Skip to content
This repository has been archived by the owner on Nov 1, 2023. It is now read-only.

Commit

Permalink
CVE-2020-8416 DoS fix and antispam system improvement. Official v0.2.0
Browse files Browse the repository at this point in the history
  • Loading branch information
kolya5544 committed Jan 29, 2020
1 parent 171e8ff commit 9965337
Show file tree
Hide file tree
Showing 4 changed files with 229 additions and 38 deletions.
53 changes: 53 additions & 0 deletions BearFTP/Active.cs
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
using System;
using System.Collections.Generic;
using System.Text;

namespace BearFTP
{
class Active
{
public string hostname = "";
public int connected = 0;

public Active(string hostname, int connected)
{
this.hostname = hostname;
this.connected = connected;
}

public static bool CheckExists(string hostname, List<Active> list)
{
foreach (Active act in list)
{
if (act.hostname == hostname)
{
return true;
}
}
return false;
}

public static int GetConnections(string hostname, List<Active> list)
{
foreach (Active act in list)
{
if (act.hostname == hostname)
{
return act.connected;
}
}
return -1;
}

public static void SetConnections(string hostname, List<Active> list, int connections)
{
foreach (Active act in list)
{
if (act.hostname == hostname)
{
act.connected = connections;
}
}
}
}
}
199 changes: 168 additions & 31 deletions BearFTP/Program.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,14 +42,22 @@ class Program
public static Directory root = new Directory();

//Current version
public static string _VERSION = "v0.1.0 BETA";
public static string _VERSION = "v0.2.0 BETA";

//Default log.
public static StreamWriter logfile = new StreamWriter("log.txt", true);

//Dictionary of passvie clients (clients with PASV mode. Used to communicate directly later.)
public static Dictionary<Client, Connectivity> passives = new Dictionary<Client, Connectivity>();

//List of connections per second from hostname
public static List<Active> per_second = new List<Active>();
//List of overall connections from hostname
public static List<Active> actives = new List<Active>();

//List of overall connections to PASV
public static List<Active> pasv_actives = new List<Active>();

