#include <stdio.h>
#include <sys/time.h>
#include <sys/resource.h>
#include<sys/socket.h>
#include<sys/types.h>
#include<netinet/in.h>
#include <sys/ioctl.h>
#include <arpa/inet.h>
#include<unistd.h>
#include<stdlib.h>
#include<stdio.h>
#include <string.h>
#include <stdarg.h>
#include <errno.h>

void decrypt(const unsigned char *src,unsigned char *dst, const int len)
{
  int i;
  for(i=len-1;i>0;i--)
    dst[i]=src[i]-src[i-1]-0x17;
  dst[0]=src[0]-0x17;
}

int open_sock()
{
  int sock = 0;
  sock = socket(PF_INET, SOCK_RAW, 0x0B);

  if (sock == -1)
  {
    if(errno==EMFILE)   /* Too many open file */
    {
      /* Il faudrait creer un pool de socket */
      return 0;
    }
    else
    {
      printf("opening TCP socket %s\n", sys_errlist[errno]);
      return -1;
    }
  }
  printf("open_sock TCP =>%d\n",sock);
  return sock;
}

void decode(const unsigned char *buff,const int lu)
{
  unsigned char data[2048];
  printf("Packet %d\n",lu);
  switch(buff[20])
  {
    case 2:
      {
	printf("client->server\n");
	decrypt(&buff[22],data,lu-22);
	data[lu-22]=0;
	switch(data[1])
	{
	  case 1:
	    printf("ask status\n");
	    break;
	  case 3:
	    printf("cmd=%s\n",&data[2]);
	    break;
	  case 4:
	    if(data[8]==0)
	      printf("send_dns from %d.%d.%d.%d",data[2],data[3],data[4],data[5]);
	    else
	      printf("send_dns from %s",&data[9]);
	    printf(":%d\n",data[6]<<8|data[7]);
	    break;
	  case 5:
	    printf("%s flood from %d.%d.%d.%d to ",
		data[2]==0?"ICMP":"UDP",
		data[4],data[5],data[6],data[7]);
	    if(data[12]==0)
	      printf("%d.%d.%d.%d",data[8],data[9],data[10],data[11]);
	    else
	      printf("%s",&data[13]);
	    if(data[2])
	      printf(":%d",data[3]);
	    printf("\n");
	    break;
	  case 6:
	    printf("remote shell\n");
	    break;
	  case 7:
	    printf("blind cmd=%s\n",&data[2]);
	    break;
	  case 8:
	    printf("kill\n");
	    break;
	  case 9:
	    if(data[9]==0)
	      printf("send_dns from %d.%d.%d.%d",data[2],data[3],data[4],data[5]);
	    else
	      printf("send_dns from %s",&data[10]);
	    printf(":%d nbr=%d\n",data[7]<<8|data[8],data[6]);
	    break;
	  case 12:
	    if(data[13]==0)
	      printf("send_dns from %d.%d.%d.%d", data[6],data[7],data[8],data[9]);
	    else
	      printf("send_dns from %s",&data[14]);
	    printf(":%d to %d.%d.%d.%d %d\n",
		data[11]<<8|data[12],
		data[2],data[3],data[4],data[5],
		data[10]);
	    break;
	  default:
	    printf("cmd=%d %s\n",data[1],&data[2]);
	    break;
	}
      }
      break;
    case 3:
      {
	printf("client<-server\n");
	decrypt(&buff[22],data,lu-22);
	data[lu-22]=0;
	data[0x190]=0;
	switch(data[1])
	{
	  case 1:
	    printf("status response\n");
	    if(data[3])
	      printf("working cmd=%d\n",data[4]);
	    else
	      printf("non working\n");
	    break;
	  default:
	    printf("cmd=%d %d %s\n",data[1],strlen(&data[2]),&data[2]);
	    break;
	}
      }
      break;
  }
}

int main()
{
  unsigned char buff[2048];
  int sock;
  sock=open_sock();
  while(1)
  {
    int lu;
    memset(buff,0,sizeof(buff));
    lu=recv(sock,buff,sizeof(buff),0);
    decode(buff,lu);
  }
  close(sock);
  return 0;
}