==============================================================================
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
--------------------[ previous ]---[ index ]---[ next ]---------------------
----------------------------------[ WU-THANG ]--------------------------------
----------------------------------[ del0rean ]--------------------------------
/*
[wu-thang] - vulnerable wu-ftp scanner by del0rean@usa.net -
ripped from BiT - easter 99 rippin'session - 10^10x to bELFaghor
./z0ne -o f0nk.net > eepees &
./wu-thang eepees &
cat t0b30wN3d
bye!
*/
#include <stdio.h>
#include <stdlib.h>
#include <netdb.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netinet/ip.h>
#include <string.h>
#include <signal.h>
#define FTPP0RT 21
#define VULN_VER1 "Version wu-2.4.2-academ[BETA-18](1)"
#define VULN_VER2 "Version wu-2.4.2-academ[BETA-12]"
#define VULN_VER3 "Version wu-2.4.2-academ[BETA-18-VR6]"
int ftp(char *host);
unsigned long int res(char *p);
void timeout(int sig);
void wri(char *ver);
void scan(char *i);
char tobeowned[]="t0b30wN3d"; /* 31337 0utf1le :) */
void main(int argc, char **argv) {
if(argc<2) {
printf("Wu-thang Wu-2.4.2 scanner\n");
printf("usage: %s < I n F i l e > \n", argv[0]);
return;
}
scan(argv[1]);
printf(".-|[d0ne!]|-.\n");
}
int ftp(char *host) {
struct sockaddr_in server_addr;
int s,check=0;
char buffer[300];
server_addr.sin_addr.s_addr=res(host);
server_addr.sin_family=AF_INET;
server_addr.sin_port = htons(FTPP0RT);
s=socket(AF_INET,SOCK_STREAM,0);
connect(s,(struct sockaddr *) &server_addr,sizeof(server_addr));
signal(SIGALRM,(void *)timeout);
alarm(5);
read(s,buffer,sizeof(buffer));
if(strstr(buffer,VULN_VER1)) {
wri(VULN_VER1);
return 1;
}
if(strstr(buffer,VULN_VER2)) {
wri(VULN_VER2);
return 1;
}
if(strstr(buffer,VULN_VER3)) {
wri(VULN_VER3);
return 1;
}
return 0;
}
unsigned long int res(char *p) {
struct hostent *h;
unsigned long int rv;
h=gethostbyname(p);
if(h!=NULL)
memcpy(&rv,h->h_addr,h->h_length);
else
rv=inet_addr(p);
return rv;
}
void timeout(int sig) {
printf("Timeout! referee...\n");
return 0;
}
void wri(char *ver) {
FILE *aut;
char *version=ver;
if((aut=fopen(tobeowned,"a")) != NULL) {
fputs(version,aut);
fclose(aut);
}
}
void scan(char *i) {
FILE *iff, *of;
char buf[512];
char w0w[]={" It seems vuln...search for a writeable dir!\n"};
if((iff=fopen(i,"r")) == NULL)
perror("In English");
while(fgets(buf,512,iff) != NULL)
{
if(buf[strlen(buf)-1]=='\n')
buf[(strlen(buf)-1)]=0;
if(ftp(buf) && (of=fopen(tobeowned,"a")) != NULL) {
buf[strlen(buf)+1]=0;
buf[strlen(buf)]='\n';
fputs(w0w,of);
fputs(buf,of);
fclose(of);
}
}
fclose(iff);
}
--------------------[ previous ]---[ index ]---[ next ]---------------------
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
==============================================================================