp, register struct in_addr *addr)
{
	register unsigned long val;
	register int base, n;
	register char c;
	u_int parts[4];
	register u_int *pp = parts;

	c = *cp;
	for (;;) {
		/*
		 * Collect number up to ``.''.
		 * Values are specified as for C:
		 * 0x=hex, 0=octal, isdigit=decimal.
		 */
		if (!isdigit(c))
			return (0);
		val = 0; base = 10;
		if (c == '0') {
			c = *++cp;
			if (c == 'x' || c == 'X')
				base = 16, c = *++cp;
			else
				base = 8;
		}
		for (;;) {
			if (isascii(c) && isdigit(c)) {
				val = (val * base) + (c - '0');
				c = *++cp;
			} else if (base == 16 && isascii(c) && isxdigit(c)) {
				val = (val << 4) |
					(c + 10 - (islower(c) ? 'a' : 'A'));
				c = *++cp;
			} else
				break;
		}
		if (c == '.') {
			/*
			 * Internet format:
			 *	a.b.c.d
			 *	a.b.c	(with c treated as 16 bits)
			 *	a.b	(with b treated as 24 bits)
			 */
			if (pp >= parts + 3)
				return (0);
			*pp++ = val;
			c = *++cp;
		} else
			break;
	}
	/*
	 * Check for trailing characters.
	 */
	if (c != '\0' && (!isascii(c) || !isspace(c)))
		return (0);
	/*
	 * Concoct the address according to
	 * the number of parts specified.
	 */
	n = pp - parts + 1;
	switch (n) {

	case 0:
		return (0);		/* initial nondigit */

	case 1:				/* a -- 32 bits */
		break;

	case 2:				/* a.b -- 8.24 bits */
		if (val > 0xffffff)
			return (0);
		val |= parts[0] << 24;
		break;

	case 3:				/* a.b.c -- 8.8.16 bits */
		if (val > 0xffff)
			return (0);
		val |= (parts[0] << 24) | (parts[1] << 16);
		break;

	case 4:				/* a.b.c.d -- 8.8.8.8 bits */
		if (val > 0xff)
			return (0);
		val |= (parts[0] << 24) | (parts[1] << 16) | (parts[2] << 8);
		break;
	}
	if (addr)
		addr->s_addr = htonl(val);
	return (1);
}

/* Initialize and shutdown MS Windows Sockets interface.  */

static void
mswinsock_init (void)
{
#if defined(WIN32)
  auto WSADATA WSAData;
  register int const status = WSAStartup (MAKEWORD (1,1), &WSAData);

  if (status != 0)
    {
      fprintf (stderr, "%s: WSAStartup: %d", pname, status);
      exit(2);
    }
#endif	/* defined(WIN32) */
}

static void 
mswinsock_shutdown (void)
{
#if defined(WIN32)
  register int const status = WSACleanup ();

  if (status != 0)
    {
      fprintf (stderr, "%s: WSAShutdown: %d", pname, status);
      exit(2);
    }
#endif	/* defined(WIN32) */
}

/* Print error, properly terminate access to winsock (WIN32), then exit.  */

static void fatal (register int const exit_code, const char* fmt, ...)
    __attribute__ ((noreturn));

static void
fatal (register int const exit_code, const char* fmt, ...)
{
  va_list ap;

  va_start (ap, fmt);
  vfprintf (stderr, fmt, ap);
  va_end (ap);
  exit (exit_code);
}

#if !defined(RANGE_FUNC)
static void
usage (void)
{
  fprintf (stderr, "%s: usage `%s [-a] [-w] [-s] [-S] [-t] [-v] [-T secs] address'\n", 
    pname, pname);
  fprintf (stderr, "\t-w \t wingate (default) \n\t-S \t socks \n");
  fprintf (stderr, "\t-s \t wingate & socks \n");
  fprintf (stderr, "\t-l \tlookup \n\t-T \t timeout \n\t-v \t verbose \n");

  exit (2);
}
#endif /* !defined(RANGE_FUNC) */

static void *
xmalloc (register unsigned size)
{
  register void *p;

  if ((p = malloc (size)) == 0)
    fatal (2, "%s: memory exhausted\n", pname);
  return p;
}

