CVE-2010-4221 PoC — ProFTPD栈缓冲区溢出漏洞

Source

https://github.com/M41doror/cve-2010-4221

Associated Vulnerability

Title:ProFTPD栈缓冲区溢出漏洞 (CVE-2010-4221)
Description:Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a (1) FTP or (2) FTPS server.

Description

This exploit was written to study some concepts, enjoy!

Readme

# cve-2010-4221
This exploit was written to study some concepts, enjoy!

## Usage

    Proftpd Telnet IAC remote generic exploit
    Writen by: F0rb1dd3n

    Usage: ./proftpd-exploit <target IP> <target PORT> <attack type>

    Attack Types:   0 - Socket Reuse
                    1 - Reverse Shell
                    2 - Bind Shell
                    3 - Your own shellcode (raw format)



Just type the target IP, PORT and the type of attack that you chose. The program will ask for another informations like: localhost, local port or remote bind port!

## Disclaimer

You don't need to set a listener for Reverse Shell, because the exploit will handle it for you. 
If you choose to use your own shellcode, you will need to set your listener!

File Snapshot


 [4.0K]  /data/pocs/f8eff6f9cf0779889f5ed02cb044457913044041
├── [4.8K]  hacking.h
├── [ 34K]  LICENSE
├── [2.2M]  proftpd_1.3.3a-4_i386.deb
├── [ 33K]  proftpd-exploit
├── [ 26K]  proftpd-exploit.c
└── [ 748]  README.md

0 directories, 6 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!