code:

/* *ftpscan.c * *This program create some thread to scan anonymous FTP and Banner * *Copyright(C) 2002 Feng Zhikun */ #include <pthread.h> #include <sys/time.h> #include <sys/types.h> #include <sys/socket.h> #include <netinet/in.h> #include <arpa/inet.h> #include <unistd.h> #include <fcntl.h> #include <string.h> #include <errno.h> #include <stdio.h> #define BUF_LEN 255 #define THREAD_MAX_NUM 256 extern int errno; uint32_t startIP,endIP,k; pthread_mutex_t mut=PTHREAD_MUTEX_INITIALIZER; pthread_t thread[THREAD_MAX_NUM]; void *scanhost() { struct sockaddr_in saddr; int sockfd,flags,len,error,status,temp; char buf[BUF_LEN]; struct timeval timeout={10,0}; fd_set wmask,rmask; saddr.sin_port=htons(21); saddr.sin_family = AF_INET; pthread_mutex_lock(&mut); while (k<=endIP){ saddr.sin_addr.s_addr=htonl((uint32_t)k); pthread_mutex_unlock(&mut); if ((sockfd = socket(PF_INET,SOCK_STREAM,0))<0) { printf("Socket error\n"); exit(-1); } //printf("%d scanning...%s at %d\n",pthread_self(),inet_ntoa(saddr.sin_addr),sockfd); //fflush(stdout); FD_ZERO(&wmask); FD_SET(sockfd,&wmask); rmask = wmask; timeout.tv_sec = 10; timeout.tv_usec = 0; status = fcntl(sockfd,F_GETFL); fcntl(sockfd,F_SETFL,status|O_NONBLOCK); temp = connect(sockfd,(struct sockaddr *)&saddr,sizeof(saddr)); if (temp<0) { flags = select(sockfd+1,&rmask,&wmask,(fd_set *)NULL,&timeout); if (flags <= 0) { close(sockfd); pthread_mutex_lock(&mut); k++; continue; } if (FD_ISSET(sockfd,&rmask)||FD_ISSET(sockfd,&wmask)) { if (FD_ISSET(sockfd,&rmask)&&FD_ISSET(sockfd,&wmask)) { len = sizeof(error); temp = getsockopt(sockfd,SOL_SOCKET,SO_ERROR,&error,&len); if ((temp != 0)||(error != 0)) { close(sockfd); pthread_mutex_lock(&mut); k++; continue; } } } } bzero(buf,BUF_LEN); fcntl(sockfd,F_SETFL,status); if ((len = read(sockfd,buf,BUF_LEN)) >= 0) { if (strncmp(buf,"220",3)==0) { printf("%s -- %s",inet_ntoa(saddr.sin_addr),buf); write(sockfd,"user ftp\n",9); if ((len = read(sockfd,buf,BUF_LEN)) >= 0) { if (strncmp(buf,"331",3) == 0) { write(sockfd,"pass fzk@\n",10); if ((len = read(sockfd,buf,BUF_LEN)) >= 0) { if (strncmp(buf,"230",3) == 0) { printf("%d find a anonymous ftp at %s\n",pthread_self(),inet_ntoa(saddr.sin_addr)); fflush(stdout); close(sockfd); } } } } } } close(sockfd); pthread_mutex_lock(&mut); k++; } pthread_mutex_unlock(&mut); pthread_exit(NULL); } int create_thread() { int i=0,temp; pthread_t threadid[THREAD_MAX_NUM]; for (i=0;i<THREAD_MAX_NUM;i++) { pthread_mutex_lock(&mut); if (k > endIP) { pthread_mutex_lock(&mut); break; } pthread_mutex_unlock(&mut); pthread_create(&thread[i],NULL,scanhost,NULL); pthread_mutex_lock(&mut); k++; pthread_mutex_unlock(&mut); } temp = i; for (i=0;i<temp;i++) { pthread_join(thread[i],NULL); printf("Thread %d down\n",i); } return i; } int main(int argc,char *argv[]) { int i=0,thnum; if (argc != 3) { printf("Usage:%s startIP endIP\n",argv[0]); exit(-1); } startIP=ntohl(inet_addr(argv[1])); endIP=ntohl(inet_addr(argv[2])); if (startIP > endIP) { k = startIP; startIP = endIP; endIP = k; } k= startIP; printf("Create %d thread for scan host\n",THREAD_MAX_NUM); pthread_mutex_init(&mut,NULL); thnum = create_thread(); printf("down\n"); }

原文由 far 发表: 不好 代码没注释，而且编写的风格太差，看起来很累 代码可重用性太差

原文由 MIXTER 发表: 嗯,你果然是高手, 厉害, 佩服佩服!