Home

Awesome

Introduction

I created this project as part of my thesis, where I presented computer security and it’s importance in the modern world. I tested the fuzzyftp on different FTP servers with a goal of finding existing vulnerabilities to prove that fuzzyftp can be used to find vulnerabilities in real world FTP servers.

The table below presents the FTP servers and existing vulnerabilities that I was able to detect with Peach and Sulley FTP input file. The first column presents the FTP server and version I was testing, the second column presents an existing vulnerability, where the third and forth columns present the numbers 0 or 1 based on whether the vulnerability was found by Sulley or Peach (by using my input files defining FTP protocol).

FTP ServerKnown VulnerabilitiesSulleyPeach
SlimFTPd 3.15CWD01
STOR01
MKD01
STAT01
Other010
None00
EasyFTP 1.7.0.11CWD11
LIST11
MKD11
DELE11
STOR11
RNFR11
RMD11
XRMD11
NLST11
APPE11
RETR11
SIZE11
XCWD11
Cesar FTP 0.99gMKD01
Serv-U 4.1.0.0MDTM00

From the table above, we can see that Peach found more vulnerabilities than Sulley by using the same specification of the FTP protocol.

This repository holds the following files for presenting the FTP protocol:

Aditionally, the repository also contains input files for Vulnserver:

Usage

To use the input files into the Sulley/Peach generic fuzzers, you first have to download the fuzzers. The instructions for downloading the fuzzers:

If we would like to use Peach, we need to follow these steps:

  1. Install Peach agent on computer where FTP server is running.

  2. Install Peach on computer from where we'll be testing the FTP server (can be the same computer).

  3. Edit the ftp.xml and change the IP address of the Peach agent as well as the command that will restart the FTP server once it becomes unavailable (on crash).

<Agent name="AgentRemote" location="http://10.1.1.169:9001">
<Monitor name="AgentDebugger" class="debugger.WindowsDebugEngine">
    <Param name="CommandLine" value="C:\Users\eleanor\Desktop\easyftp\ftpbasicsvr.exe /nontservice" />
</Monitor>
</Agent>
  1. Run Peach and wait for a crash, which will be logged and we can take a look at it later.
# python peach.py ftp.xml