/* substr(s1,s2) - return a pointer to the first instance of the string
   s2 within the string s1, or NULL if s2 does not appear within s1.  */

static char const *
substr (register const char *s1, register char const *s2)
{
  for (; *s1 ; s1++)
    {
      register char const *p1;
      register char const *p2;
      register int c;

      for (p1 = s1, p2 = s2; (c = *p2); p1++, p2++)
        if (*p1 != c)
          goto outer;
      return s1;
outer:
      ;
    }
  return 0;
}

/* subnstr(s1,s2,n) - return a pointer to the first instance of the string
   s2 within the first n characters of string s1, or NULL if s2 does not
   appear within the first n characters of s1.  Note that if the first n
   characters of the string pointed to by s1 includes a nul bytes, then
   the search for the subscring s2 terminates at that point, even if the
   value of n would otherwise suggest that the search should continue
   further.  */

static char const *
subnstr (register char const *s1, register char const *s2,
	 register unsigned long n)
{
  register char const *const s1_limit = s1 + n;

  for (; *s1 && s1 < s1_limit ; s1++)
    {
      register char const *p1;
      register char const *p2;
      register int c;

      for (p1 = s1, p2 = s2; (c = *p2); p1++, p2++)
        if (*p1 != c)
          goto outer;
      return s1;
outer:
      ;
    }
  return 0;
}

/*  skip whitespace characters, blank & \t; return pointer to next char.
    note: isspace() also includes cr & lf, which we don't want  */

static char const *
skip_ws (register char const *startp)
{
  register char const *p = startp;
  while (*p)
    {
      register int const ch = *p;

      if ((ch != ' ') && (ch != '\t'))
	break;

      p++;
    }

  return p;
}

#if !defined(RANGE_FUNC)
/* Return True if the given string consists of only digits,
   and at least one period.  */

static Bool
vaguely_ipish (register char const *s)
{
  register char const *p;
  register int ndots = 0;

  for (p = s; *p; p++)
    {
      register int const ch = *p;

      if (!isdigit (ch))
	{
	  if (ch == '.')
	    ndots++;
	  else
	    return False;
	}
    }
  return ndots ? True : False;
}

/* We provide our own version of gethostbyname here because the one on
   Linux seems to improperly yield a non-null (success) result if and when
   it is passed such bogus strings as "24" or "24.0".  We avoid that here.  */

static struct hostent *
my_gethostbyname (register char const *const name)
{
  return vaguely_ipish (name) ? (struct hostent *)0 : gethostbyname (name);
}
#endif /* !defined(RANGE_FUNC) */

#if !defined(WIN32)
static void
alarm_handler (register int argname(signo))
{
  longjmp (recovery, 1);
}
#endif	/* !defined(WIN32) */

/* Try connecting to (and sending a specified query to) either a WHOIS server
   or an RWHOIS server.

   If we can't connect for any reason, log a suitable error message to stderr
   and then return NULL.  */

static char const *
query_server (register char const *const server,
	      register int const portno,
	      register char const *const arg)
{
  register struct hostent *hp;
  struct sockaddr_in sin;
  register int sock;
  register int con_result;
  auto unsigned long server_addr;

  /* Lookup the server's IP address.  */
  if (!(hp = gethostbyname (server)))
    fatal (2, "%s: Error: Unable to find %s server: %s\n",
	   pname, whois_service, server);

  /* Create socket.  */
  if ((sock = socket (AF_INET, SOCK_STREAM, protocol->p_proto)) < 0)
    fatal (2, "%s: Error opening %s socket: %s\n",
	   pname, tcp, strerror (errno));

  sin.sin_family = AF_INET;
  memcpy (&server_addr, hp->h_addr, sizeof server_addr);
  sin.sin_addr.s_addr = server_addr;
  sin.sin_port = htons (portno);

  if (verbose_mode)
    fprintf (stderr, "%s: Connecting to server: %s:%d\n",
	     pname, server, portno);

