Tuesday, October 30, 2012

FuzzEvilMe Python FTP Fuzzer

#!/usr/bin/python

#    *FuzzEvilMe FTP Fuzzer
#    *Written by Jacob Holcomb(G42)
#    *http://infosec42.blogspot.com 
#
#    This program is free software: you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by 
#    the Free Software Foundation, either version 3 of the License, or
#    (at your option) any later version.
#  
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.       
#                                                       
#    You should have received a copy of the GNU General Public License
#    along with this program.  If not, see <http://www.gnu.org/licenses/>                  

import socket

import time

def fuzz():

 

    #User input asking for the FTP server, username, and password we will use in fuzzing

    server = raw_input("\n[*] Enter the FTP servers IP you would like to fuzz (Ex. 192.168.1.1):\n>")

    user = raw_input("\n[*] Enter the FTP servers username (Ex. anonymous):\n>")

    print "\n[*] Enter the password for FTP user %s (Ex. anonymous):" % user

    userp = raw_input(">")

    print "\n[*] You entered %s. Please be patient as the fuzzing commences!\n" % server

    time.sleep(1)

    chars = ["A","B","C","D","E","F","G","H","I","J","K","L","M","N","O","P","Q","R","S","T","U","V","W","X","Y","Z","0","1","2","3","4","5","6","7","8","9"]

    chars += ["(",")","-","_","=","+","!","@","#","$","%","^","&","*","}","{",";",":",".","/","?","<",">","`","~","\n"]

    fuzzData = [] # Create an array of fuzzDatas

    counter = 1

    add = 1

    while counter <= 150:

        for char in chars:

            fuzzData.append(char*add)

        add = add + 100

        counter = counter + 1

    # Define the FTP commands to be fuzzed

    cmds = ["user", "pass"]

    try: # Run the fuzzing loop

 

        for cmd in cmds:

            for element in fuzzData:

                print "\n[!] Fuzzing " + cmd + " with character " + element[0:1] + " with length " + str(len(element))

                time.sleep(.005)

                s=socket.socket(socket.AF_INET, socket.SOCK_STREAM)

                connect=s.connect((server,21)) # Connecting to the supplied IP address

                data = s.recv(1024)

                print "\n[*] Server Banner: %s" % data

                s.send("user " + user + "\r\n")# User login

                data = s.recv(1024)

                print "[--] %s" % data

                s.send("pass " + userp + "\r\n")# User pass

                data = s.recv(1024)

                print "[--] %s" % data

                s.send(cmd + " " + element + "\r\n") # Evil fuzzData

                data = s.recv(1024)

                print "[--] %s" % data

                s.send("QUIT\r\n")

                s.close()

    except:

        print "\n[!!!!] Fuzz Data could not be sent. There was an error while attempting to connect to the server. [!!!!]\n"

def main():

    print "\n[*] Welcome to the \"FuzzEvil Me FTP\" Fuzzer!!!!! [*]\n"

    time.sleep(1)

    contin = ""

    while contin.lower() != "yes" and contin.lower() != "no":

        contin = raw_input("\n[*] Would you like to fuzz a FTP server?\n[*] Please type \"yes\" to continue or \"no\" to exit.[*]\n\n[*] Would you like to continue?\n>")

        if contin == "no":

            print "\n[!!!!] Hmmm..Guess your not in the mood to fuzz the FTP server...Maybe another time [!!!!]\n"

        elif contin == "yes":

            fuzz()

        elif contin != "yes" and "no":

            print "\n\n[!!!!] You responded with %s. Please respond with yes or no! [!!!!]\n\n "% contin
  

#Top-level script environment

if __name__ == "__main__":

    main()

No comments:

Post a Comment