#!/bin/sh

#
# $Id: cudscan,v 1.1.1.1 2008/03/17 09:18:45 raptor Exp $
#
# cudscan - Proof-of-concept of l33t X.25 CUD bruteforcer
# Copyright (c) 2008 Marco Ivaldi <raptor@0xdeadbeef.info>
#
# "Do what thou wilt shall be the whole of the Law." -- A. Crowley
#
# Quick'n'dirty proof-of-concept of an X.25 CUD bruteforcer. I'm proud 
# to confirm that X.25 hacking is still alive and kicking as of 2008;) 
# Dedicated to "my" beautiful lady z*
#
# Other l33t X.25 goodies: ADMscanLink.tgz, ADMx25_2.6.0.5.tar.gz, fvudu, 
# nuascan, padxploit.c, psibrute.com, revscan, vudu, x25bru.c, x25cat.pl,
# xotclient.tgz.
#

# Some vars (change them if needed)
tmp=vudu.tmp
valid=vudu.cud
pad=pad

# Response codes (SCO netX.25 pad)
com="Verbindung hergestellt"
comdte="Verbindungsdauer"
dte="Call cleared by remote DTE"
der="Remote DTE is out of order"
rpe="Remote procedure error"
na="Access barred"
nc="Network congestion"
occ="Remote DTE is busy"

# Command line
nuafile="$1"
if [ "$nuafile" = "" ]; then
        echo "err: specify a filename"
        exit 1
fi
cudfile="$2"
if [ "$cudfile" = "" ]; then
        echo "err: specify a filename"
        exit 1
fi

# Input control
if [ "`cat $nuafile 2>/dev/null`" = "" ]; then
        echo "err: corrupted input file"
        exit 1
fi
if [ "`cat $cudfile 2>/dev/null`" = "" ]; then
        echo "err: corrupted input file"
        exit 1
fi

# Interactive logging
echo ""
echo "*** VUDU X.25 Scanner for Unix ***"
echo ""
echo "[ Starting reading NUAs, CUDs from: ${nuafile}, ${cudfile} ]"

# Perform the scan
for nua in `cat $nuafile`
do
	for cud in `cat $cudfile` 
	do
		$pad $nua,$cud >$tmp 2>$tmp

# COM
        	if fgrep "$com" $tmp > /dev/null; then
                	echo "${nua},${cud}  (OK)"
                	echo "${nua},${cud}  (OK)" >> $valid
# COM+DTE
        	elif fgrep "$comdte" $tmp > /dev/null; then
                	echo "${nua},${cud}  COM+DTE"
                	echo "${nua},${cud}  COM+DTE" >> $valid
# DTE
        	elif fgrep "$dte" $tmp > /dev/null; then
                	echo "${nua},${cud}  DTE"
                	echo "${nua},${cud}  DTE" >> $valid
# DER
        	elif fgrep "$der" $tmp > /dev/null; then
                	echo "${nua},${cud}  DER"
                	echo "${nua},${cud}  DER" >> $valid
# RPE
        	elif fgrep "$rpe" $tmp > /dev/null; then
                	echo "${nua},${cud}  RPE"
                	echo "${nua},${cud}  RPE" >> $valid
# NA
        	elif fgrep "$na" $tmp > /dev/null; then
                	echo "${nua},${cud}  N/A"
                	echo "${nua},${cud}  N/A" >> $valid
# NC
        	elif fgrep "$nc" $tmp > /dev/null; then
                	echo "${nua},${cud}  NC"
                	echo "${nua},${cud}  NC" >> $valid
# OCC
        	elif fgrep "$occ" $tmp > /dev/null; then
                	echo "${nua},${cud}  OCC"
                	echo "${nua},${cud}  OCC" >> $valid
        	else
                	echo "${nua},${cud}"
        	fi
	done
done

rm $tmp
echo "[ Ended scan from files: ${nuafile}, ${cudfile} ]"
echo ""
