| 제목 | PCMan FTP Server 2.0.7 Buffer Overflow |
|---|
| 설명 | This technique works well against Windows XP Professional Service Pack 2 and 3.
For this exploit, I tried several strategies to increase the reliability of the Poc - Proof Of Concept.
Sending an excessive amount of data through the "RNTO" command, the application crashes, indicating the Buffer Overflow condition.
Then, the offset amount was identified by using msf-pattern_create -l 3000
And then by using msf-pattern_offset -q to discover the offset amount.
After discovering the offset amount, it was necessary to adjust the data in the stack.
To advance in the exploit , mona was used, together with the command !mona jmp -r esp -n to discover a JMP ESP address, in this case it was 0x74e32fd9.
Then I used the removal of the main badchars: 0x00\0x0a\0x0d I did not perform a search for badchars through bytearray, because I already knew the environment I was working in.
Finally, I added 20 nops and generated the shellcode with msfvenom
Successful exploitation of these issues could allow attackers to obtain a remote shell on the system. |
|---|
| 원천 | ⚠️ https://fitoxs.com/exploit/exploit-0c70a8b6f3e2d1312bbfa8fcb8e44c802394c3adfb7c1f860a18e9fdc88d8e9c3.txt |
|---|
| 사용자 | Fernando Mengali (UID 83791) |
|---|
| 제출 | 2025. 04. 17. PM 11:23 (12 개월 ago) |
|---|
| 모더레이션 | 2025. 05. 05. PM 01:56 (18 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 307396 [PCMan FTP Server 2.0.7 RNTO Command 메모리 손상] |
|---|
| 포인트들 | 20 |
|---|