| عنوان | PCMan FTP 2.0.7 Buffer Overflow |
|---|
| الوصف | This technique works well against Windows XP Professional Service Pack 2 and 3.
For this exploit, I tried several strategies to increase the reliability of the Poc - Proof Of Concept.
Sending an excessive amount of data through the "MPUT" command, the application crashes, indicating the Buffer Overflow condition.
Then, the offset amount was identified by using msf-pattern_create -l 3000
And then by using msf-pattern_offset -q to discover the offset amount.
After discovering the offset amount, it was necessary to adjust the data in the stack.
To advance in the exploit, mona was used, together with the command !mona jmp -r esp -n to discover a JMP ESP address, in this case it was 0x74e32fd9.
Then I used the removal of the main badchars: 0x00\0x0a\0x0d I did not perform a search for badchars through bytearray, because I already knew the environment I was working in.
Finally, I added 20 nops and generated the shellcode with msfvenom
Successful exploitation of these issues could allow attackers to obtain a remote shell on the system. |
|---|
| المصدر | ⚠️ https://fitoxs.com/exploit/exploit-8d31b9e55c1c3d8f2cbf62e3e218f50b.txt |
|---|
| المستخدم | Fernando Mengali (UID 83791) |
|---|
| ارسال | 08/04/2025 04:17 PM (1 سنة منذ) |
|---|
| الاعتدال | 17/04/2025 02:44 PM (9 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 305396 [PCMan FTP Server 2.0.7 MPUT Command تلف الذاكرة] |
|---|
| النقاط | 20 |
|---|