#if !defined(WIN32) /* no SIGALRM on WIN32 */
  signal (SIGALRM, alarm_handler);
  if (setjmp (recovery) != 0)
    {
      fprintf (stderr, "%s: Timeout connecting to server `%s'\n",
	       pname, server);
      return NULL;
    }
  else
#endif	/*	!defined(WIN32)	*/
    {
#if !defined(WIN32)
      if (timeout)
        alarm (timeout);
#endif /* !defined(WIN32) */
      con_result = connect (sock, (struct sockaddr *)&sin, sizeof sin);
#if !defined(WIN32)
      if (timeout)
        alarm (0);
#endif	/* !defined(WIN32) */
      if (con_result < 0)
	{
          fprintf (stderr, "%s: Error connecting to server `%s': %s\n",
                   pname, server, strerror (errno));
	  return NULL;
	}
      else
        {
	  enum { ibuf_size = (1 << 16) };
          char ibuf[ibuf_size];
	  register char const *const ibuf_limit = &ibuf[ibuf_size];
	  register char *inp = ibuf;
	  register unsigned long space_left = ibuf_size;
	  register unsigned long used;
	  register char *result;

	  if (verbose_mode)
	    fprintf (stderr, "%s: Query: %s\n", pname, arg);

	  send (sock, arg, strlen (arg), 0);
	  send (sock, "\n", 1, 0);

	  for (;;)
	    {
	      register int result;

	      if ((result = recv (sock, inp, space_left, 0)) <= 0)
		break;
	      if ((inp += result) >= ibuf_limit)
		fatal (2, "%s: Response from server `%s' too large\n",
		       pname, server);
	      space_left -= result;
	    }
          close (sock);
	  used = inp - ibuf;
	  result = (char *) xmalloc (used + 1);
	  memcpy (result, ibuf, used);
	  result[used] = '\0';
	  return result;
        }
    }
}

static char const *
whois (register char const *const server, register char const *const arg)
{
//  return query_server (server, 43, arg);
}

/* The following routine allows us to get more specific data in the case
   of some specific networks that happen to put all of their sub-block
   registration data into their own local RWHOIS server, rather than
   SWIP'ing it all to ARIN.  Some examples include Digex (e.g. 209.116.1.1),
   Epoch (e.g. 207.168.1.1), and Exodus (e.g. 209.1.1.1).

   Note that CAIS Internet (cais.net) _claims_ to be running an rwhois server
   (e.g. in their ARIN registration record for their 207.226.0.0/16 address
   block) however the reality is that this this rwhois servers is dead, and
   not accepting connections.  In cases such as that, the following function
   will yield a NULL pointer.
*/

static char const *
fetch_rwhois_data (register char const *const whois_data,
		   register char const *const dotted_quad)
{
  static char const rwhois_prefix[] = "rwhois.";
  enum { rwhois_prefix_len = sizeof rwhois_prefix - 1 };
  register char const *const p = substr (whois_data, rwhois_prefix);
  register char const *q;
  register unsigned srvr_len;
  register char *server;
  register int portno = 0;
  register char const *result;

  if (!p)
    return NULL;

  for (q = p + rwhois_prefix_len; *q && !isspace (*q); q++)
    continue;
  srvr_len = q - p;
  server = (char *) xmalloc (srvr_len + 1);
  memcpy (server, p, srvr_len);
  server[srvr_len] = '\0';
  while (isspace (*q))
    q++;
  while (isdigit (*q))
    portno = (portno * 10) + (*q++ - '0');
  if (!portno)
    portno = 4321;  /* Default rwhois port.  */

  /* The following line will cause us to return NULL in cases where the
     designated rwhois server is either dead or not responding.  */

  if ((result = query_server (server, portno, dotted_quad)) == NULL)
    return NULL;

  /* In general, the first line of output from most rwhois servers will be
     a header line like "%rwhois V-blah blah blah".  We skip over that
     useless jizz here.  */

  if (*result == '%')
    {     
      do    
        result++;
      while (*result && *result != '\n');
      result++;
    } 

