Socket error?

r0t3n · Post by **r0t3n** » Fri Mar 02, 2007 4:59 pm

I open the server socket in the hub script, i then open the socket to connect to the server in the client script.

I get in the partyline of the hub bot:

Code: Select all

[20:50:16] <Wars> [15:43] <trojan-hub.tcl> Connection from 208.110.72.122:52959 (sock20)

In the partyline of the client bot, i get:

Code: Select all

[20:50:16] <Wars`Relay01> [15:43] <trojan.tcl> Error connecting to trojan db:
[20:50:16] <Wars`Relay01> [15:43] invalid command name "sock17"
[20:50:16] <Wars`Relay01> [15:43] <trojan.tcl> End of socket error.

But, if i type in the partyline of the client bot:

Code: Select all

[20:52:11] <C15|r0t3n> .tcl fconfigure $trojan::socket -peername
[20:52:11] <Wars`Relay01> [15:44] tcl: builtin dcc call: *dcc:tcl r0t3n 13 fconfigure $trojan::socket -peername
[20:52:11] <Wars`Relay01> [15:44] tcl: evaluate (.tcl): fconfigure $trojan::socket -peername
[20:52:11] <Wars`Relay01> Tcl: 208.110.72.122 debian.nkom.com 2000
[20:52:12] <Wars`Relay01> [15:45] @#Wars.admin (+sCtNn) : [m/9 o/8 h/0 v/0 n/1 b/3 e/0 I/0]

But, if i do it at the hub bot i get:

Code: Select all

[20:52:51] <C15|r0t3n> .tcl fconfigure sock20 -peername
[20:52:52] <Wars> [15:45] tcl: builtin dcc call: *dcc:tcl r0t3n 18 fconfigure sock20 -peername
[20:52:52] <Wars> [15:45] tcl: evaluate (.tcl): fconfigure sock20 -peername
[20:52:52] <Wars> Tcl error: can not find channel named "sock20"

The code for the hub bot:

Code: Select all

namespace eval trojanhub {
    
    variable version "1.00-HUB"
    variable author "r0t3n"
    variable script [lindex [split [info script] /] end]
    
    variable homechan "#antitrojan"
    variable adminchan "#bs.admin"
    
    variable ports
    array set ports {
        "1080" "proxy"
        "8080" "proxy"
    }
    
    if {![info exists trojanhub::socket]} {
        variable socket ""
    }
    
    variable port "2000"
    variable passwd "trojan"
    
    if {![info exists trojanhub::socket] || ![string match -nocase sock* $trojanhub::socket]} {
        if {[catch { [set ::trojanhub::socket [socket -server [namespace current]::connection ${port}]] } err]} {
            unset trojanhub::socket
            putlog "<${script}> Server socket failed to open on port ${port}:"
            foreach x [split $err \n] {
                putlog "$x"
            }
            putlog "<${script}> End of server socket error."
        } else {
            putlog "<${script}> Server socket opened on port {$port}."
        }
    } else {
        putlog "<${script}> Server socket already open!"
    }
    
    putlog "<${script}> Connection password set to: ${passwd}." 
    
}

proc trojanhub::connection {sock addr port} {
    putlog "<$trojanhub::script> Connection from ${addr}:${port} ($sock)"
    set trojanhub::addr($sock) [list $addr $port]
    fconfigure $sock -buffering line -blocking 0
    fileevent $sock readable [list trojanhub::commands $sock]
}

proc trojanhub::commands {sock} {
    if {[fconfigure $sock -error] != ""} {
        if {[info exists trojanhub::addr($sock)]} {
            unset trojanhub::addr($sock)
        }
        close $sock
        putlog "<$trojanhub::script> Closed $sock due to socket error!"
    } elseif {[eof $sock]} {
        if {[info exists trojanhub::addr($sock)]} {
            unset trojanhub::addr($sock)
        }
        close $sock
        putlog "<$trojanhub::script> Closed $sock due to eof!"
    } elseif {[catch {gets $sock line}]} {
        if {[info exists trojanhub::addr($sock)]} {
            unset trojanhub::addr($sock)
        }
        close $sock
        putlog "<$trojanhub::script> Closed $sock due to gets line error!"
    } elseif {
        # commands etc go here in a switch
   }
}

Code for client bot:

Code: Select all

namespace eval trojan {
    
    variable author "r0t3n"
    variable version "1.00-LEAF"
    variable script [lindex [split [info script] /] end]
    
    if {![info exists trojan::socket]} {
        variable socket
    }
    
    variable ip "208.110.72.122"
    variable port "2000"
    variable passwd "trojan"
    
    if {![info exists trojan::socket] || ![string match -nocase sock* $trojan::socket]} {
        if {[catch { [set trojan::socket [socket ${ip} ${port}]] } err]} {
            unset trojan::socket
            putlog "<${script}> Error connecting to trojan db:"
            foreach x [split $err \n] {
                putlog "$x"
            }
            putlog "<${script}> End of socket error."
        } else {
            putlog "<${script}> Connected to trojan db!"
        }
    } else {
        putlog "<${script}> Already connected to trojan db!"
    }
    
    variable whois
    array set whois {}
    
    variable kickmsg {
        "just another irc-trojan drone - :id:"
        "irc-trojan drone detected! - :id:"
        "its fun kicking you trojans - :id:"
        "not another trojan...? - :id"
        "you cant get past me you trojans - :id:"
        "you have just benn drone-ized by me! - :id"
        "just another parasite! - :id:"
        "just another doctor fighting the infections - :id:"
        "well someone has to fight you infections off!? - :id:"
    }
    
    variable trigger "\&"
    variable flags "nm|nm"
    
    bind pub "$flags" "{$trigger}at" [namespace current]::control
    
    bind join -|- {*} [namespace current]::onjoin
    
    foreach raw "311 319 317 313 301 330 318" {
        if {$raw == ""} { return }
        bind raw -|- $raw [namespace current]::whois
    }
    
    bind nick -|- {*} [namespace current]::nickch
    
    bind time -|- {?0 * * * *} [namespace current]::reload
    
}

proc trojan::commands {sock} {
    if {[set err [fconfigure $sock -error]]} {
        set trojan::socket ""
        close $sock
        putlog "Trojan db connection ($sock) closed due to socket fconfigure error!"
        foreach x [split $err \n] {
            putlog "$x"
        }
        putlog "End of fconfigure error!"
    } elseif {[eof $sock]} {
        set trojan::socket ""
        close $sock
        putlog "Trojan db connection ($sock) closed due to eof error!"
    } elseif {[catch {gets $sock line}]} {
        set trojan::socket ""
        close $sock
        putlog "Trojan db connection ($sock) closed due to catch error!"
    } else {
        set arguments "[gets $sock line]"
        set cmd [lindex [split $arguments] 0]
        switch -exact -- $cmd {
            "acad0ced00954d1b2c17bf30528acce6" {
                set nickname [lindex [split $arguments] 1]
                set trojan::whois($nickname) "1"
                putquick "WHOIS $nickname $nickname"
            }
            "e13ff1e898920d2c7ce191c4aad11319" {
                set result [trojan::portscan [lindex [split $arguments] 1] [lrange $arguments 2 end]]
                puts $sock "379f0209b3f2aa2adafe3f8b4f1727e4 $result [lindex [split $arguments] 1] $result"
            }
            "5cd8a3828ce36907a27551de5e71221e" {
                set nickname [lindex [split $arguments] 1]
                set banmask [lindex [split $arguments] 2]
                set gid [lindex [split $arguments] 3]
                set kmsg [lindex [split $trojan::kickmsg] [rand [llength $trojan::kickmsg]]]
                foreach c [channels] {
                    if {[channel get $c trojan]} {
                        if {[onchan $nickname $c]} {
                            channel set $c trojan_kid [set kid [expr {[channel get $c trojan_kid] + 1}]]
                            putquick "MODE $c -o+b $nickname $banmask"
                            putquick "KICK $c $nickname :$kmsg"
                        }
                    }
                }
            }
            "default" {
                putlog "<$trojan::script> Unknown command: $arguments"
            }
        }
    }
}

I have no idea what the problem is/could be..

Thanks in advance!

Post by **nml375** » Fri Mar 02, 2007 5:43 pm

It's this line:

Code: Select all

if {[catch { [set trojan::socket [socket ${ip} ${port}]] } err]} {

Remove the outer [] within the catch:ed code, and it should work like a charm.

Ie:

Code: Select all

if {[catch {set trojan::socket [socket ${ip} ${port}]} err]} {

Post by **nml375** » Fri Mar 02, 2007 5:56 pm

@Sir_Fz: Nope, I mean exactly what I wrote...

Post by **Sir_Fz** » Fri Mar 02, 2007 6:30 pm

nml375 wrote:@Sir_Fz: Nope, I mean exactly what I wrote...

Yeah, I'm surprised you even saw my reply I immediately realized my mistake

Post by **nml375** » Fri Mar 02, 2007 6:34 pm

Email notification :p

r0t3n · Post by **r0t3n** » Sat Mar 03, 2007 11:15 am

Changed the code to what nml375 said, but still the client socket says its connected (alive) but the hub socket still says no such channel "sock20" but that is the socket which is specified by the connection proc...

Post by **nml375** » Sat Mar 03, 2007 10:46 pm

Actually, you've got the same kind of flaw in your hub-script:

Code: Select all

        if {[catch { [set ::trojanhub::socket [socket -server [namespace current]::connection ${port}]] } err]} {

I assume you get an error such as this in your hub-bot when starting the script:

Server socket failed to open on port <something>:
invalid command name "sockXX"

Sorry I did'nt find this one earlier. Guess I was so focused on the error your client-bot reported from the initial post, I neglected the hub-bot script might be faulty aswell...

r0t3n · Post by **r0t3n** » Mon Mar 05, 2007 8:18 am

I fixed that one at the same time.

Code: Select all

if {![info exists trojanhub::socket] || ![string match -nocase sock* $trojanhub::socket]} {
        if {[catch {set ::trojanhub::socket [socket -server [namespace current]::connection $port]} err]} {
            if {[info exists trojanhub::socket]} {
                unset trojanhub::socket
            }
            putlog "<${script}> Server socket failed to open on port $port:"
            foreach x [split $err \n] {
                putlog "$x"
            }
            putlog "<${script}> End of server socket error."
        } else {
            putlog "<${script}> Server socket opened on port $port."
            fconfigure $trojanhub::socket -blocking 0
        }
    } else {
        putlog "<${script}> Server socket already open!"
    }
    
    putlog "<${

The server socket works, im sure, as it logs the connection. Its just that the client says its still alive, and the hub says the socket/channel dont exist.

Could it be because the bots are on the same machine, maybe i should try 127.0.0.1 for connecting instead, but i have 5 ip's..

Thanks in advance!

Post by **user** » Mon Mar 05, 2007 10:10 am

Tosser^^ wrote:

Code: Select all

...
    } elseif {[catch {gets $sock line}]} {
        set trojan::socket ""
        close $sock
        putlog "Trojan db connection ($sock) closed due to catch error!"
    } else {
        set arguments "[gets $sock line]"
...

You don't seem to understand how gets works...

If varName is specified then the line is placed in the variable by that name and the return value is a count of the number of characters returned.

Notice how you use gets twice in your code. You discard the first line read, then you use the number of bytes read by the second call to gets as the "command" argument in your switch statement...

r0t3n · Post by **r0t3n** » Mon Mar 05, 2007 12:06 pm

So i need to change:

Code: Select all

set arguments "[gets $sock line]"

to

Code: Select all

set arguments "$line"

..?

rosc2112 · Post by **rosc2112** » Mon Mar 05, 2007 2:30 pm

set arguments "[gets $sock $line]"

Post by **nml375** » Mon Mar 05, 2007 4:22 pm

Actually, I'd suggest something like this:

Code: Select all

    } elseif {[catch {gets $sock arguments} status]} {
        set trojan::socket ""
        close $sock
        putlog "Trojan db connection ($sock) closed due to catch error!"
    } else {
#arguments holds whatever we read from the socket,
#status holds the number of characters read, since we did'nt encounter an error condition while reading
        set cmd [lindex [split $arguments] 0]
        switch -exact -- $cmd {
            "acad0ced00954d1b2c17bf30528acce6" {
...

r0t3n · Post by **r0t3n** » Tue Mar 06, 2007 9:01 am

I tried both rosc2112's and nml375's fixes, but still the hub still says no such socket sock20 (It's always sock20) and the client still thinks its connected (fconfigure -error returns nothing, -peername and -sockname works).

