int ftp_siteexec(int sock,char*buff,int buff_len,int q,char*ans,int ans_len){
ftp_send(sock,buff,buff_len,q,ans,ans_len);
if(strncmp(ans,"200-",4)==0)
ftp_recv(sock,NULL,0,1);
else
ftp_recv(sock,ans,ans_len,0);
if(strncmp(ans,"200-",4)){
fprintf(stderr,"Cannot find site exec response string\n");
exit(1);
}
return 0;
}
int ftp_send(int sock,char*what,int size,int f,char*ans,int ans_size){
int n;
n=send(sock,what,size,0);
if(n!=size){
fprintf(stderr,"ftp_send: failed to send. expected %d, sent %d\n", size,n);
shutdown(sock,2);
close(sock);
exit(1);
}
if(f)
return ftp_recv(sock,ans,ans_size,0);
return 0;
}
/***************************************************************************************************************************
**函数名称: ftp_accept_fn
**函数功能:
**入口参数:
**返回参数:
***************************************************************************************************************************/
err_t ftp_accept_fn(void *arg, struct tcp_pcb *newpcb, err_t err)
{
LIBMCU_DEBUG(ETHERNTE_DEBUG,("\r\n ftp_accept_fn"));
ftp_info.ftpRAWControl = newpcb;
ftp_info.poll = ftp_poll_fn;
ftp_info.recv = ftp_recv_fn;
ftp_info.sent = ftp_sent_fn;
ftp_info.connected = ftp_connected_fn;
ftp_arg(&ftp_info,(void *)ftp_in);
ftp_recv(&ftp_info);
ftp_poll(&ftp_info,1);
ftp_sent(&ftp_info);
send_msg(msg220);
return ERR_OK;
}
void ftp_login(int sock,char*u_name,char*u_pass)
{
char buff[2048];
printf("loggin into system..\n");
snprintf(buff,2047,"USER %s\r\n", u_name);
ftp_send(sock, buff,strlen(buff),1,buff,2047);
printf(GREEN"USER %s\n"NORM"%s",u_name,buff);
snprintf(buff,2047,"PASS %s\r\n",u_pass);
printf(GREEN"PASS %s\n"NORM,*u_pass=='\x90'?"<shellcode>":u_pass);
ftp_send(sock,buff,strlen(buff),1,buff,2047);
while(strstr(buff,"230 ")==NULL){
(void)bzero(buff,2048);
ftp_recv(sock,buff,2048,0);
}
printf("%s",buff);
return;
}
int main(int argc, char* argv[])
{
struct sockaddr_in in;
struct in_addr s;
int fd, localfile, cmd, flag;
unsigned long filesize = 0;
struct stat st_buf;
char path[MAX_LINE];
if (argc != 3) {
printf("client ip port\n");
return 0;
}
in.sin_family = AF_INET;
inet_pton(AF_INET, argv[1], &s);
in.sin_addr = s;
in.sin_port = htons(atoi(argv[2]));
fd = socket(AF_INET, SOCK_STREAM, 0);
if (fd < 0) {
perror("socket");
exit(-1);
}
if (connect(fd, (struct sockaddr*)&in, sizeof(struct sockaddr)) < 0) {
perror("connect");
exit(-1);
}
printf("connect to server...\n");
cmd = ftp_cmd(fd, RECV_CMD, &cmd, &filesize, path);
if (cmd == REQUEST_SEND) {
stat(path, &st_buf);
filesize = st_buf.st_size;
}
cmd = ftp_cmd(fd, SEND_CMD, &cmd, &filesize, path);
if (cmd == REQUEST_SEND)
flag = O_RDONLY;
else if (cmd == REQUEST_RECV)
flag = O_RDWR|O_CREAT|O_TRUNC;
else if (cmd == REQUEST_RM) {
printf("remove[%s]:",path);
fprintf(stderr, "remove file %s\n", path);
unlink(path);
goto end;
}else
flag = O_RDWR;
localfile = open(path, flag, 0666);
if (localfile == -1) {
perror("open");
exit(-1);
}
if (cmd == REQUEST_SEND) {
printf("send[%s]:",path);
if (ftp_send(fd, localfile, filesize) == -1)
perror("ftp_send");
}else if (cmd == REQUEST_RECV) {
printf("recv[%s]:",path);
if (ftp_recv(fd, localfile, filesize) == -1)
perror("ftp_recv");
}else {
fprintf(stderr, "unknow command\n");
}
end:
close(fd);
close(localfile);
}