| ଶୀର୍ଷକ | FreeFloat FTP Server 1.0 Buffer Overflow |
|---|
| ବର୍ଣ୍ଣନା | This technique works well against Windows XP Professional Service Pack 2 and 3.
This exploitation test was performed on a 32-bit Freefloat FTP server version 1.0.
For this exploit, I tried several strategies to increase the reliability of the Poc - Proof Of Concept.
Sending an excessive amount of data through the "MDELETE" command, the application crashes, indicating the Buffer Overflow condition.
Then, the offset amount was identified by using msf-pattern_create -l 1000
And then by using msf-pattern_offset -q to discover the offset amount.
After discovering the offset amount, it was necessary to adjust the data in the stack.
To advance in the exploit , mona was used, together with the command !mona jmp -r esp -n to discover a JMP ESP address, in this case it was 0x7c86467b.
Then I used the removal of the main badchars: 0x00\0x0a\0x0d I did not perform a search for badchars through bytearray, because I already knew the environment I was working in.
Finally, I added 20 nops and generated the shellcode with msfvenom
Successful exploitation of these issues could allow attackers to obtain a remote shell on the system. |
|---|
| ଉତ୍ସ | ⚠️ https://fitoxs.com/exploit/exploit-fb7e880a8c21bdec1f4d3953a2c57bcc582b95ffc83513c7d709f45c15d60504.txt |
|---|
| ଉପଭୋକ୍ତା | Fernando Mengali (UID 83791) |
|---|
| ଦାଖଲ | 05/07/2025 02:57 AM (10 ମାସ[ସମ୍ପାଦନା] ago) |
|---|
| ମଧ୍ୟମ ଧରଣର | 05/15/2025 06:05 PM (9 days later) |
|---|
| ସ୍ଥିତି | ଗ୍ରହଣ କରାଯାଇଛି |
|---|
| VulDB ଏଣ୍ଟ୍ରି | 309101 [FreeFloat FTP Server 1.0 MDELETE Command ବଫର୍ ଓଭରଫ୍ଲୋ] |
|---|
| ପଏଣ୍ଟ | 20 |
|---|