Credits to Patrick Thomassen for the bug discovery.
Tested working.
visit DFind.org if you want the source file.
Full Version: Serv-u 5.2 And Prior , "stou" Dos Exploit
thanks
excellent 
Thx for your share
Thx for your share
| QUOTE (illusion6 @ Sep 13 2004, 07:05 PM) |
| thanks |
I'm quite sure this is stressed by all members here... please do not reply with a simple 'thanks'. Be more creative in your response, it's not so hard to throw in a few more words, and *pow*.. you have a sentence.
Anyway, back on topic, thanks for the exploit 101. There's also been 2 other exploits posted, but the more the merrier.. more to learn from
thx 4 the exploit, i'll test it
This exploit can be stopped by using ServuEvent.dll and adding the following in permissions:
[Permissions]
STOU AUX=DENY|*|*
the other devices can be blocked in a similar way.
I will add this in my ServuExploitStopper.dll to block this potential exploit.
The idea is very simple, tank you for sharing it.
[Permissions]
STOU AUX=DENY|*|*
the other devices can be blocked in a similar way.
I will add this in my ServuExploitStopper.dll to block this potential exploit.
The idea is very simple, tank you for sharing it.
how can i get a shell with this exploit? or is it only for shutting down servu?
actually , you can't , but soon prolly.
| QUOTE (Crazycold @ Sep 13 2004, 12:19 PM) |
| how can i get a shell with this exploit? or is it only for shutting down servu? |
now it's just a dos exploit, so it just kill servu...
| QUOTE (101 @ Sep 13 2004, 12:24 PM) |
| actually , you can't , but soon prolly. |
i think we cant expect any code execution for this bug because:
correct me if thats wrong , but this isnt a buffer overflow.it is an exception handling error and i think we cant execute code trough it.
im not sure but i guess code execution is only possible if u overflow the buffer and paste ur code in the next part of the memory and this is not the case here.
damn buffer overflows sound diffucult
so long
usch
Thanks Class !
je vais tester !
je vais tester !
@FTPServerTools
do u mean put that in ur .ini cuz i don't have that .dll in my serv-u folder?
do u mean put that in ur .ini cuz i don't have that .dll in my serv-u folder?
| QUOTE (Hellraiseruk @ Sep 13 2004, 05:58 PM) |
| @FTPServerTools do u mean put that in ur .ini cuz i don't have that .dll in my serv-u folder? |
can't find it either in my serv-U installation folder....any help would be appreciated
| QUOTE (mortello @ Sep 13 2004, 06:20 PM) | ||
can't find it either in my serv-U installation folder....any help would be appreciated |
google knows it all
heres the dll file: http://ftpservertools.tripod.com/ServuEvent.zip
Add this lines to your servu ini file:
| CODE |
| [EXTERNAL] EventHookDll1=Servuevent.dll |
All you need in servuevent.ini is:
| CODE |
| [Permissions] STOU=DENY|*|* |
this will block all stou commands...
upload the Servuevent.dll and ServuEvent.ini in the same folder as servu is, restart servu, and its fixed
| CODE |
| [L] stou com1 [L] 550 Command access denied |
Thanks dominator.,...should have consulted that dear google friend
thanks
Direct linking doesn't seem to work, so go there : http://ftpservertools.tripod.com/downloads.htm
got it using servuEvent.dll on google.....other links may get found...
thanks
Direct linking doesn't seem to work, so go there : http://ftpservertools.tripod.com/downloads.htm
got it using servuEvent.dll on google.....other links may get found...
cheerz guyz
hi!
i tested it against 5.1 and it worked. servu crashed. thx for this exploit i think we don't have to wait long until there will be one with a "shell" function.. we'll see it.
cya
noname
i tested it against 5.1 and it worked. servu crashed. thx for this exploit i think we don't have to wait long until there will be one with a "shell" function.. we'll see it.
cya
noname
Apparently you all found it indeed.
another blocking option is:
[Permissions]
STOU=DENY|%[ArgsAll]|COM1
STOU=DENY|%[ArgsAll]|COM2
etc...
this would cause a STOU COM1 block.
etc..
Quite simple...
another blocking option is:
[Permissions]
STOU=DENY|%[ArgsAll]|COM1
STOU=DENY|%[ArgsAll]|COM2
etc...
this would cause a STOU COM1 block.
etc..
Quite simple...
I have updated ServuExploitStopper.dll to block the STOU crash attempts. Apparently the lousy virus checker called sophos identifies it as a trojan which it isnt. I guess all of you know how to use google.
Tested & Worked
TnX
TnX
| QUOTE (Dominater @ Sep 13 2004, 07:11 PM) | ||||||||||
google knows it all heres the dll file: http://ftpservertools.tripod.com/ServuEvent.zip Add this lines to your servu ini file:
All you need in servuevent.ini is:
this will block all stou commands... upload the Servuevent.dll and ServuEvent.ini in the same folder as servu is, restart servu, and its fixed
|
Thanx for this info
need it much more than the DOS exploit
| QUOTE (FTPServerTools @ Sep 13 2004, 06:03 AM) |
| This exploit can be stopped by using ServuEvent.dll and adding the following in permissions: [Permissions] STOU AUX=DENY|*|* the other devices can be blocked in a similar way. I will add this in my ServuExploitStopper.dll to block this potential exploit. The idea is very simple, tank you for sharing it. |
Thanx 4 this very nice tip m8 !
This is very usefull.
i dont't understand
can i get shell with this exploit
or it just shut-off serv-u?
can i get shell with this exploit
or it just shut-off serv-u?
| QUOTE (ConfigSys @ Sep 26 2004, 05:00 PM) |
| i dont't understand can i get shell with this exploit or it just shut-off serv-u? |
Its a DOS as in Deniel of Service. With this specific exploit it will crash the ftp server.
Unless of course the serv-u in question is running ServuExploitStopper.dll or has the command blocked in ServuEvent.dll (both options work of course).
Ok
TnX
TnX
can someone share it again please ?
merci
merci
ServuEventStopper is a blocker against the exploit. The STOU exploit can never give you shell access, all it does is crash servu. And it is fixed in 5.2.0.1
QUOTE(FTPServerTools @ Nov 8 2004, 09:23 AM)
ServuEventStopper is a blocker against the exploit. The STOU exploit can never give you shell access, all it does is crash servu. And it is fixed in 5.2.0.1
yes, mouton, you have very nice stuff
all you serv-u and ftp server freaks be sure to check his other tools as well
very nice indeed
link has been posted (several times
) in this thread
thx 
DarKFiR3 read the forum rules, no thx! posts.
I am giving you a warning point, let this be a lesson to you all...I see way to many thanks posts in this post.
I am giving you a warning point, let this be a lesson to you all...I see way to many thanks posts in this post.
Download doesnt work. 
can somebody pls up it at rapidshare.de or sth???
can somebody pls up it at rapidshare.de or sth???
thx
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