  /* The Exodus.Net rwhois server sometimes gives %error (and then no useful
     data) for IP addresses that do exist, that are in use, and that reside
     within Exodus's address blocks, like for example 216.32.210.46.  We
     deal with this bit of stupidity here.  */

  if (strncmp (result, "%error", 6) == 0)
    return NULL;

  return result;
}

static void
print_range (register in_addr_range const *rangep)
{
  /* WARNING: Do not try to combine the following two calls to printf into
     one.  doing so will result in wrong results because there is only one
     buffer for the results of the calls to inet_ntoa().  */
  printf ("%s-", inet_ntoa (rangep->start));
  printf ("%s\n", inet_ntoa (rangep->end));
}

static char const *
containing_block (register char const *const dotted)
{
  register char const *const last_dot = strrchr (dotted, '.');
  if (last_dot)
    {
      register unsigned const len = last_dot - dotted;
      register char *const result = (char *) xmalloc (len + 1);

      memcpy (result, dotted, len);
      result[len] = '\0';
      return result;
    }
  else
    return NULL; 
}

/* Return True if we were in fact able to find (or deduce) a valid IP address
   range in the individual summary record that was passed to us, or else
   return False if we were not able to find such an address range.  */
static void
normalize_in_addr_range (register in_addr_range *const rangep)
{
  register unsigned long rstart = ntohl (rangep->start.s_addr);
  register unsigned long rend = ntohl (rangep->end.s_addr);

  if ((rend & 0xff000000) != (rstart & 0xff000000)) /* Have at least one /8. */
    if ((rend & 0x00ff0000) == 0)
      {
	rangep->end.s_addr = htonl (rend | 0xffffff);
	return;
      }

  if ((rend & 0x00ff0000) != (rstart & 0x00ff0000)) /* Have at least one /16. */
    if ((rend & 0x0000ff00) == 0)
      {
	rangep->end.s_addr = htonl (rend | 0xffff);
	return;
      }

  if ((rend & 0x0000ff00) != (rstart & 0x0000ff00)) /* Have at least one /24. */
    if ((rend & 0x000000ff) == 0)
      rangep->end.s_addr = htonl (rend | 0xff);
}

static unsigned long
sizeof_in_addr_range (register in_addr_range const range)
{
  return (range.end.s_addr - range.start.s_addr) + 1;
}

static int
within_in_addr_range (register in_addr_range const *const rangep,
		      register in_addr addr)
{
  register unsigned long rstart = ntohl (rangep->start.s_addr);
  register unsigned long rend = ntohl (rangep->end.s_addr);
  register unsigned long address = ntohl (addr.s_addr);

#if 1
  printf ("checking %s <= ", inet_ntoa (rangep->start));
  printf ("%s", inet_ntoa (addr));
  printf (" <= %s\n", inet_ntoa (rangep->end));
#endif

  return (address >= rstart && address <= rend);
}

/*  parse IP address, and convert into in_addr. 
    Return pointer to next non-space char if successful, null if not.  */

static char const *
scan_ip (register char const *const data, register in_addr *const addrp)
{
  register char const *startp;
  register char const *p;
  register unsigned len;
  auto char ip_buf[16];

  startp = skip_ws (data);
  p = startp;
  while (*p)
    {
      register int const ch = *p;

      if (!isdigit (ch) && ch != '.')
	break;
      p++;
    }

  len = p - startp;
  if (len < sizeof (ip_buf))
    {
      memcpy(ip_buf, startp, len);
      ip_buf[len] = '\0';
      if(!my_inet_aton (ip_buf, addrp))
        return NULL;
    }
    else
      return NULL;
	
  return skip_ws (p);
}

/*  Search whois data for address range or starting IP, prefixed with
    specified string on same line (e.g. "inetnum: 1.2.3.4 - 5.6.7.8").
    Return range, concocting ending IP if necessary.  */

static Bool
parse_range (register char const *const data, register char const *const prefix,
             register in_addr_range *const rangep)
{
  /*  find prefix  */
  register char const *p = substr (data, prefix);

  if(p)
    {
      p += strlen (prefix);

