Bugtraq mailing list archives
[HUC] Serv-U FTPD 3.x/4.x "SITE CHMOD" Command remote exploit V2.0
From: "lion" <lion () cnhonker net>
Date: Mon, 2 Feb 2004 19:29:20 +0800
/* *----------------------------------------------------------------------- * * Servu.c - Serv-U FTPD 3.x/4.x "SITE CHMOD" Command * Remote stack buffer overflow exploit * * Copyright (C) 2004 HUC All Rights Reserved. * * Author : lion * : lion () cnhonker net * : http://www.cnhonker.com * Date : 2004-01-25 * Update : 2004-02-01 v2.0 Change decode and target, can attack windows XP now. * : 2004-01-25 v1.0 Can attack Serv-U v3.0.0.20~v4.1.0.11 * Tested : Windows 2000 Server EN/GB * : + Serv-U v3.0.0.20~v4.1.0.11 * : Windows XP GB * : + Serv-U 4.x * Notice : *** Bug find by kkqq kkqq () 0x557 org *** * : *** You need a valid account and a writable directory. *** * Complie : cl Servu.c * Usage : Servu <-i ip> <-t type> [-u user] [-p pass] [-d dir] [-f ftpport] [-c cbhost] [-s shellport] *------------------------------------------------------------------------ */ lion lion () cnhonker net 2004-02-02
Attachment:
servu.c
Description:
Current thread:
- [HUC] Serv-U FTPD 3.x/4.x "SITE CHMOD" Command remote exploit V2.0 lion (Feb 02)