<Information Author="Blake" Date="August 23 2011" Vulnerability="N/A"> Free Float FTP Server USER Command Remote Buffer Overflow Exploit when parsing the command 'USR', which leads to a stack based overflow. Also Free Float FTP Server allow remote anonymous login by default exploiting these issues could allow an attacker to compromise the application, access or modify data. </Information>
erm, sorry this dont count, it should be IN the code, not, after running it :P thats bs mate, and i wont agree with your crap, until you see my point really. It is, something you write, compared to running thwe GUI.. xd On 6 October 2011 10:47, Juan Sacco <[email protected]> wrote: > Hey, > Its really a shame that you didn't even take like 2 minutes to watch the > source code of Exploit Pack before create an opinion. > This can't be a copy of CANVAS. Canvas is made on Python. Exploit Pack > JAVA. See the diference? Also, please take a look at the interface design, > both are really different. Show me where Exploit Pack is similar to Canvas! > I think you spent too much time looking for Waldo :-D > > We respect the exploit author and that is why I add them at the first line > of the XML file > You should run the program before creating this crappy post with your > nonsense opinions ( Harassing the free work of others, you wrote lke 5 - 6 > insulting posts in like.. 2 minutes?.. Dude go find a girl, come on ) > > Take a look if you want: > > <?xml version="1.0" encoding="UTF-8"?> > <Module> > > <Exploit NameXML="Free Float FTP Server" CodeName="FreeFloatFTPServer.py" > Platform="windows" Service="ftp" Type="remote" RemotePort="21" LocalPort="" > ShellcodeAvailable="R" ShellPort="4444" SpecialArgs=""> > </Exploit> > > <Information Author="Blake" Date="August 23 2011" Vulnerability="N/A"> > Free Float FTP Server USER Command Remote Buffer Overflow Exploit > when parsing the command 'USR', which leads to a stack based overflow. Also > Free Float FTP Server allow remote anonymous login by default > exploiting these issues could allow an attacker to compromise the > application, access or modify data. > </Information> > > JSacco > > On Wed, Oct 5, 2011 at 8:16 PM, xD 0x41 <[email protected]> wrote: > >> Heya jeff, >> The author is clearly not smart. >> He is copying other codes, this is a plain rip off of canvas...hehe... and >> same with his insect pro... he stole metasplit for tht one, then he wants >> repect, when we see him removing simplly one line wich would atleast say a >> ty and, show [ppl who writes, is maybe sometimes stabler than other authors, >> it would be better to have this in, not out.. he should be able to see thats >> how it works with exploit code/pocs in general... sometimes, if i see php >> code from one person, i will tend to look, but if it was from an unknown >> person, i prolly wouldnt. >> But this (open sauce) project, i will download and waste 5minutes on. >> Then illm go back to Backbox and BT5 and things wich work :) >> hehe >> (this guy is really mad about his app... and i mean, dang mad angry! I >> will buy some tissues and send to him, that is my donation for his app) >> :)) >> xd >> >> >> On 6 October 2011 08:59, Jeffrey Walton <[email protected]> wrote: >> >>> On Wed, Oct 5, 2011 at 5:32 AM, root <[email protected]> wrote: >>> > - * @author Stefan Zeiger ([email protected]) >>> > - print " Written by Blake " >>> > - <Information Author="Blake" Date="August 23 2011" >>> Vulnerability="N/A"> >>> > >>> > +#Exploit Pack - Security Framework for Exploit Developers >>> > +#Copyright 2011 Juan Sacco http://exploitpack.com >>> > +# >>> > +#This program is free software: you can redistribute it and/or modify >>> > it under the terms of the >>> > +#GNU General Public License as published by the Free Software >>> > Foundation, either version 3 >>> > +#or any later version. >>> > +# >>> > +#This program is distributed in the hope that it will be useful, but >>> > WITHOUT ANY WARRANTY; >>> > +#without even the implied warranty of MERCHANTABILITY or FITNESS FOR A >>> > PARTICULAR >>> > +#PURPOSE. See the GNU General Public License for more details. >>> > +# >>> > +#You should have received a copy of the GNU General Public License >>> > along with this program. >>> > +#If not, see http://www.gnu.org/licenses/ >>> GPL V3 - they had to encumber it to set it free? >>> >>> _______________________________________________ >>> Full-Disclosure - We believe in it. >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>> Hosted and sponsored by Secunia - http://secunia.com/ >>> >> >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > > > > -- > _________________________________________________ > Insecurity Research - Security auditing and testing software > Web: http://www.insecurityresearch.com > Insect Pro 2.5 was released stay tunned > > >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