      if (! (p = scan_ip (p, &rangep->start)))
	fatal (2, "%s: Bad netblock starting address\n", pname);

      if (*p == '-')
	{
	  if (! (p = scan_ip (++p, &rangep->end)))
	    fatal (2, "%s: Bad netblock ending address\n", pname);
	}
      else
	{
	  /* Lifted from get_in_addr_range().  */
	  register unsigned long address = ntohl (rangep->start.s_addr);
	  register unsigned long byte_mask = 0xff;

	  do
	    {
	      address |= byte_mask;
	      byte_mask <<= 8;
	    }
	  while ((address & byte_mask) == 0);
	  rangep->end.s_addr = htonl (address);
	}
    }
  else
    return False;

  return True;
}


static void
initialize (void)
{
  mswinsock_init();

  if (!(protocol = getprotobyname (tcp)))
    fatal (1, "%s: Unknown protocol: %s\n", pname, tcp);

  if (!(service = getservbyname (whois_service, tcp)))
    fatal (1, "%s: Unknown service: %s\n", pname, whois_service);
}

static void
finalize (void)
{
  mswinsock_shutdown();
}

static int
process_ip_address (register in_addr addr)
{
  register char const *dotted_quad;

  dotted_quad = strdup (inet_ntoa (addr));
  printf ("Checking IP: %s\n", dotted_quad);
  probe(dotted_quad);
  return 0;
}

#if defined(RANGE_FUNC)

extern int
get_containing_block_range (register in_addr const addr,
                            register in_addr *const startp,
                            register in_addr *const endp);

int
get_containing_block_range (register in_addr const addr,
                            register in_addr *const startp,
                            register in_addr *const endp)
{
  register int result = 0;
  
  initialize ();
  process_ip_address (addr);
  finalize ();
  return result;
} 

#else /* !defined(RANGE_FUNC) */

static int
process_nic_handle (register char const *const arg)
{
  /*  use as nic handle
      may include a prefix that identifies which registry it belongs to  */
  
  return 0;
}

static int
process_cmd_arg (register char const *const arg)
{
  auto struct in_addr addr;

  if (my_inet_aton (arg, &addr))
   {
    register struct hostent *hp2;

      if ((hp2 = ip2name(arg, hp2)) == NULL)
            printf ("%s: rDNS fail for IP: %s\n", pname, arg);
	else
 		{
//	           printf ("%s: rDNS for IP: %s RDNs: %s\n", pname, hp2->h_name[0]);
		}

    return process_ip_address (addr);
    }
  /*  This test avoids unecessary DNS lookups, 
      at a loss of lookups on domain-less hostnames
      which will fall through and be treated as nic handles  */
  else if (strchr (arg, '.'))
    {
      register struct hostent *hp;

      if ((hp = my_gethostbyname (arg)) == NULL)
            fatal (2, "%s: Invalid unresolved hostname: %s\n", pname, arg);

      memcpy (&addr, hp->h_addr, sizeof addr);
      return process_ip_address (addr);
    }

  /*  use as nic handle
      may include a prefix that identifies which registry it belongs to  */
  else
   {
    register struct hostent *hp;

      if ((hp = my_gethostbyname (arg)) == NULL)
            fatal (2, "%s: Invalid hostname (no dot): %s\n", pname, arg);

      memcpy (&addr, hp->h_addr, sizeof addr);
      return process_ip_address (addr);
   }
}
//////////////////////////////////////////////////
//void probe(char *sockip)
void probe (register char const *sockip)
{
	int res=0;
      signal(SIGALRM, alarm_handler);
      alarm(socktimeout);
       printf ("Probing  %s\n", sockip);
   

      signal(SIGALRM, alarm_handler);
      alarm(longtime);

      if (wingate_mode)
	{
	res=wingate(sockip);
        printf ("WgtTelnet %s:23 Result=%d\n",sockip,res);

        res=ADMtelnet(inet_addr(sockip),23,sockip); 
        printf ("ADMTelnet %s:23 Result=%d\n",sockip,res);
 	}
     if (sock_mode)
	{
        res=mysockcheck(sockip); 
        printf ("Sock %s:1080 Result=%d\n",sockip,res);
 	}




