Full Disclosure mailing list archives
Re: /Claimed/ remote root exploit in Pureftpd
From: Jedi/Sector One <j () pureftpd org>
Date: Sat, 14 Jun 2003 08:45:49 +0159
On Sat, Jun 14, 2003 at 01:55:01AM +0530, Devdas Bhagat wrote:
<dilema> PureFTPD (1.x.x) linux/x86 remote ROOT exploit. <dilema> !PRIVATE!***!PRIVATE!***!PRIVATE!***!PRIVATE!***!PRIVATE!***!PRIVATE!***!PRIVATE! <dilema> MUHAHAHAHA <dilema> lmao it's an 0-day fizewl <dilema> Linux/x86 PureFTPD remote exploit. <dilema> usage: ./pure [options] <dilema> -c remote host to connect to <dilema> -o remote port to use <dilema> -u remote username <dilema> -p remote password <dilema> -i get the password interactively <dilema> -t predefined target ("-t list" to list all targets) <dilema> -d writeable directory <dilema> -l shellcode address <dilema> -v debug level [0-2] <dilema> -s seconds to sleep after login (debugging purposes) <dilema> -h display this help
Unless it is something totally different with exactly the same name and the same help text, this fake 0 day is at least 6 months old. You can grab it here : ftp://ftp.fr.pureftpd.org/misc/pureftps-fake.c That one relies on things that don't even exist in Pure-FTPd like CWD globbing. Also as non-printable characters are replaced by underscores, the shellcode should be at least changed a bit to be credible. -- __ /*- Frank DENIS (Jedi/Sector One) <j () 42-Networks Com> -*\ __ \ '/ <a href="http://www.PureFTPd.Org/"> Secure FTP Server </a> \' / \/ <a href="http://www.Jedi.Claranet.Fr/"> Misc. free software </a> \/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- /Claimed/ remote root exploit in Pureftpd Devdas Bhagat (Jun 13)
- Re: /Claimed/ remote root exploit in Pureftpd Jedi/Sector One (Jun 13)