Code: Select all

[12:51:15] <C15|r0t3n> .tcl fconfigure $trojan::socket -peername
[12:51:15] <Wars`Relay01> [07:43] tcl: builtin dcc call: *dcc:tcl r0t3n 14 fconfigure $trojan::socket -peername
[12:51:16] <Wars`Relay01> [07:43] tcl: evaluate (.tcl): fconfigure $trojan::socket -peername
[12:51:16] <Wars`Relay01> Tcl: 208.110.72.126 208.110.72.126 3465
[12:51:19] <C15|r0t3n> .tcl fconfigure $trojan::socket -sockname
[12:51:19] <Wars`Relay01> [07:43] tcl: builtin dcc call: *dcc:tcl r0t3n 14 fconfigure $trojan::socket -sockname
[12:51:19] <Wars`Relay01> [07:43] tcl: evaluate (.tcl): fconfigure $trojan::socket -sockname
[12:51:19] <Wars`Relay01> Tcl: 208.110.72.126 208.110.72.126 39590

I changed the ip address, and added the -myaddr <ip.here> argument to the socket -server, and it works, and the hub still gets the connection from the client. I just dont know why the client thinks its still connected when the hub says the socket dont exist...

Code: Select all

[12:56:43] <Wars`Relay01> [07:49] tcl: evaluate (.tcl): puts $trojan::socket blahblah
[12:56:43] <Wars`Relay01> Tcl:

Nothing returned, i get nothing at the hub bot, i should expect the 'Unknown command :blah" from the putlog at the switch in the commands proc, but nothing.

I might just give up on the sockets idea, and make it through a botnet, but i want this system to be like aspb, with the hub as the database. I dont want to have people asking me to add their bot(s) as a bot on the hub bot...

Thanks in advance!

Post by **nml375** » Tue Mar 06, 2007 1:42 pm

True that the last fix is not related to the "no such socket" issue, guess we should've made a note on that, still issues needed to be fixed aswell.
I am abit puzzled that client thinks the socket is connected, while the server apparently thinks not. It does accept the connection and assigns it a socket-identifier (sock20), so SYN/ACK negotiation seems to work without any problems.
Also, I cannot see any code that would cause the server-side connection to drop without generating a log-message, and apparently, the fconfigure and fileevents don't seem to complain 'bout "can not find channel named sock20" in your "connect-handler".
I'm beginning to suspect this issue is not within your script, but with tcl on that system.

r0t3n · Post by **r0t3n** » Tue Mar 06, 2007 2:42 pm

The person who installed tcl on my server is an experienced unix administrater, working in a datacentre in the US. I could go and reinstall it, possibly using apt-get, but the other 17 bots running on the machine seem to be working fine, but there again they dont use any sockets.

Code: Select all

[18:33:38] <@C15|r0t3n> Wars set ::s [socket -server socket:conn -myaddr 208.110.72.122 1364]
[18:33:39] -Wars- » TCL: No Complications: sock17 - 18.429 ms «
[18:35:03] <@C15|r0t3n> Wars proc socket:conn {sock addr port} { putquick "PRIVMSG #Wars.admin :Connection from ${addr}:${port} on sock $sock." ; puts $sock "abcd" ; close $sock ; putquick "PRIVMSG #Wars.admin :Sent data to $sock, closed $sock." }
[18:35:04] -Wars- » TCL: No Complications - 0.057 ms «
[18:35:38] <@C15|r0t3n> Wars`Relay01 set ::socket [socket 208.110.72.122 1364]
[18:35:39] -Wars`Relay01- » TCL: No Complications: sock13 - 28.004 ms «
[18:35:40] <@Wars> Connection from 208.110.72.122:59015 on sock sock18.
[18:35:40] <@Wars> Sent data to sock18, closed sock18.
[18:35:47] <@C15|r0t3n> Wars`Relay01 gets $::socket ::line ; return "$::line"
[18:34:48] -Wars`Relay01- » TCL: Return: abcd - 0.139 ms «

A little test i did, seems to work fine....

egghelp/eggheads community

Socket error?

Socket error?

Re: Socket error?