lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 2 Feb 2004 19:29:20 +0800
From: "lion" <lion@...onker.net>
To: "bugtraq" <bugtraq@...urityfocus.com>
Subject: [HUC] Serv-U FTPD 3.x/4.x "SITE CHMOD" Command remote exploit V2.0

/*
*-----------------------------------------------------------------------
* 
* Servu.c - Serv-U FTPD 3.x/4.x "SITE CHMOD" Command
* Remote stack buffer overflow exploit
*
* Copyright (C) 2004 HUC All Rights Reserved.
*
* Author   : lion
*          : lion@...onker.net
*          : http://www.cnhonker.com
* Date     : 2004-01-25
* Update   : 2004-02-01 v2.0 Change decode and target, can attack windows XP now.
*          : 2004-01-25 v1.0 Can attack Serv-U v3.0.0.20~v4.1.0.11
* Tested   : Windows 2000 Server EN/GB
*          :	 + Serv-U v3.0.0.20~v4.1.0.11
*          : Windows XP GB
*          :     + Serv-U 4.x
* Notice   : *** Bug find by kkqq kkqq@...57.org ***
*          : *** You need a valid account and a writable directory. ***
* Complie  : cl Servu.c
* Usage	   : Servu <-i ip> <-t type> [-u user] [-p pass] [-d dir] [-f ftpport] [-c cbhost] [-s shellport]
*------------------------------------------------------------------------
*/

        lion
        lion@...onker.net
          2004-02-02

Download attachment "servu.c" of type "application/octet-stream" (14727 bytes)

Powered by blists - more mailing lists