邪恶八进制信息安全团队技术讨论组's Archiver

EvilOctal 2005-8-9 10:00

[转载]Tiny MSN fuzzer (passwd demo)

信息来源:[url]http://class101.org/MSN_fuzzer.zip[/url]

[code]/*
C:\>msn_fuzzer test_at_mail.com testpasswd
[.] Resolving.....: messenger.hotmail.com = 65.54.239.140


[.] Connected.....: 207.46.4.25:1863
[.] HTTPS.........: unauthorized (login/passwd)
[.] Disconnection..

C:\>msn_fuzzer test_at_mail.com testpasswd -v
[.] Resolving.....: messenger.hotmail.com
[.] Resolving.....: messenger.hotmail.com = 65.54.239.140
[.] Connecting....: 65.54.239.140:1863
[.] Connected.....: logging (test_at_mail.com)
[.] Connected.....: 207.46.4.33:1863
[.] Connected.....: logging (test_at_mail.com)
[.] Connected.....: challenge string OK
[.] HTTPS.........: unauthorized (login/passwd)
[.] Disconnection..

C:\>msn_fuzzer test_at_mail.com testpasswd -vv
[.] Resolving.....: messenger.hotmail.com
[.] Resolving.....: messenger.hotmail.com = 65.54.239.140
[.] Connecting....: 65.54.239.140:1863
[.] Connected.....: 65.54.239.140:1863
[.] Connected.....: logging (test_at_mail.com)
[.] Connected.....: buffer #1
[.] Connected.....: buffer #2
[.] Connected.....: buffer #3
[.] Transferred...: 207.46.4.92:1863
[.] Connected.....: 207.46.4.92:1863
[.] Connected.....: logging (test_at_mail.com)
[.] Connected.....: buffer #1
[.] Connected.....: buffer #2
[.] Connected.....: buffer #3
[.] Connected.....: challenge string OK
[.] HTTPS.........: subconnection #1 (nexus.passport.com)
[.] HTTPS.........: retrieving login server
[.] HTTPS.........: retrieving login server (success)
[.] HTTPS.........: subconnection #2 (loginnet.passport.com)
[.] HTTPS.........: retrieving hash ticket
[.] HTTPS.........: unauthorized (login/passwd)
[.] Disconnection..

C:\>msn_fuzzer 207.46.4.92 1863 test_at_mail.com testpasswd -vv
[.] Connecting....: 207.46.4.92:1863
[.] Connected.....: 207.46.4.92:1863
[.] Connected.....: logging (test_at_mail.com)
[.] Connected.....: buffer #1
[.] Connected.....: buffer #2
[.] Connected.....: buffer #3
[.] Connected.....: challenge string OK
[.] HTTPS.........: subconnection #1 (nexus.passport.com)
[.] HTTPS.........: retrieving login server
[.] HTTPS.........: retrieving login server (success)
[.] HTTPS.........: subconnection #2 (loginnet.passport.com)
[.] HTTPS.........: retrieving hash ticket
[.] HTTPS.........: unauthorized (login/passwd)
[.] Disconnection..

etc,etc..

The C code might be used to fuzze some MSN clients, bruteforce, etc,
etc...

demonstration:

[url]http://class101.org/MSN_fuzzer.zip[/url]
*/
#include <stdio.h>
#include <string.h>
#include <io.h>
#include <afxext.h>
#include <afxinet.h>
#include <winsock2.h>
#pragma comment(lib, "ws2_32")
#pragma comment(lib, "mpr")
#pragma comment(lib, "wininet")

void ver(),usage(),error(),foot(),done(SOCKET s);
int vb1=0,vb2=0,port,i,j,l00p=0;
char
*ar0,*ar1,*ar2,*ar3,*ar4,*ar5,*one,*pwd,*mail,mail_[128],mail__[128],newip[1
5],newport[5];
hostent* one_;
WSADATA wsadata;

int engine1(char *one,int port,char *mail,int argc);

int main(int argc,char *argv[])
{
ver();

ar0=argv[0],ar1=argv[1],ar2=argv[2],ar3=argv[3],ar4=argv[4],ar5=argv[5];
if (argc==1){usage();return 0;}[/code]

页: [1]
© 1999-2008 EvilOctal Security Team