2010
09.20

Very Simple FTP Fuzzer

Category: Research / Tag:  / Add Comment

Written in Python, i try to make a simple fuzzer for FTP server. This script will try to fuzz the commands like APPE, USER, LIST, CWD, etc..you can find all commands here ;)

This script is simply a modified version from muts simple ftp fuzzer during offsec training :D

Hope you like it :)

#!/usr/bin/env python

########################################################
# Very Simple FTP Fuzzer                               #
# this is a modified version from simple ftp fuzzer    #
# coded by muts    #
#                                                      #
# thx: amalia, oebaj, offsec, xecureit, jasakom, 0x70y #
########################################################

import sys, socket
from optparse import OptionParser

usage = "./%prog -t [target] -p [port] -u [ftp user] -P [ftp passwd] -c [command to fuzz]"
usage += "\nContoh: ./%prog -t 192.168.10.10 -p 21 -u ftp -P ftp -c APPE"
parser = OptionParser(usage=usage)
parser.add_option("-p", type="string", action="store", dest="port",
		help="Port to connect")
parser.add_option("-t", type="string", action="store", dest="target",
		help="The target server")
parser.add_option("-u", type="string", action="store", dest="username",
		help="FTP username")
parser.add_option("-P", type="string", action="store", dest="password",
		help="FTP password")
parser.add_option("-c", type="string", action="store", dest="fuzz",
		help="Command to Fuzz ")
(options, args) = parser.parse_args()

def banner():
	print "\n\t\t|------------------------------------------------------------------|"
	print "\t\t|	  	      Very Simple FTP Fuzzer			   |"
	print "\t\t|------------------------[ by modpr0be ]---------------------------|"
	print "\t\t|-----------------[ modpr0be[at]postnix[dot]org ]------------------|"
	print "\t\t|-------------------[ originally coded by muts ]-------------------|"
	print "\t\t|------------------------------------------------------------------|\n"

if len(sys.argv) < 4:
	banner()
	parser.print_help()
	sys.exit(1)

def cmd():
	for string in buffer:
		print "Fuzzing command " + (options.fuzz) + ": " +str(len(string))
		s=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
		connect=s.connect((options.target, 21))
		s.recv(1024)
		s.send('USER '+(options.username)+'\r\n')
		s.recv(1024)
		s.send('PASS '+(options.password)+'\r\n')
		s.recv(1024)
		s.send((options.fuzz) + ' ' + string + '\r\n')
		s.recv(1024)
		s.send('bye\r\n')
		s.close()

banner()
buffer = ["A"]
counter = 100
while len(buffer) <=100:
	buffer.append("A" * counter)
	counter = counter + 100
cmd()

#\2010\09\modpr0be\

Download Very Simple FTP Fuzzer

Related Post

1 comment so far

Add Your Comment
  1. avatar
    Reply
    SolarFTP 2.0 Denial of Service Vulnerability | Spentera said: 2012.04.09 10:08

    [...] Very Simple FTP Fuzzer, we test the FTP server with various commands. The first command that we sent was APPE (append). [...]

Your Comment