codice:
#include "common.h"
#include <time.h>
#include "ip.h"
int compare(char *_ipstr, char *_filename);
int result(void);
FILE *list, *res;
char *nmap_out = "/tmp/.ftpscan";
#define IPBUFSIZ 15
main(int argc, char **argv)
{
if (argc != 3)
exit(1);
if ((list = fopen(argv[1], "a+")) == NULL) {
fprintf(stderr, "Cannot open file %s.\n", argv[1]);
exit(1);
}
if ((res = fopen(argv[2], "a")) == NULL) {
fprintf(stderr, "Cannot open file %s.\n", argv[2]);
exit(1);
}
ip _ip = ipcreate();
srand(time(NULL));
while (1) {
iprand(_ip); /* L'ip ha un valore casuale */
char _ipstr[IPBUFSIZ+1];
ip2str(_ip, _ipstr); /* l'ip viene trasformato in una stringa */
if (compare(_ipstr, argv[1]) == -1)
continue;
char check[] = "ping ";
strcat(check, _ipstr);
if (system(check)) {
fprintf(stderr, "\x1B[1mUnknown host %s\x1B[0m\n\n", _ipstr);
continue;
}
char cmd[] = "nmap --script ftp-bounce -n -Pn -p 21 ";
strcat(cmd, _ipstr);
strcat(cmd, " > ");
strcat(cmd, nmap_out);
printf("Scanning host %s ...\n", _ipstr);
system(cmd);
char case0[] = "Bounce supported!\n";
char case1[] = "Bounce only supported on >1024 ports.\n";
char case2[] = "Bounce not supported.\n";
switch (result()) {
case 0:
printf("\x1B[4m%s\x1B[0m: \x1B[32%s\x1B[0m\n", _ipstr, case0);
if (fputs(strcat(strcat(_ipstr, " : "), case0), res) == EOF) {
fprintf(stderr, "Error in logging IP %s in %s\n.", _ipstr, argv[1]);
exit(5);
}
break;
case 1:
printf("\x1B[4m%s\x1B[0m: \x1B[33%s\x1B[0m\n", _ipstr, case1);
if (fputs(strcat(strcat(_ipstr, " : "), case1), res) == EOF) {
fprintf(stderr, "Error in logging IP %s in %s\n.", _ipstr, argv[1]);
exit(5);
}
break;
case 2:
printf("\x1B[4m%s\x1B[0m: \x1B[31%s\x1B[0m\n", _ipstr, case2);
break;
}
strcat(_ipstr, "\n");
if (fputs(_ipstr, list) == EOF) {
fprintf(stderr, "Error in logging IP %s in %s\n.", _ipstr, argv[1]);
exit(6);
}
}
}
int compare(char *_ipstr, char *_filename)
{
char _ipbuf[IPBUFSIZ+1];
while (1) {
if (fgets(_ipbuf, IPBUFSIZ+1, list) != NULL) {
if (!strcmp(_ipbuf, _ipstr))
return -1;
} else if (ferror(list)) {
fprintf(stderr, "Cannot read %s.\n", _filename);
exit(2);
} else
return 0;
}
}
int result(void) {
FILE *tmp;
if ((tmp = fopen(nmap_out, "r")) == NULL) {
fprintf(stderr, "Cannot open file %s.\n", nmap_out);
exit(3);
}
long pos = ftell(tmp);
fseek(tmp, 0, SEEK_END);
int size = ftell(tmp);
fseek(tmp, pos, SEEK_SET);
char *tmpbuf;
if ((tmpbuf = malloc(size)) == NULL) {
fprintf(stderr, "Not enough memory.\n");
exit(4);
}
int rcode;
if (strstr(tmpbuf, "ftp-bounce: no banner") != NULL)
rcode = 2;
else if (strstr(tmpbuf, "ftp-bounce: server forbids bouncing to low ports <1025") != NULL)
rcode = 1;
else if (strstr(tmpbuf, "ftp-bounce: bounce working") != NULL)
rcode = 0;
else
rcode = 2;
free(tmpbuf);
return rcode;
}