Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <stdio.h>
- #include <sys/types.h>
- #include <strings.h>
- #include <stdlib.h>
- #include <sys/socket.h>
- #include <netinet/in.h>
- #include <netdb.h>
- #include <unistd.h>
- char *genStr(int length) {
- int i = 0;
- char *shit = malloc(sizeof(char) * length);
- for(i = 0; i < length; i++) {
- shit[i] = rand() % 128;
- } return shit;
- }
- void login(int mySocket, char *myUser, char *myPass) {
- char *user = malloc(sizeof(char) * 512);
- char *pass = malloc(sizeof(char) * 512);
- sprintf(user, "USER %s\r\n", myUser);
- sprintf(pass, "PASS %s\r\n", myPass);
- write(mySocket, user, strlen(user));
- write(mySocket, pass, strlen(pass));
- }
- void fuzz(int mySocket) {
- char fuzzerArgs[][20] = {
- "ABOR", "APPE", "AUTH", "CDUP",
- "CWD", "DELE", "EPRT", "EPSV",
- "FEAT", "HELP", "LIST", "MDTM",
- "MKD", "NLST", "NOOP", "OPTS",
- "PASS", "PASV", "PBSZ", "PORT",
- "PROT", "PWD", "QUIT", "REST",
- "RETR", "RMD", "RMFR", "SITE",
- "SITE CHGRP", "SITE HELP", "SITE MKDIR",
- "SITE SYMLINK", "SITE UTIME", "SITE CHMOD",
- "SITE RMDIR", "SIZE", "STAT", "STOR",
- "STOU", "SYST", "TYPE", "USER", "XCUP",
- "XCWD", "XMKD", "XPWD", "XRMD"
- };
- int len = rand() % 512;
- char *cmd = fuzzerArgs[rand()%47];
- char *fuzz = malloc(sizeof(char) * (len + strlen(cmd) + 4));
- sprintf(fuzz, "%s %s\r\n", cmd, genStr(len));
- if(write(mySocket, fuzz, strlen(fuzz)) > 0) {
- printf("> %s (%d)\n", cmd, len);
- } else {
- printf("write() failed\n");
- }
- bzero(fuzz, (len + strlen(cmd) + 4));
- }
- int main() {
- int i, fuzzSock, portno;
- struct sockaddr_in serv_addr;
- struct hostent *server;
- char buff[512];
- portno = 21;
- server = gethostbyname("127.0.0.1");
- bzero((char *)&serv_addr, sizeof(serv_addr));
- serv_addr.sin_family = AF_INET;
- serv_addr.sin_port = htons(portno);
- printf("Fuzzing FTP server running on 127.0.0.1[21]\n\n");
- for(;;) {
- fuzzSock = socket(AF_INET, SOCK_STREAM, 0);
- if(connect(fuzzSock, (struct sockaddr *)&serv_addr, sizeof(serv_addr)) < 0) {
- printf("Error: connect()\n"); exit(1);
- }
- login(fuzzSock, "z0x", "p4ssw0rt");
- recv(fuzzSock, &buff, 512, 0);
- sleep(1);
- for(i=0; i<10; i++) {
- fuzz(fuzzSock);
- sleep(1);
- bzero(&buff, 512);
- recv(fuzzSock, &buff, 512, 0);
- sleep(1);
- }
- close(fuzzSock);
- }
- return 0;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement