bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/windows/dos/38317.txt
Offensive Security d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
2017-11-24 20:56:23 +00:00

30 lines
No EOL
1.4 KiB
Text
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

********************************************************************************************
# Exploit Title: FreshFTP .QFL Local DOS(While Parsing).
# Date: 9/15/2015
# Exploit Author: Un_N0n
# Software Vendor : http://www.freshwebmaster.com/
# Software Link: http://www.freshwebmaster.com/download.html
# Version: 5.52
# Tested on: Windows 7 x86(32 BIT)
********************************************************************************************
[Steps to Produce the Crash]:
1- Goto Directory in which freshftp is installed.
2- create a file "Test.QFL"
3- paste in the following contents in it:
'''
FFD QUEUE «AJ»
AAAAA....upto 66666(bigger the file, more the resource usage)
'''
4- Save the file.
5- open freshftp.exe
6- When freshftp is started it looks for QFL file to load it, in this case, freshFTP suffers a
DOS condition due to unexpected format of the QFL file.
7- there is another case, sometimes freshftp won't load QFL on the startup, so to perform DOS
in this case, goto Queue-> Open Queue -> Browse the QFL file, DOS Condition occurs.
8- At the next startup, freshFTP will look for QFL file before starting therefore DOS condition
again.
This DOS condition leads to very high CPU Usage as well as RAM usage which can harm your system
so test carefully.
***********************************************************************************************
Reference in a new issue View git blame Copy permalink