said:

Im making a fuzzer for FTP and il build in more protocols in the future such as SMTP, this is just the base and its not even fully finished yet so feel free to add bits of code and help where possible.

#pyFuzz FTP Edition
#Xinapse
#iexploit.org
# 0.0.1
import socket

size = int(raw_input('Enter the buffer size: '))
buffer = ['A']
ip = raw_input('Enter the target IP: ')
buffer.append('A' * size)
commands= ['MKD']

for command in commands:
    for string in buffer:
        print 'Sending '+command+' with size '+ str(len(string))
        s= socket.socket(socket.AF_INET,socket.SOCK_STREAM)
        connect = s.connect((ip, 21))
        s.recv(1024)
        s.send(command+' '+string+'\r\n')
        s.recv(1024)
        s.send('QUIT ftp \r\n')
        s.close()

Lookin pretty good. I see my python socket tutorial helped you a bit ;P

what exactly is a fuzzer? i might add something if i knew what direction i could take it :) at the moment it looks like it's connecting, spamming 'MKD A\r\n', quiting and repeating. is it part of the functionality to re-connect? and attempt to make the same directory over and over?
http://www.gifshare.com/uploads/images/20060911/thumb/6082_PsyduckNormalSprite.gif

I'll definitely help. What other functions do you want the fuzzer to have?

said:

#! /usr/bin/env python
#
# pyFuzz FTP Edition
# Xinapse
# http://iexploit.org/
# 0.0.3

import sys
import time
import random
from ftplib import FTP as _ftp
from ftplib import all_errors as all_ftp_errors

def main():
    try:
        buf_size = int(raw_input('Enter the buffer size: '))
    except ValueError:
        sys.exit('Error: Buffer size input must be numeric!')
    target_ip = raw_input('Enter the target IP: ')
    
    before_time = time.time()
    fuzz_ftp(buf_size, target_ip)
    print 'Finished fuzz in %.4F seconds.' % (time.time() - before_time)
    
def fuzz_ftp(buf_size, target_ip):
    ftp_cmds = [
        'MKD', 'GET', 'STOR', 'ABOR', 'CWD',
        'DELE', 'LIST', 'MDTM', 'NLST', 'PASS',
        'PASV', 'PORT', 'PWD', 'RETR', 'RMD',
        'RNFR', 'RNTO', 'SITE', 'SIZE', 'STOR',
        'TYPE', 'USER',
    ]
    ftp = None
    try:
        ftp = _ftp(target_ip)
        ftp.login()
        for cmd in ftp_cmds:
            for buf_n in range(buf_size):
                ftp.voidcmd('%s %d' % (cmd, random.random()))
                
    except all_ftp_errors, e:
        if ftp:
            ftp.close()
        sys.exit('FTP Error: %s' % (str(e)))
    ftp.close()

if __name__ == \"__main__\":
    main()

changes:

* using ftplib instead of implementing 0.1% of rfc959 badly
* code is more pythonic
* handles exceptions better and more fully
* dies on exception
* now uses random arguments
* branched ftp fuzzing code into its own function
* calculates time taken to fuzz

Note: ftplib might be troublesome for fuzzing because it handles things 'legitimately'; might need testing/comparing.

code requiring an actual ftp connection hasn't been tested but should work. see here for ftplib.

Good job, i havented used ftp lib before so il need to familiarize myself with it, the only problem with using it is that it cant be ported across to things like smtp

said:

Good job, i havented used ftp lib before so il need to familiarize myself with it, the only problem with using it is that it cant be ported across to things like smtp

yeah good point, but that's why i stressed moving the ftp functions to fuzz_ftp() (fuzz_ftp() is the only place using ftplib) so you could add a fuzz_smtp() using the socket module and call it from main() beneath the fuzz_ftp() call and it'll be timed aswell. there's also smtplib which might make it a bit easier, unless you wanna keep using socket for more control (ftplib/smtplib handle lots of things that might be troublesome to spamming, such as waiting for return data, which is useless if not required).