Kamis, 30 Desember 2010

Scanner FTP Vulnerability

#!/usr/bin/python

import socket


def bo(bo_com, bo_size, bo_type):
ncom = len(bo_com)
nsize = len(bo_size)
ntype = len(bo_type)
for ia in range(0,ncom):
var = str(bo_com[ia]) + " "
for ib in range(0,ntype):
var1 = str(bo_type[ib]) + " "
for ic in range(0,nsize):
var2 = (bo_size[ic])
buffer = var + var1
s.send(buffer * var2 +"\r\n")
msgbo = s.recv(3)
if msgbo != "500":
print("Buffer Oveflow")
print ("Command " + var)
print s.recv(1024)
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect(("127.0.0.1",21))
s.recv(1024)
s.send("user ftp\r\n")
s.recv(1024)
s.send("pass ftp\r\n")
s.recv(1024)

bo_com = ["QUOTE","MGET","MPUT","ABOR","ACCT","ALLO","APPE","AUTH","CWD","CDUP","DELE","FEAT","HELP","HOST","LANG","LIST","MDTM","MKD","MLST","MODE","NLST","NLST -al","NOOP","OPTS","PASV","PORT","PROT","PWD","REIN","REST","RETR","RMD","RNFR","RNTO","SIZE","SITE","SITE CHMOD","SITE CHAWN","SITE EXEC","SITE INDEX","SITE MSG","SITE PSWD","SITE ZONE","SITE WHO","SMNT","STAT","STOR","STOU","STRU","SYST","TYPE","XCUP","XCRC","XCWD","XMKD","XPWD","XRMD"]
bo_size = [100,500,1000,5000,10000,50000]
bo_type = ["A","\n","/n","!A","../",".././","@",""]
bo(bo_com, bo_size, bo_type)
print s.recv(1024)

Tidak ada komentar:

Posting Komentar