/// <summary>
/// Reports an IP
/// </summary>
Expand Down Expand Up @@ -296,6 +304,23 @@ static void Main(string[] args)
}
}
})).Start();
//Connections per seconds (antibot) handling
new Thread(new ThreadStart(() => {
Thread.CurrentThread.IsBackground = true;
while (true)
{
Thread.Sleep(1000);
for (int i = 0; i < per_second.Count; i++)
{
if (per_second[i].connected > 0)
{
per_second[i].connected -= 1;
}
}
// Console.WriteLine("[DBG] Iterated per_second!");
}
})).Start();
ftp.Start();
pasv.Start();
new Thread(() =>
Expand All @@ -312,6 +337,53 @@ static void Main(string[] args)
StreamWriter sw = new StreamWriter(ns);
sw.AutoFlush = true;
string hostname = ((IPEndPoint)client.Client.RemoteEndPoint).Address.ToString();
if (Active.CheckExists(hostname, actives))
{
if (Active.GetConnections(hostname, actives) >= 5)
{
client.Close();
if (Ban)
{
var aaa = new Ban();
aaa.hostname = hostname;
aaa.time = 3600;
bans.Add(aaa);
}
}
else
{
Active.SetConnections(hostname, actives, Active.GetConnections(hostname, actives) + 1);
}
}
else
{
actives.Add(new Active(hostname, 1));
}
if (Active.CheckExists(hostname, per_second))
{
if (Active.GetConnections(hostname, per_second) >= 5)
{
client.Close();
if (Ban)
{
var aaa = new Ban();
aaa.hostname = hostname;
aaa.time = 3600;
bans.Add(aaa);
}
}
else
{
Active.SetConnections(hostname, per_second, Active.GetConnections(hostname, per_second) + 1);
}
}
else
{
per_second.Add(new Active(hostname, 1));
}
new Thread(new ThreadStart(() =>
{
Expand All @@ -325,9 +397,9 @@ static void Main(string[] args)
string directory = "/";
bool Authed = false;
bool passive = false;
int error = 10;
string hostname = ((IPEndPoint)client.Client.RemoteEndPoint).Address.ToString();
int error = 5;
//AbuseDBIP.com API
bool hacking = false;
bool bruteforce = false;
Expand All @@ -343,25 +415,26 @@ static void Main(string[] args)
client.Close();
}
}
catch {
catch
{
}
try
{
Thread.Sleep(100);
Log("Connected - " + hostname, "in", true, hostname);
LogWrite("220 "+config.Banner.Replace("%host%", Hostname)+"\r\n", sw, hostname);
LogWrite("220 " + config.Banner.Replace("%host%", Hostname) + "\r\n", sw, hostname);
while (client.Connected)
{
Thread.Sleep(100);
//Receiving handler START
string answ = "";
bool flag = true;
while (flag)
{
int a = sr.Read();
Expand All @@ -379,7 +452,7 @@ static void Main(string[] args)
//Receiving handler END
//Command processing.
if (answ.Length > 3) //We dont want dummies to spam/DDoS.
if (answ.Length >= 3) //We dont want dummies to spam/DDoS.
{
Log(answ, "in", true, hostname);
}
Expand All @@ -393,12 +466,12 @@ static void Main(string[] args)
bans.Add(aaa);
client.Close();
}
var a = ReportAsync(hostname, "["+DateTime.Now.ToString("MM/dd/yyyy HH:mm:ss") + "] " + "System scanning (Proxy judging) using CONNECT or GET requests", false, false, true, true, false);
var a = ReportAsync(hostname, "[" + DateTime.Now.ToString("MM/dd/yyyy HH:mm:ss") + "] " + "System scanning (Proxy judging) using CONNECT or GET requests", false, false, true, true, false);
a.Start();
}
if (answ.Length > 64)
if (answ.Length > 128)
{
client.Close();
}
Expand Down Expand Up @@ -549,7 +622,7 @@ static void Main(string[] args)
LogWrite("150 Ok to send data.\r\n", sw, hostname);
Thread.Sleep(100);
// byte[] file = aaaa.content;
//Encoding.ASCII.GetChars(file);
//Encoding.ASCII.GetChars(file);
// connn.sw.Write(chars, 0, file.Length);
// connn.tcp.Close();
SendFile(aaaa, connn.sw);
Expand Down Expand Up @@ -678,10 +751,14 @@ static void Main(string[] args)
}
else
{
error--;
if (error <= 0)
if (answ.Length >= 3)
{
client.Close();
error--;
if (error <= 0)
{
client.Close();
}
}
}
if (answ.Contains("php") && triggered)
Expand All @@ -700,20 +777,22 @@ static void Main(string[] args)
bans.Add(aaa);
client.Close();
}
var a = ReportAsync(hostname, "["+DateTime.Now.ToString("MM/dd/yyyy HH:mm:ss") + "] " + "RCE Attempt at 21 port using ProFTPd exploit", true, false, false, false, false);
var a = ReportAsync(hostname, "[" + DateTime.Now.ToString("MM/dd/yyyy HH:mm:ss") + "] " + "RCE Attempt at 21 port using ProFTPd exploit", true, false, false, false, false);
a.Start();
}
}
}
catch (Exception e)
{
client.Close();
c.Connected = false;
}
Active.SetConnections(hostname, actives, Active.GetConnections(hostname, actives) - 1);
}
)).Start();
}
Expand Down Expand Up @@ -742,33 +821,89 @@ static void Main(string[] args)
StreamWriter sw = new StreamWriter(ns);
sw.AutoFlush = true;
string hostname = "";
string hostname = ((IPEndPoint)client.Client.RemoteEndPoint).Address.ToString();
try
{
if (bans.Any(ban => ban.hostname == hostname))
{
client.Close();
}
}
catch
{
}
if (Active.CheckExists(hostname, pasv_actives))
{
if (Active.GetConnections(hostname, pasv_actives) >= 3)
{
client.Close();
if (Ban)
{
var aaa = new Ban();
aaa.hostname = hostname;
aaa.time = 3600;
bans.Add(aaa);
}
}
else
{
Active.SetConnections(hostname, pasv_actives, Active.GetConnections(hostname, pasv_actives) + 1);
}
}
else
{
pasv_actives.Add(new Active(hostname, 1));
}
Thread user = new Thread(new ThreadStart(() =>
{
Thread.CurrentThread.IsBackground = true;
Client c = new Client("1", "2", "3");
try
{
bool ispresent = false;
foreach (Client cl in connected)
{
if (cl.hostname == ((IPEndPoint)client.Client.RemoteEndPoint).Address.ToString() && cl.Connected)
if (cl.hostname == hostname && cl.Connected)
{
c = cl;
ispresent = true;
}
}
Connectivity ca = new Connectivity();
ca.sr = sr;
ca.sw = sw;
ca.tcp = client;
passives.Add(c, ca);
while (client.Connected)
if (!ispresent)
{
Thread.Sleep(3000);
client.Close();
}
else
{
Connectivity ca = new Connectivity();
ca.sr = sr;
ca.sw = sw;
ca.tcp = client;
passives.Add(c, ca);
/* while (client.Connected)
{
Thread.Sleep(3000);
}*/
for (int i = 0; client.Connected; i++)
{
Thread.Sleep(1000);
if (i >= 120)
{
client.Close();
passives.Remove(c);
}
}
client.Close();
passives.Remove(c);
}
client.Close();
passives.Remove(c);
}
catch (Exception e)
{
Expand All @@ -778,7 +913,9 @@ static void Main(string[] args)
passives.Remove(c);
}
}
Active.SetConnections(hostname, pasv_actives, Active.GetConnections(hostname, pasv_actives) - 1);
}
));
user.Start();
Expand Down
Loading

0 comments on commit 9965337

Please sign in to comment.