/*
        sin.sin_addr.s_addr = inet_addr(host);
        if(sin.sin_addr.s_addr == INADDR_NONE)
        {
                he = gethostbyname(host);
                if(!he)
                {
                        close(sockfd2);
			printf ("Err: cannot gethostbyname: %s\n",host);
                        return 0;
                }
                memcpy(&sin.sin_addr, he->h_addr, he->h_length);
         }
*/


 



}
////////
void sockmain()
{
   
    FILE *in;
        FILE *server_file;
        int i;
         time_t  ct;
        char *sockfile;
        char sockip[1024];
        sockfile = DEF_FILE;  
     printf("========================\n");
     printf("sockcheck 0.3 by BigDawg\n");
     printf("========================\n");
      in = fopen(sockfile,"r"); 
     while(fgets(sockip,80,in))
     {
          if(sockip[0] == '\0')
{
                fclose(in);
                exit(1);
}
     sockip[strlen(sockip) -1] = '\0';
     toscan++;
}

fclose(in);
     printf("Loaded %i ips to scan\n",toscan);
     printf("\n");
     in = fopen(sockfile,"r");

     while(fgets(sockip,80,in))
     {
          if(sockip[0] == '\0')
		{
                fclose(in);
                exit(1);
		}
      sockip[strlen(sockip) -1] = '\0';
      signal(SIGALRM, alarm_handler);
      alarm(socktimeout);
      toscan--;
      printf("Scanning %s (%i more to go)\r",sockip,toscan);
      fflush(stdout);
      printf("                                                                  \r");
      mysockcheck(sockip);
      signal(SIGALRM, alarm_handler);
      alarm(longtime);
      }

printf("Done checking!\n");
printf("%i unsecure socks servers found\n",gatenum);
fclose(in);
exit(1);
}
///////////
int mysockcheck(char *host)
{
        FILE *ips;
        int s = 1000;
        int d;
        int r;
        int e;
        int f;
        int i = 0;
        int c;
        char keystring[] = {0x04, 0x01, 0x1A, 0x0B, 0xC7,
                      0x02, 0xD2, 0xF1, 0x62, 0x6C,
                      0x61, 0x68, 0x74, 0x65, 0x73, 0x74, 0x00};
        char hexstr[20];
        char tmpstr2[20] = "\0\0\0\0\0\0";
        char buf[20];
        fd_set gateset;
        struct timeval tv;
        struct in_addr MyHostAddr;
        struct hostent *he;
        struct sockaddr_in sin;
        sockfd2 = socket(AF_INET, SOCK_STREAM, 0);
        sin.sin_family = AF_INET;
        sin.sin_port = htons(1080);
        sin.sin_addr.s_addr = inet_addr(host);
        if(sin.sin_addr.s_addr == INADDR_NONE)
        {
                he = gethostbyname(host);
                if(!he)
                {
                        close(sockfd2);
			printf ("Err: cannot gethostbyname: %s\n",host);
                        return 0;
                }
                memcpy(&sin.sin_addr, he->h_addr, he->h_length);
         }
        signal(SIGALRM, alarm_handler);
        alarm(socktimeout);
        e = connect(sockfd2, (struct sockaddr *)&sin, sizeof(sin));
  	if (e < 0)
  	{
        	close(sockfd2);
		printf ("Err: port 1080 closed: %s\n",host);

        	return 0;
  	}
	 signal(SIGALRM, alarm_handler);   
  	alarm(longtime);
  	FD_ZERO(&gateset);
  	FD_SET(sockfd2, &gateset);
  	tv.tv_sec = 10;
  	tv.tv_usec = 0;  
  	d = select(sockfd2+1, NULL, &gateset, NULL, &tv); 
   	if(d == 0)
   	{
     		close(sockfd2);
		printf ("Err: socket 1080 slct fail: %s\n",host);

