Created
January 3, 2016 21:10
-
-
Save riza/b6bd7d696f4ade61e010 to your computer and use it in GitHub Desktop.
simple ftp fuzzer
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import socket | |
| class bcolors: | |
| HEADER = '\033[95m' | |
| OKBLUE = '\033[94m' | |
| OKGREEN = '\033[92m' | |
| WARNING = '\033[93m' | |
| FAIL = '\033[91m' | |
| ENDC = '\033[0m' | |
| BOLD = '\033[1m' | |
| UNDERLINE = '\033[4m' | |
| def main(): | |
| print(bcolors.OKGREEN + "\n[*] fuzzTP Simple FTP Fuzzer" + bcolors.ENDC) | |
| print(bcolors.OKGREEN + "[*] github.com/rizasabuncu\n" + bcolors.ENDC) | |
| host = raw_input(bcolors.HEADER + "|-> Enter host: " + bcolors.ENDC) | |
| port = input(bcolors.HEADER + "|-> Enter port: " + bcolors.ENDC) | |
| fuzz(host,int(port)) | |
| def fuzz(host,port): | |
| buffer=["A"] | |
| counter=2 | |
| while len(buffer) <= 30: | |
| buffer.append("A"*counter) | |
| counter=counter+100 | |
| commands=["MKD","GET","STOR"] | |
| for command in commands: | |
| for string in buffer: | |
| print(bcolors.OKBLUE + "|-> Sending the " + command + " command with " + str(len(string)) + " bytes." + bcolors.ENDC) | |
| s=socket.socket(socket.AF_INET,socket.SOCK_STREAM) | |
| connect=s.connect((host,port)) | |
| s.recv(1024) | |
| s.send('USER ftp\r\n') | |
| s.recv(1024) | |
| s.send('PASS ftp\r\n') | |
| s.recv(1024) | |
| s.send(command+' '+string+'\r\n') | |
| s.recv(1024) | |
| s.send('QUIT ftp \r\n') | |
| s.close() | |
| main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment