exploit the possibilities
Showing 1 - 1 of 1 RSS Feed

Files

pasvagg.pl
Posted Jul 24, 2000
Authored by H D Moore | Site digitaloffense.net

Passive Agression is a perl proof-of-concept exploit for downloading other user's files from FTP servers without needing thier authentication. It works against servers that use passive connections for data transfers and fail to check the incoming address of the data connection. It first attempts to determine the server-side data port incrementation rate and then guesses at the next port, makes a connection, and saves the retrieved data to a file. This does not work against M$ boxen, but is fairly impressive when run against large public FTP servers. A much more sinister purpose would be to snag confidential files being passed between corporate networks at scheduled times, like end of the day batch processing of customer orders, or crontab'd FTP backups.

tags | exploit, perl
MD5 | 40e4c6f40135e9d7fa06da90c1ccab3a
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close