	        return 0;
   	}
        send(sockfd2, keystring, 17, 0);
  	tv.tv_sec = 10;
        tv.tv_usec = 0;
        f = select(sockfd2+2, &gateset, NULL, NULL, &tv);
        if (f)   
	{
        read(sockfd2, tmpstr2, 10);
        strcpy(hexstr, "HEX:");
           sprintf(buf, "%d ", tmpstr2[i]);
           strcat(hexstr, buf);
        if((tmpstr2[0] == 0x00)&&(tmpstr2[1] == 0x5a)&&(tmpstr2[2] == 0x00))
        {
        	close(sockfd2);
		gatenum++;
                printf("Unsecure socks server found on %s (server #%i) (%i left to scan)\n",host,gatenum,toscan);
                ips = fopen(OUT_FILE,"a");
                fputs(host, ips);
                fputs("\n", ips);
                fclose(ips);
		printf ("OK: SOCKEM port 1080 open: %s\n",host);

          	return 1;
        }
close(sockfd2);
return 0;
}
}            

/////////////////////
int wingate(char *host)
{
        int wgsock;
        int e;
        int d,i;
        FILE *ips;
        int numbytes;
        char buf[1024];
        struct in_addr MyHostAddr;
        struct hostent *he;
        struct sockaddr_in sin;
        fd_set gateset;
        struct timeval tv;
        sockfd = socket(AF_INET, SOCK_STREAM, 0);
        sin.sin_family = AF_INET;
        sin.sin_port = htons(23);
        sin.sin_addr.s_addr = inet_addr(host);
        if(sin.sin_addr.s_addr == INADDR_NONE)
        {
                he = gethostbyname(host);
                if(!he)
                {
                        close(sockfd);
			printf ("Err: cannot gethostbyname: %s\n",host);
                        return 0;
                }
                memcpy(&sin.sin_addr, he->h_addr, he->h_length);
        }
       e = connect(sockfd, (struct sockaddr *)&sin, sizeof(sin));
         if (e < 0)
        {
                close(sockfd);
		printf ("Err: port 23 closed: %s\n",host);

                return 0;
      }
  FD_ZERO(&gateset);
  FD_SET(sockfd, &gateset);
  tv.tv_sec = 10;
  tv.tv_usec = 0;
  d = select(sockfd+4, NULL, &gateset, NULL, &tv);
   if(d == 0)
   {
     close(sockfd);
	printf ("Err: socket 23 slct fail: %s\n",host);

     return 0;
   }
        numbytes = read(sockfd, buf, sizeof(buf));
        buf[numbytes] = '\0';
/*
	for (i=0;i<numbytes;i++)
	 {
	   printf ("%c ",buf[i]);
	   
          }
          printf ("\n");
*/
         if(numbytes == 9) {
                        numbytes = read(sockfd, buf, sizeof(buf));
                        buf[numbytes] = '\0';
                               if (strcmp(buf, "WinGate>") == 0)
			 {    
	        	close(sockfd);
                        gatenum++;
        	        printf("OK: Wingate> found on %s (gate #%i) (%i left to scan)\n",host,gatenum,toscan);
         		ips = fopen(OUT_FILE,"a");
               		fputs(host, ips);
                	fputs(":23 w\n", ips);
                	fclose(ips);
          		return 1;
			}
			else
			{
			 printf("OK: no wgate \n"); 	
			}
}

return 0;
}

//////////////////

int
ADMtelnet (u_long ip, int port, char *ipz)
{
  struct sockaddr_in sin;
  u_char buf[4000];
  int dasock, len;
  int longueur = sizeof (struct sockaddr_in);


  dasock = socket (AF_INET, SOCK_STREAM, IPPROTO_TCP);	/* gimme a socket */

  sin.sin_family = AF_INET;
  sin.sin_port = htons (port);
  sin.sin_addr.s_addr = ip;

 printf("ADM telnet to %s:%d \n",ipz,port);

  if (connect (dasock, (struct sockaddr *) &sin, longueur) == -1)
    { 
    printf("Cannot connect to %s:%d \n",ipz,port);
    return (-1); 
    }

  while (1)
    {
      memset (buf, 0, sizeof (buf));

