ProFTPD 1.2.9rc2 ASCII File Remote Root Exploit


/* proftpd 1.2.7/1.2.9rc2 remote root exploit by bkbll (bkbll#cnhonker.net, 2003/10/1)
* for FTP_ProFTPD_Translate_Overflow found by X-force
* happy birthday, China.
* this code is dirty, there are more beautiful exploits of proftpd for this vuln in the world.
* this code want to provied u a method, not finally exploit.
* using overflow _xlate_ascii_write function return address.
* because the overflow is before it connecting to our port,so I have no method for using current socket.
* and I have provied two method:bind port and connect back.
*/

"* this code want to provied u a method, not finally exploit."

Someone has a good (and final) exploit for this file ?, just a src or link ? ..... big Thx


EDIT:
This header Found on K-OTIK !!!
http://www.k-otik.com/exploits/10.04.proft...pd_xforce.c.php

I didnt know there were ppl that didn't know k-otik

/*
ProFTPd 1.2.7 - 1.2.9rc2 remote r00t exploit
--------------------------------------------------

This exploit builds on the work of bkbll to
create a working, brute-force remote exploit
for the \n procesing bug in ProFTPd.

Tested on SuSE 8.0, 8.1 and RedHat 7.2/8.0
it works quite well... the RedHat boxes
worked on stack addresses in the 0xbffff2xx
region; the SuSE boxes were somewhat earlier
in the stack space - around 0xbfffe8xx.

This is the only public version you'll see
from Haggis@Doris - but it is very likely
that more powerful private versions will
be coded.

At present, this exploit breaks chroot (if
any) and spawns a shell bound to port 4660.
--------------------------------------------------

http://www.k-otik.com/exploits/10.13.proft..._put_down.c.php

Thx

Any Compiled version for windows?

i'm lookin for a compiled version too