      if ((len = read (dasock, buf, 1)) <= 0)
	break;

      if (*buf == (unsigned int) 255)
	{
	  read (dasock, (buf + 1), 2);
	  if (*(buf + 1) == (unsigned int) 253 && !(u_char) * (buf + 2));
	  else if ((u_char) * (buf + 1) == (unsigned int) 253)
	    {
	      *(buf + 1) = 252;
	      write (dasock, buf, 3);
	    }
	}
      else
	{
	  if (*buf != 0)
	    {
	      bzero (buf, sizeof (buf));
	      read (dasock, buf, sizeof (buf));
	      usleep(40000); if(!opts.truncate) printf("%s\n", buf); // js here we print the stuff
	if((strstr(buf, "Gate>") != NULL)) {
	if(!opts.truncate)
        printf("%s: SCAN: runs WINGATE>\n", myinet(ipz));
        return _WINGATE;
        }
	if((strstr(buf, "Red") != NULL)) {
	
	if(!opts.truncate)
	  printf("%s: SCAN: runs Red Hat linux.\n", myinet(ipz));
	return _REDHAT;
	}

        if((strstr(buf, "Linux") != NULL)) {
	if(!opts.truncate)
         printf("%s: SCAN: runs linux.\n", myinet(ipz));
        return _LINUX;
        }

        if((strstr(buf, "IRIX") != NULL)) {
	if(!opts.truncate)
         printf("%s: SCAN: runs IRIX.\n", myinet(ipz));
        return _IRIX;
        }
	if((strstr(buf, "AIX") != NULL)) {
	if(!opts.truncate)
	 printf("%s: SCAN: runs AIX.\n", myinet(ipz));
	return _AIX;
	}

        if((strstr(buf, "UNIX") != NULL)) {
	if(!opts.truncate)
        printf("%s: SCAN: runs solaris.\n", myinet(ipz));
        return _SOLARIS;
        }

        if((strstr(buf, "Sun") != NULL))
        {
	if(!opts.truncate)
         printf("%s: SCAN: runs solaris.\n", myinet(ipz));
        return _SOLARIS;
        }

        if((strstr(buf, "Open") != NULL)) {
	if(!opts.truncate)
         printf("%s: SCAN: runs OpenBSD.\n", myinet(ipz));
        return _OPENBSD;
        }

        if((strstr(buf, "FreeBSD") != NULL)) {
	if(!opts.truncate)
         printf("%s: SCAN: runs FreeBSD.\n", myinet(ipz));     
        return _FREEBSD;
        }
   
	      sleep (1);
	      return 1;
	    }

	}

    }
  return 0;
}



/////////////////
int
main (register int const argc, register char *const argv[])
{
  register int ch;
  register int option_errors = 0;

  pname = strrchr (argv[0], '/');
  pname = pname ? pname+1 : argv[0];

  initialize ();
  atexit (finalize);

  while ((ch = my_getopt (argc, argv, "aSvtlwsk:")) != EOF)
    {
      switch (ch)
	{
	case 'a':
        case 'S':
	  sock_mode = True;
	  wingate_mode = False;
	  break;

	case 'w':
	  wingate_mode = True;
	  /* fall through */
	case 's':
	  sock_mode = True;
//	  wingate_mode = False;

	  break;
	case 'v':
	  verbose_mode = True;
	  break;
	case 'l':
	  lookup_mode = True;
	  break;
	case 'T':
	  timeout = atoi (my_optarg);
	  break;
	case '?':
	  fprintf (stderr, "%s: Invalid option: -%c\n", pname, ch);
	  option_errors++;
	  break;
	}
    }

  if (option_errors)
    usage ();

  if (my_optind == argc)
    {
      fprintf (stderr, "%s: Missing argument\n", pname);
      usage ();
    }
  else if ((my_optind + 1) < argc)
    {
      fprintf (stderr, "%s: Too many arguments\n", pname);
      usage ();
    }

  printf("arg=%s \n",argv[1]);
  return process_cmd_arg (argv[my_optind]);

}

#endif /* !defined(RANGE_FUNC) */

////////////////////////////